Versions Compared

Old Version 7

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Using the API Manager, you can configure custom workflows that get invoked at the event of a user signup, application creation, registration, subscription, etc. You do these configurations in the workflow-extensions.xml as described in the previous sections.

...

Only the users registered in the BPS can deploy BPELs and human tasks in it. Registration adds you to the user store in the BPS. In this guide, the API Manager and BPS use the same user store and all the users present in the BPS are visible to the API Manager as well. This is depicted by the diagram below:

Figure: API Manager and BPS share the same user and permission store

Warning

If you are using WSO2 BPS 3.2.0, please copy the <APIM_HOME>/repository/components/patches/patch0009 folder to the <BPS_HOME>/repository/components/patches folder and restart the BPS server for the patch to be applied. This patch has a fix to a bug that causes the workflow configurations to fail in multi-tenant environments.

This patch is built into the BPS version 3.5.0 onwards.

Follow the steps below to deploy a BPEL and a human task for a tenant in the API Manager:

Table of Contents
maxLevel4
minLevel4
printablefalse

...

  1. Create a database for the shared user and permission store as follows:

    Code Block
    languagesql
    mysql> create database workflow_ustore;
Query OK, 1 row affected (0.00 sec)
    Tip

    Make sure you copy the database driver (in this case, mysql driver) to the /repository/components/lib folder before starting each server.

  2. Run the <APIM_HOME>/dbscripts/mysql.sql script (the script may vary depending on your database type) on the database to create the required tables.

  3. Open the <APIM_HOME>/repository/conf/datasources/master-datasources.xml and create a datasource pointing to the newly created database. For example,

    Code Block
    languagexml
    <datasource>
    <name>USTORE</name>
    <description>The datasource used for API Manager database</description>
    <jndiConfig>
        <name>jdbc/ustore</name>
    </jndiConfig>
    <definition type="RDBMS">
        <configuration>
            <url>jdbc:mysql://127.0.0.1:3306/workflow_ustore?autoReconnect=true&amp;relaxAutoCommit=true</url>
            <username>root</username>
            <password>root</password>
            <driverClassName>com.mysql.jdbc.Driver</driverClassName>
            <maxActive>50</maxActive>
            <maxWait>60000</maxWait>
            <testOnBorrow>true</testOnBorrow>
            <validationQuery>SELECT 1</validationQuery>
            <validationInterval>30000</validationInterval>
        </configuration>
    </definition>
</datasource>
  4. Repeat step 3 in the BPS as well.

  5. Point the datasource name in <APIM_HOME>/repository/conf/user-mgt.xml to the new datasource. (note that the user store is configured using the <UserStoreManager> element).

    Tip

    If you already have a user store such as the lDAP in your environment, you can point to it from the user-mgt.xml file, instead of the user store that we created in step1.

    In the following example, the same JDBC user store (that is shared by both the API Manager and the BPS) is used as the permission store as well:

    Code Block
    languagexml
    <Configuration>
    <AddAdmin>true</AddAdmin>
    <AdminRole>admin</AdminRole>
        <AdminUser>
            <UserName>admin</UserName>
            <Password>admin</Password>
        </AdminUser>
    <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
    <Property name="dataSource">jdbc/ustore</Property>
</Configuration>
  6. Repeat step 5 in the BPS as well.

...

  1. Create a separate database for the registry:

    Code Block
    languagesql
    mysql> create database workflow_regdb;
Query OK, 1 row affected (0.00 sec)

  2. Run the <APIM_HOME>/dbscripts/mysql.sql script (the script may vary depending on your database type) on the database to create the required tables.

    Note

    From WSO2 Carbon Kernel 4.4.6 onwards there are two MySQL DB scripts available in the product distribution. Click here to identify as to which version of the MySQL script to use.

  3. Create a new datasource in <APIM_HOME>/repository/conf/datasources/master-datasources.xml as done before:

    Code Block
    languagexml
    <datasource>
    <name>REG_DB</name>
    <description>The datasource used for API Manager database</description>
    <jndiConfig>
        <name>jdbc/regdb</name>
    </jndiConfig>
    <definition type="RDBMS">
        <configuration>
            <url>jdbc:mysql://127.0.0.1:3306/workflow_regdb?autoReconnect=true&amp;relaxAutoCommit=true</url>
            <username>root</username>
            <password>root</password>
            <driverClassName>com.mysql.jdbc.Driver</driverClassName>
            <maxActive>50</maxActive>
            <maxWait>60000</maxWait>
            <testOnBorrow>true</testOnBorrow>
            <validationQuery>SELECT 1</validationQuery>
            <validationInterval>30000</validationInterval>
        </configuration>
    </definition>
</datasource>

  4. Add the following entries to <APIM_HOME>/repository/conf/registry.xml:

    Code Block
    languagexml
     <dbConfig name="sharedregistry">
        <dataSource>jdbc/regdb</dataSource>
 </dbConfig>
 
 <remoteInstance url="https://localhost:9443/registry">
        <id>mount</id>
        <dbConfig>sharedregistry</dbConfig>
        <readOnly>false</readOnly>
        <enableCache>true</enableCache>
        <registryRoot>/</registryRoot>
    </remoteInstance>
    <!-- This defines the mount configuration to be used with the remote instance and the target path for the mount -->
    <mount path="/_system/config" overwrite="true">
        <instanceId>mount</instanceId>
        <targetPath>/_system/nodes</targetPath>
    </mount>
  <mount path="/_system/governance" overwrite="true">
        <instanceId>mount</instanceId>
        <targetPath>/_system/governance</targetPath>
    </mount>

  5. Repeat the above three steps in the BPS as well.

...

Creating a Tenant for Authentication

Step 1: Create a registry resource in the tenant's configuration registry

  1. Start the BPS server If it is not started already.
  2. Navigate to Registry>Browse in the Main menu of the management console and click on /_system/config.

  3. Click on Entries>Add Resource and fill the form using the values listed below for guidance. See Adding a Resource for more information. 

    MethodNameMedia Type
    Create Text ContentTaskCoordinationtext/plain
  4. Click Add to finish adding the resource.

Step 2: Create username and password registry properties and define credentials

  1.  Click on the registry resource you created (Task Coordination) found under the Entries section. 

    Image Modified

  2. Add two new registry properties for the resource called "Username" and "Password", and define the tenant coordination user credentials. To do this, click Properties>Add New Property and enter the following values. See Managing Properties for more information. 

    Username PropertyPassword Property
    Name: usernameName: password
    Value: (username value)Value: (password value)

  3. Click Add to finish adding the property.

...

You have now completed configuring the Application Creation workflow for a tenant. Whenever a tenant user logs in to the tenant store and create an application, the workflow will be invoked. You log in to the Admin Portal (https://<Server Host>:9443/admin) as the tenant admin and browse Application Creation menu to see all approval tasks have been created for newly created applications. 

...