This section explains how to attach a custom workflow to the application creation operation in WSO2 API Manager (WSO2 API-M). First, see Workflow Extensions for information on different types of workflow executors.
...
| Localtabgroup |
|---|
| Localtab |
|---|
| active | true |
|---|
| id | UsingEI |
|---|
| title | Using WSO2 EI |
|---|
| | Tip |
|---|
Before you begin, if you have changed the API Manager's default user and role, make sure you do the following changes: - Change the credentials of the workflow configurations in the following registry resource:
_system/governance/apimgt/applicationdata/workflow-extensions.xml. - Point the database that has the API Manager user permissions to BPS.
- Share any LDAPs, if any exist.
Unzip the <API-M>/business-processes/application-creation/HumanTask/ApplicationsApprovalTask-1.0.0.zip file, update the role as follows in the ApplicationsApprovalTask.ht file, and ZIP the ApplicationsApprovalTask-1.0.0 folder. | Code Block |
|---|
| <htd:argument name="role">
[new-role-name]
</htd:argument> |
|
Configuring the Business Process Server- Download WSO2 Business Process ServerEnterprise Integrator.
Set an offset of 2 to the default BPS port in the <EI_HOME>/wso2/repositorybusiness-process/conf/carbon.xml file. This prevents port conflicts that occur when you start more than one WSO2 product on the same server. For more information, see Changing the Default Ports with Offset. | Code Block |
|---|
| <Offset>2</Offset> |
| Tip |
|---|
Tip: If you change the BPS port offset to a value other than 2 or run WSO2 API-M and WSO2 BPS EI on different machines (therefore, want to set the hostname to a different value than localhost), you need to search and replace the value 9765 in all the files ( .epr) inside the <API-M_HOME>/business-processes directory with the new port (i.e., the value of 9763 + <port-offset>). |
Open the <EI_HOME>/repository<EI_HOME>/wso2/business-process/conf/humantask.xml file and <EI_HOME>/repository<EI_HOME>/wso2/business-process/conf/b4p-coordination-config.xml file and set the TaskCoordinationEnabled property to true. | Code Block |
|---|
| <TaskCoordinationEnabled>true</TaskCoordinationEnabled> |
Copy the following from the <API-M_HOME>/business-processes/epr directory to the <EI_HOME><EI_HOME>/wso2/business-process/repository/conf/epr directory. If the <EI_HOME> | Note |
|---|
- If the
<EI_HOME>/wso2/business-process/repository/conf/epr
|
directory - directory does not exist, create it.
|
note- Make sure to give the correct credentials in the
<BPS-
<EI_HOME>/wso2/business-process/repository/conf/epr files.
| Update the <API-M<EI_HOME>/business-processes/epr/ApplicationCallbackService.epr file according to API Manager. | Code Block |
|---|
<wsa:Address>https://localhost:8243/services/WorkflowCallbackService</wsa:Address> |
Update the <API-M<EI_HOME>/business-processes/epr/ApplicationService.epr file according to EI. | Code Block |
|---|
<wsa:Address>http://localhost:9765/services/ApplicationService</wsa:Address> |
Start the BPS server and EI server and sign in to the Management Console (https://<Server Host>:9443+<port-offset>/carbon). | Warning |
|---|
If you are using Mac OS with High Sierra, you may encounter the following warning when logging in to the Management Console due to a compression issue that exists in the High Sierra SDK. | Code Block |
|---|
WARN {org.owasp.csrfguard.log.JavaLogger} - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:xxx.xxx.xx.xx, method:POST, uri:/carbon/admin/login_action.jsp, error:required token is missing from the request) |
To avoid this issue, open the <BPS<EI_HOME>/wso2/repositorybusiness-process/conf/tomcat/catalina-server.xml file and change the compression="on" to compression="off" in the Connector configuration, and restart the BPSEI. |
- Click Add under Processes and upload the
<API-M_HOME>/business-processes/application-creation/BPEL/ApplicationApprovalWorkFlowProcess_1.0.0.zip file to BPSEI.
This is the business process archive file.
