apiman suitable for managing end users?
by Tim Dudgeon
Hi
I've been looking into apiman and like what I see, but have a conceptual
question about its usage.
I need something to manage the end users of my applications, not just
the people who are developing and managing those applications. Is apiman
suitable for this? e.g. each actual user of the applications would
register to apiman and use their own access keys. I need this as I will
want to handle metrics and usage on the level of the individual user.
Also, if this was to be a sensible approach how does one configure the
registration process. I understand apiman is using keycloak for this,
but I see no link in the UI to configure keycloak. And I would need a
way that new users could automatically be assigned to an organisation
(e.g. a default organisation, or a specific one based on their email
address).
Tim
8 years, 8 months
Apiman 1.1.8 and Wildfly 9?
by Guy Davis
Good day,
I'm currently using Keycloak 1.5.0 (on Wildfly 9) and am wondering whether
APIman 1.1.8 overlay will work on Wildfly 9? Any known issues here?
Thanks in advance,
Guy
8 years, 8 months
Demo - use case covering Apiman/Keycloak with Apache Camel
by Charles Moulliard
Hi,
Finally, I have been able to finish to develop a demo/lab (step by step
guide) covering Apiman/Keycloak to secure Apache Camel REST Endpoints
according to different scenari deployed within JBoss Fuse.
The project is available here :
https://github.com/FuseByExample/rest-dsl-in-action#security-governance-w...
Some info about the project :
- Expose CRUD REST Services using the new Apache Camel REST DSL Syntax
- Upload data from a CSV file to create blog articles using camel bindy
component and ElasticSearch Service
- Collect the data received (= JSon Blog Article) and save the data
using the insight-eleasticsearch no sql database available with JBoss
Fuse Fabric
- Display the data and query them using the Kibana Web Dashboard -
https://github.com/FuseByExample/rest-dsl-in-action/blob/master/images/da...
- Document the REST Services using Swagger API -
https://github.com/FuseByExample/rest-dsl-in-action/blob/master/images/sw...
- Authenticate and authorize the incoming HTTP requests using ApiMan
(Security Management Platform) according to these use cases; No
authentication (pass through), Basic Authentication -
https://github.com/FuseByExample/rest-dsl-in-action/blob/master/readme.ad...,
Oauth2 Authentication, Oauth2 & Role based -
https://github.com/FuseByExample/rest-dsl-in-action/blob/master/readme.ad...
Your remarks and comments are welcome
Regards,
--
Charles Moulliard
Principal Solution Architect / JBoss Fuse Expert - Global Enablement @redhat
cmoulliard(a)redhat.com | work: +31 205 65 12 84 | mobile: +32 473 604 014
MC-Square Business "Stockholm", Leonardo Da Vincilaan 19, Diegem 1831 -
Belgium
twitter: @cmoulliard <http://twitter.com/cmoulliard> | blog:
cmoulliard.github.io <http://cmoulliard.github.io>
committer: apache camel, karaf, servicemix, hawtio, fabric8, drools,
jbpm, deltaspike
8 years, 9 months
Issue with basic authentication policy - version 1.1.7.Final
by Charles Moulliard
Hi,
When I try to add a new security policy using Basic Authentication with
ApiMan 1.1.7.Final , the button "add the policy" is disabled (see
screenshot attached) within this screen
"http://localhost:8080/apimanui/api-manager/orgs/fuse/services/blog-servic..."
even if a static user has been added. Is it a known issue solved within
1.1.8.Final ?
Regards,
--
Charles Moulliard
Principal Solution Architect / JBoss Fuse Expert - Global Enablement @redhat
cmoulliard(a)redhat.com | work: +31 205 65 12 84 | mobile: +32 473 604 014
MC-Square Business "Stockholm", Leonardo Da Vincilaan 19, Diegem 1831 -
Belgium
twitter: @cmoulliard <http://twitter.com/cmoulliard> | blog:
cmoulliard.github.io <http://cmoulliard.github.io>
committer: apache camel, karaf, servicemix, hawtio, fabric8, drools,
jbpm, deltaspike
8 years, 9 months
Apiman & Swagger error (Version 1.1.8.Final)
by Charles Moulliard
Hi,
I have added a Swagger Spec Document - version 2.0 (json) -
https://github.com/FuseByExample/rest-dsl-in-action/blob/master/swagger/s...
but I don't see it at this address
(http://localhost:8080/apimanui/api-manager/browse/orgs/fuse/blog-service/1.0)
within the Web UI of Apiman. Instead this message is reported " This
service does not have a service definition file. Contact the service
provider and ask them to supply a valid service definition!"
This error is generated within the console of the web browser
TypeError: window.swaggerUi is not defined
at Object.window.authorizations.add (swagger-ui.js:230)
at apiman-manager.js:2252
at apiman-manager.js:1123
at processQueue (angular.js:13300)
at angular.js:13316
at Scope.$eval (angular.js:14552)
at Scope.$digest (angular.js:14368)
at Scope.$apply (angular.js:14657)
at done (angular.js:9734)
at completeRequest (angular.js:9924)
What is the problem as the service defintion (= json file) works very
well in a Swagger UI standalone Web Server ?
