SlideShare uma empresa Scribd logo

Sharing Best Practices and Recommendations from the Integration Battlefield

WSO2
WSO2

APIs are the tip of the iceberg of enterprise integration. In this workshop Isabelle Mauny vp, product management at WSO2 discussed how WSO2’s customers engaged in successful enterprise deployments. She shared best practices and recommendations from the "integration battlefield" around security, monitoring and performance. Isabelle hosted this workshop at API Days Paris.

Tecnologia
1 de 34
Baixar para ler offline
Isabelle Mauny VP, Product, WSO2 Last Updated: Nov 2014 Lessons from the ba.lefield Tuesday, December 9, 14
2 About the speaker... ๏ French na)ve ๏ Living in Madrid ๏ Working mostly in Sri Lanka and Europe ๏ 17 years @ IBM, 5 years in startups ๏ Managing the overall WSO2 porEolio ๏ Linux command line user... Tuesday, December 9, 14
3 Who is WSO2 ? ๏ Open Source Middleware Pla2orm Provider ๏ Apache 2.0 License ๏ Provides Integra?on, API Management, Security and Mobile enterprise management products ๏ Main contributor to Apache Stratos PaaS ๏ Creators of DevOps “AppFactory” cloud solu?on Tuesday, December 9, 14
4 Tuesday, December 9, 14
Architecture Roadmap 5 Decompose your exis7ng business processes, data and capabili7es into services Make all services accessible via APIs, externally and internally Put services and APIs under control ! Build an ecosystem around your APIs Collect data on your new products and APIs 1 2 3 4 5 Tuesday, December 9, 14
6 Crea%ng and Managing Services Tuesday, December 9, 14
7 Services and APIs ๏ Service deals with implementa)on ๏ API deals with subscrip)on (consumer) ๏ Two very dis)nct life cycles ! ๏ You don’t need the service to create the API... Tuesday, December 9, 14
8 API Lifecycle ๏ An API can pass through mul)ple states ๏ For example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should integrate with complete governance lifecycle Tuesday, December 9, 14
9 Building a Managed API ๏ Crea)ng APIs (interface, docs, samples,etc.) ๏ Adver)sing APIs ๏ Making APIs subscribe-­‐able by consumers ๏ Associa)ng SLAs ๏ Securing APIs ๏ Mone)za)on and Analy)cs Tuesday, December 9, 14
10 API Security Tuesday, December 9, 14
11 API Security ๏ Security is not an aer thought ! ๏ APIs are part of a much larger enterprise picture ๏ How will consumers request an access token ? ๏ Using a SAML 2.0 asser)on ? ๏ Using client_creden)als ? ๏ Using userid/password ? ๏ Make sure you document thoroughly how developers need to manage tokens: ๏ Tokens are like passwords! ๏ Always use SSL for token transporta)on ! ๏ Use Domain restric)ons (WSO2 API Manager) Tuesday, December 9, 14
12 Fine-­‐grained access to APIs ๏ OAuth2 is all about access control: a token is associated to a scope. ๏ XACML (eXtensible Access Control Markup Language) is the de-­‐facto standard for fine-­‐grained access control. ๏ OAuth scope can be represented in XACML policies ๏ Provides fine grain control over what a user/applica?on can do ( i.e. you can call GET but not POST on an API) Tuesday, December 9, 14
13 Passing Auth Informa:on to back-­‐end services ๏ Using JSON Web Tokens (JWT) ๏ Lightweight ๏ Can be signed ๏ Easy to parse and consume ๏ Standard Tuesday, December 9, 14
14 Token Format ๏ JWT Structure {token info}.{claims list}.{signature} ๏ Base-­‐64 Encoded Tuesday, December 9, 14
15 What are Claims ? ๏ Claims are a set of ahributes about a user, mapped to the underlying user store. ๏ A set of claims is called a dialect Tuesday, December 9, 14
16 Deployment Tuesday, December 9, 14
17 Gateway vs. ESB ๏ Oh, but I already have an ESB ! Why do I need a gateway ? ๏ API Gateway vs. Media)on Layer (ESB) ๏ Gateway = light ESB ? ๏ Think ESB as an architecture pahern, not a product! Tuesday, December 9, 14
18 Generic Facade Pa.ern ๏ Pros ๏ No addi)onal hop in the network ๏ Single Server to be managed ๏ More suited for internal deployments ๏ Cons ๏ Complexity of integra)on at edge of network ๏ API Management layer can’t really scale independently ๏ Not appropriate for DMZ deployments (direct access to backend services) Tuesday, December 9, 14