 - Select Add under the Human Tasks menu and upload the
<API-M_HOME>/business-processes/application-creation/HumanTask/ApplicationsApprovalTask-1.0.0.zip file to BPSEI.
This is the human task archived file.
|
| Localtab |
|---|
| id | UsingBPS |
|---|
| title | Using WSO2 BPS |
|---|
| | Tip |
|---|
Before you begin, if you have changed the API Manager's default user and role, make sure you do the following changes: - Change the credentials of the workflow configurations in the following registry resource:
_system/governance/apimgt/applicationdata/workflow-extensions.xml. - Point the database that has the API Manager user permissions to BPS.
- Share any LDAPs, if any exist.
Unzip the <API-M>/business-processes/application-creation/HumanTask/ApplicationsApprovalTask-1.0.0.zip file, update the role as follows in the ApplicationsApprovalTask.ht file, and ZIP the ApplicationsApprovalTask-1.0.0 folder. | Code Block |
|---|
| <htd:argument name="role">
[new-role-name]
</htd:argument> |
|
Configuring the Business Process Server- Download WSO2 Enterprise Integrator .
Set an offset of 2 to the default BPS port in the <BPS_HOME>/repository/conf/carbon.xml file. This prevents port conflicts that occur when you start more than one WSO2 product on the same server. For more information, see Changing the Default Ports with Offset. | Code Block |
|---|
| <Offset>2</Offset> |
| Tip |
|---|
Tip: If you change the BPS port offset to a value other than 2 or run WSO2 API-M and WSO2 BPS on different machines (therefore, want to set the hostname to a different value than localhost), you need to search and replace the value 9765 in all the files ( .epr) inside the <API-M_HOME>/business-processes directory with the new port (i.e., the value of 9763 + <port-offset>). |
Open the <BPS_HOME>/repository/conf/humantask.xml file and <BPS_HOME>/repository/conf/b4p-coordination-config.xml file and set the TaskCoordinationEnabled property to true. | Code Block |
|---|
| <TaskCoordinationEnabled>true</TaskCoordinationEnabled> |
Copy the following from the <API-M_HOME>/business-processes/epr directory to the <BPS_HOME>/repository/conf/epr directory.
If the <BPS_HOME>/repository/conf/epr directory does not exist, create it. | Note |
|---|
Make sure to give the correct credentials in the <BPS_HOME>/repository/conf/epr files. |
Update the <API-M_HOME>/business-processes/epr/ApplicationCallbackService.epr file according to API Manager. | Code Block |
|---|
<wsa:Address>https://localhost:8243/services/WorkflowCallbackService</wsa:Address> |
Update the <API-M_HOME>/business-processes/epr/ApplicationService.epr file according to BPS. | Code Block |
|---|
<wsa:Address>http://localhost:9765/services/ApplicationService</wsa:Address> |
Start the BPS server and sign in to the Management Console (https://<Server Host>:9443+<port-offset>/carbon). | Warning |
|---|
If you are using Mac OS with High Sierra, you may encounter the following warning when logging in to the Management Console due to a compression issue that exists in the High Sierra SDK. | Code Block |
|---|
WARN {org.owasp.csrfguard.log.JavaLogger} - potential cross-site request forgery (CSRF) attack thwarted (user:<anonymous>, ip:xxx.xxx.xx.xx, method:POST, uri:/carbon/admin/login_action.jsp, error:required token is missing from the request) |
To avoid this issue, open the <BPS_HOME>/wso2/repositorybusiness-process/conf/tomcat/catalina-server.xml file and change the compression="on" to compression="off" in the Connector configuration, and restart the BPS. |
- Click Add under Processes and upload the
<API-M_HOME>/business-processes/application-creation/BPEL/ApplicationApprovalWorkFlowProcess_1.0.0.zip file to BPS.
This is the business process archive file.
- Select Add under the Human Tasks menu and upload the
<API-M_HOME>/business-processes/application-creation/HumanTask/ApplicationsApprovalTask-1.0.0.zip file to BPS.
This is the human task archived file.
|
|
...