Regards,
--
Charles Moulliard
Principal Solution Architect / JBoss Fuse Expert - Global Enablement @redhat
cmoulliard(a)redhat.com | work: +31 205 65 12 84 | mobile: +32 473 604 014
MC-Square Business "Stockholm", Leonardo Da Vincilaan 19, Diegem 1831 -
Belgium
twitter: @cmoulliard <http://twitter.com/cmoulliard> | blog:
cmoulliard.github.io <http://cmoulliard.github.io>
committer: apache camel, karaf, servicemix, hawtio, fabric8, drools,
jbpm, deltaspike
8 years, 9 months
Failing Service
by Fadi Abdin
Hey Guys,
for one of the setup servers , i have woke up friday with a failing service
.. nothing really changed overnight on Friday
/3.1/....
All i did is create a new version of the service and publishing it
/3.2/....
and here is my exception, do you have any explanation or thinks might make
this happened that i can investigate and avoid ? :
io.apiman.gateway.engine.beans.exceptions.InvalidServiceException:
Service not found.
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:261)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:255)
at io.apiman.gateway.engine.impl.SecureRegistryWrapper$1.handle(SecureRegistryWrapper.java:107)
at io.apiman.gateway.engine.impl.SecureRegistryWrapper$1.handle(SecureRegistryWrapper.java:97)
at io.apiman.gateway.engine.es.ESRegistry$10.completed(ESRegistry.java:415)
at io.apiman.gateway.engine.es.ESRegistry$10.completed(ESRegistry.java:407)
at io.searchbox.client.http.JestHttpClient$DefaultCallback.completed(JestHttpClient.java:195)
at io.searchbox.client.http.JestHttpClient$DefaultCallback.completed(JestHttpClient.java:178)
at org.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:119)
at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:177)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:412)
at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:305)
at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:116)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:164)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:339)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:317)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:278)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:590)
at java.lang.Thread.run(Thread.java:745)
8 years, 9 months
Production guide
by Fadi Abdin
Hi Eric,
I have been following your documentation for production setup
http://www.apiman.io/latest/production-guide.html# ..
and it worked successfully. i want to clarify something.
Now i have API Manager data stored in the apiman database , which is great
, i can copy it and all that .. but from how i see , when you publish an
api , it will be published to the gateway and the gateway stores the data
in elastic search !! ? I might be missing something.
How do i force a refresh from the apiman to gateway ? or do i need to clear
elastic search data !
Sorry if i completely missunderstand something.
Thanks,
Fadi
8 years, 9 months
Exceptions
by Fadi Abdin
Things get to work for a while and break .. Is anyone using apiman in
production yet ?? I'm wondering how reliable it is to be used yet .. i can
not get it to be stable for a week without problems ..
java.lang.ClassCastException:
io.apiman.plugins.keycloak_oauth_policy.beans.KeycloakOauthConfigBean
cannot be cast to
io.apiman.plugins.keycloak_oauth_policy.beans.KeycloakOauthConfigBean
at io.apiman.plugins.keycloak_oauth_policy.KeycloakOauthPolicy.doApply(KeycloakOauthPolicy.java:48)
at io.apiman.gateway.engine.policies.AbstractMappedPolicy.apply(AbstractMappedPolicy.java:71)
at io.apiman.gateway.engine.policy.RequestChain.applyPolicy(RequestChain.java:65)
at io.apiman.gateway.engine.policy.Chain.doApply(Chain.java:148)
at io.apiman.plugins.cors_policy.CorsPolicy.doApply(CorsPolicy.java:88)
at io.apiman.plugins.cors_policy.CorsPolicy.doApply(CorsPolicy.java:40)
at io.apiman.gateway.engine.policies.AbstractMappedPolicy.apply(AbstractMappedPolicy.java:71)
at io.apiman.gateway.engine.policy.RequestChain.applyPolicy(RequestChain.java:65)
at io.apiman.gateway.engine.policy.Chain.doApply(Chain.java:148)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$2.handle(ServiceRequestExecutorImpl.java:247)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$2.handle(ServiceRequestExecutorImpl.java:198)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$5.handle(ServiceRequestExecutorImpl.java:392)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$5.handle(ServiceRequestExecutorImpl.java:362)
at io.apiman.gateway.engine.policy.PolicyFactoryImpl.loadPolicy(PolicyFactoryImpl.java:81)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.loadPolicies(ServiceRequestExecutorImpl.java:362)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.access$1400(ServiceRequestExecutorImpl.java:77)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:270)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl$3.handle(ServiceRequestExecutorImpl.java:255)
at io.apiman.gateway.engine.impl.SecureRegistryWrapper$1.handle(SecureRegistryWrapper.java:107)
at io.apiman.gateway.engine.impl.SecureRegistryWrapper$1.handle(SecureRegistryWrapper.java:97)
at io.apiman.gateway.engine.es.CachingESRegistry.getService(CachingESRegistry.java:175)
at io.apiman.gateway.engine.impl.SecureRegistryWrapper.getService(SecureRegistryWrapper.java:97)
at io.apiman.gateway.engine.impl.ServiceRequestExecutorImpl.execute(ServiceRequestExecutorImpl.java:254)
at io.apiman.gateway.platforms.servlet.GatewayServlet.doAction(GatewayServlet.java:236)
at io.apiman.gateway.platforms.servlet.GatewayServlet.doGet(GatewayServlet.java:82)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
8 years, 9 months
Announcement: apiman 1.1.8.Final
by Eric Wittmann
Hey everyone.
Today we released apiman version 1.1.8.Final. This release is primarily
a bug-fix release (no new significant features are planned for 1.1.x).
You can see the release notes here:
http://red.ht/1igFSrj
We're continuing to work on the 1.2.x branch of apiman, where we should
have some cool new features coming soon.
-Eric
8 years, 9 months