This guide demonstrates how to integrate an external WSO2 API Manager (APIM) with WSO2 G-Reg. For information on installing WSO2 API Manager features internally within WSO2 G-Reg, see Installing WSO2 API Manager Features .
Introduction
WSO2 Governance Registry is a registry-repository for storing and managing metadata related to services and other artifacts. Services (SOAP or REST) in WSO2 G-Reg are implemented as configurable governance artifacts (RXT files), which you create using the G-Reg Publisher or its Management Console. Usually, in WSO2 APIM service publication is done using the APIM Publisher Web interface. Instead, you can integrate WSO2 APIM with WSO2 G-Reg, to directly publish APIs to APIM Publisher using the services deployed in the WSO2 Governance Registry.
This guide explains how to configure the two products to expose services in the G-Reg as APIs in the APIM.
Prerequisites
Follow the steps below to set up the required prerequisites before starting the integration.
- Download WSO2 API Manager (1.9.x versions), and start the server. For instructions on running WSO2 APIM, see Running the Product.
- Download WSO2 Governance Registry (version 5.0.0 and above)
- Change the default port of WSO2 G-Reg (e.g. set a port offset of 1), to avoid port conflicts that may arise when running more than one WSO2 products on the same server. For instructions, see Changing the Default Ports with Offset.
- Start the WSO2 G-Reg server. For instructions on running WSO2 G-Reg, see Running the Product.
Configuring WSO2 G-Reg
Follow the steps below to configure WSO2 G-Reg to publish services on it to WSO2 APIM.
- Log in to the G-Reg Management Console using the following URL and admin/admin credentials: https://10.100.5.72:9444/carbon
- Click Extensions. and then click Lifecycles.
- Click the corresponding View/Edit Link of the ServiceLifeCycle as shown below.
Replace the
<execution forEvent="Publish" class="org.wso2.carbon.governance.registry.extensions.executors.apistore.ApiStoreExecutor">
element in the configuration with a code block which defines anexecution
element inproduction
state as shown in the example below. Add the API Manager credentials in it, so that it provides the API Manager's endpoint, username and password as executor parameters.Alternatively you can do this change in the
<GREG_HOME>/repository/resources/lifecycles/ServiceLifeCycle.xml
<execution forEvent="Publish" class="org.wso2.carbon.governance.registry.extensions.executors.apistore.ServiceToAPIExecutor"> <parameter name="apim.endpoint" value="http://localhost:9763/"/> <parameter name="apim.username" value="admin"/> <parameter name="apim.password" value="admin"/> <parameter name="apim.env" value="dev"/> <parameter name="default.tier" value="Unlimited"/> <parameter name="throttlingTier" value="Unlimited,Unlimited,Unlimited,Unlimited,Unlimited"/> </execution>
If you need to publish a REST service to WSO2 API Manager, replace the
<execution forEvent="Publish" class="org.wso2.carbon.governance.registry.extensions.executors.apistore.ApiStoreExecutor">
element in the<GREG_HOME>/repository/resources/lifecycles/ServiceLifeCycle.xml
file with a code block which defines anexecution
element inproduction
state as shown in the example below. Add the API Manager credentials in it, so that it provides the API Manager's endpoint, username and password as executor parameters.<execution forEvent="Publish" class="org.wso2.carbon.governance.registry.extensions.executors.apistore.RestServiceToAPIExecutor"> <parameter name="apim.endpoint" value="http://localhost:9763/"/> <parameter name="apim.username" value="admin"/> <parameter name="apim.password" value="admin"/> <parameter name="apim.env" value="dev"/> <parameter name="default.tier" value="Unlimited"/> <parameter name="throttlingTier" value="Unlimited,Unlimited,Unlimited,Unlimited,Unlimited"/> </execution>
Click Save.
Click Yes in the message which pops up.
Creating the Service in WSO2 G-Reg
Follow the steps below to create the service in WSo2 G-Reg which you need to publish to WSO2 APIM.
- Log in to the G-Reg Publisher using the following URL and admin/admin credentials: https://10.100.5.72:9444/publisher
Click the Add button of the SOAP Service box as shown below.
Select Add a SOAP Service using a WSDL option as shown below.
Click Continue.
Enter the details of the service which you want to create as shown in the example below.
Click Create.
Refresh the screen to view the new service you added as shown below.
- Log in to the G-Reg Management Console using the following URL and admin/admin credentials: https://10.100.5.72:9444/carbon
Click Main, and then click SOAP Services in the List menu.
You view the created SOAP service.
Click on the corresponding Service Version link of the service as shown below.
Add the same values which you provided for the
apim.endpoint
parameter (e.g.http://localhost:9763/
), andapim.env
parameter (e.g."dev"
) in the lifecycle executer in Configuring WSO2 G-Reg, for Environments and URL as shown in the example below.
- Click Save SOAP Service.
Publishing the Service in WSO2 G-Reg
- Log in to the G-Reg Publisher using the following URL and admin/admin credentials, if you are not already logged in: https://10.100.5.72:9444/publisher
- Click on the following icon in the top left corner of the screen.
- Select SOAP Services as shown below.
- Click on the SOAP service which you created as shown below.
- Click the following LIFE CYCLE button int he top menu.
- Click the Promote button. Then the service until it gets to the production state as shown below.
- Click Promote again. You view the below screen.
- Click Publish. You should get a confirmation message once the API is successfully published as shown below.
Viewing the API Published in WSO2 APIM
Once you log in to the WSO2 APIM Publisher using the following URL and admin/admin credentials: https://10.100.5.72:9443/publisher, you view the service you published is successfully created as an API in the API Publisher as shown below.
Securing WSO2 APIM username and password
Follow the steps below to use Secure Vault to secure the WSO2 API Manager username and password in a production deployment.
- Run ciphertool.sh/.bat with
-Dconfigure
parameter. - Add apim.username and apim.password as aliases to ciper-text.properties.
- Run cipertool.sh (on Linux) or cipertool.bat (on Windows) and encrypt username and password values.
Add the encrypted text to
ciper-text.properties
file after the other alias and encrypted pairs and restart the server. For example,apim.username=klVWQ32mbNKBxiRp78kK1Et7ZDnLPEsFQTwYjNEzTdpYAISFWJht4cqMjtQ6sXRc7eubuFxBaGVYP6LBA33XjIc855a+kDiJKXjtGhcCejyHrZoKrHb2PCJ2y0TDWtczEfHHFMhn/0u+AJafU47HyOgBXZDLcbfGiC5mdJqEoj4= apim.password=klVWQ32mbNKBxiRp78kK1Et7ZDnLPEsFQTwYjNEzTdpYAISFWJht4cqMjtQ6sXRc7eubuFxBaGVYP6LBA33XjIc855a+kDiJKXjtGhcCejyHrZoKrHb2PCJ2y0TDWtczEfHHFMhn/0u+AJafU47HyOgBXZDLcbfGiC5mdJqEoj4=