- Sign in to WSO2 API-M Management Console (
https://<Server-Host>:9443/carbon) and select Browse under Resources.
Go to the /_system/governance/apimgt/applicationdata/workflow-extensions.xml resource, disable the Simple Workflow Executor, and enable WS Workflow Executor. In addition, specify the service endpoint where the workflow engine is hosted and the credentials required to access the said service via basic authentication (i.e., username/password based authentication).
| Code Block |
|---|
|
<WorkFlowExtensions>
...
<ApplicationCreation executor="org.wso2.carbon.apimgt.impl.workflow.ApplicationCreationWSWorkflowExecutor">
<Property name="serviceEndpoint">http://localhost:9765/services/ApplicationApprovalWorkFlowProcess/</Property>
<Property name="username">admin</Property>
<Property name="password">admin</Property>
<Property name="callbackURL">https://localhost:8243/services/WorkflowCallbackService</Property>
</ApplicationCreation>
...
</WorkFlowExtensions> |
| Tip |
|---|
All the workflow process services of the BPS run on port 9765 because you changed its default port (9763) with an offset of 2. |
The application creation WS Workflow Executor is now engaged.
| Note |
|---|
| Localtabgroup |
|---|
| Localtab |
|---|
| active | true |
|---|
| id | ForEI |
|---|
| title | Using EI |
|---|
| When enabling the workflow features, make sure you import the certificate of the API Manager into the client-truststore located inside the <EI_HOME>/wso2/business-process/repository/resources/security directory. |
| Localtab |
|---|
| When enabling the workflow features, make sure you import the certificate of the API Manager into the client-truststore located inside the <BPS_HOME>/repository/resources/security directory. |
|
|
Go to the API Store, click Applications and create a new application.
It invokes the application creation process and creates a Human Task instance that holds the execution of the BPEL process until some action is performed on it.
Note that the Status field of the application states INACTIVE (Waiting for approval) if the BPEL is invoked correctly, indicating that the request is successfully submitted.
Sign in to the Admin Portal ( https://localhost:9443/admin ), list all the tasks for application creation and approve the task. It resumes the BPEL process and completes the application creation.
Go back to the Applications page in the WSO2 API Store and see the created application.
Whenever a user tries to create an application in the API Store, a request is sent to the workflow endpoint. A sample is shown below:
| Code Block |
|---|
|
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wor="http://workflow.subscription.apimgt.carbon.wso2.org">
<soapenv:Header />
<soapenv:Body>
<wor:createApplication xmlns:wor="http://workflow.application.apimgt.carbon.wso2.org">
<wor:applicationName>application1</wor:applicationName>
<wor:applicationTier>Gold</wor:applicationTier>
<wor:applicationCallbackUrl>http://webapp/url</wor:applicationCallbackUrl>
<wor:applicationDescription>Application 1</wor:applicationDescription>
<wor:tenantDomain>wso2.com</wor:tenantDomain>
<wor:userName>user1</wor:userName>
<wor:workflowExternalRef>c0aad878-278c-4439-8d7e-712ee71d3f1c</wor:workflowExternalRef>
<wor:callBackURL>https://localhost:8243/services/WorkflowCallbackService</wor:callBackURL>
</wor:createApplication>
</soapenv:Body>
</soapenv:Envelope> |
Elements of the above configuration are described below:
| Element | Description |
|---|
applicationName | Name of the application the user creates. |
applicationTier | Throttling tier of the application. |
applicationCallbackUrl | When the OAuth2 Authorization Code grant type is applied, this is the endpoint on which the callback needs to happen after the user is authenticated. This is an attribute of the actual application registered on the API Store. |
applicationDescription | Description of the application |
tenantDomain | Tenant domain associated with the application (domain of the user creating the application). |
userName | Username of the user creating the application. |
workflowExternalRef
| The unique reference against which a workflow is tracked. This needs to be sent back from the workflow engine to the API Manager at the time of workflow completion. |
callBackURL | This property is configured in the <callBackURL> element in the workflow-extensions.xml registry file. |