19 Separated Facade & MediaWon ๏ API Gateway Layer acts as simple reverse proxy, enforcing basic policies ๏ Clear separa?on of concern between layers ๏ Media?on layer and API management layer scale independently ๏ Specific security checks/protec?on at edge of the network ๏ Provides protocol transforma?on to the edge of the network Tuesday, December 9, 14
20 Specific WSO2 SoluWon ๏ Our API gateway is actually a full-­‐blown ESB under the hood, constrained at UI level. ๏ You can install the missing ESB features on top of API manager and combine both architecture layers into a single run)me! ๏ Makes the choice a deployment one. Tuesday, December 9, 14
21 Typical Deployment Tuesday, December 9, 14
22 Users Store ๏ Separate admins / corporate users from the developers users’s store (created via self-­‐sign up) Tuesday, December 9, 14
23 You can’t manage what you can’t measure. Tuesday, December 9, 14
24 Why Analy:cs and API Management are important together? ๏ Build confidence in the API model ๏ Understand your customer ๏ Not just the developer but also the end-­‐user ๏ Help manage services and versions ๏ Understand when deprecated services can be re?red ๏ Plan beZer ๏ Monitor the growth of aggregated API traffic ๏ Monitor the growth of specific apps ๏ Even if you’re not going to put analy?cs in place, make sure you capture all events right from beginning of project. Tuesday, December 9, 14
25 AnalyWcs 101: AggregaWon • How to collect data efficiently • How to store data effec)vely • Choose which data to capture Tuesday, December 9, 14
26 AnalyWcs 101 : Analysis • Data opera)ons • Defining KPIs and analy)cs • Opera)ng on large amounts of historical or current data • Crea)ng intelligence Tuesday, December 9, 14
27 AnalyWcs 101 : PresentaWon • Visualiza)on • Dashboards • Reports Tuesday, December 9, 14
28 Monitor And Analyze ๏ Take decisions in real ?me through Complex Event Processing ๏ Create dashboards for both technical and business monitoring Tuesday, December 9, 14
29 DetecWng Usage Pa.erns ๏ My API customer is trying to steal my business : let’s block them. ๏ A customer is at 80% of API plan : let’s warn them ๏ A customer is systema)cally at 120% of the plan : propose an upgrade to the premium plan Tuesday, December 9, 14
30 Demo Tuesday, December 9, 14
31 Demo Setup Tuesday, December 9, 14
32 References ๏ Building an ecosystem for API Security (White Paper) ๏ hhp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API Facade Pahern (Webinar) ๏ hhp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API Management: missing link for SOA ๏ hhp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng Service Reuse ๏ hhp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Tuesday, December 9, 14
33 Download API Manager today! ๏ hhp://wso2.com/products/api-­‐manager/ Tuesday, December 9, 14
Contact us ! Tuesday, December 9, 14

Recomendados

Service Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesService Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesHussein Khazaal
 
Glass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KGlass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KEduardo Pelegri-Llopart
 
Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB WSO2
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
A Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamA Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamDeborah Schalm
 
OpenStack et Windows
OpenStack et WindowsOpenStack et Windows
OpenStack et WindowsMicrosoft Technet France
 
Introduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSIntroduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSRafael Casuso Romate
 

Recomendados

Service Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesService Launch - Nuage X as a SaaS platform for demos, integrations and sales
Service Launch - Nuage X as a SaaS platform for demos, integrations and salesHussein Khazaal
 
Glass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KGlass Fish Esb Launch Feb10 2009 Part A Frank K
Glass Fish Esb Launch Feb10 2009 Part A Frank KEduardo Pelegri-Llopart
 
Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB WSO2
 
Object Store
Object StoreObject Store
Object StoreMuleSoft
 
A Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamA Day in the Life of a Cross-platform, DevOps-enabled Team
A Day in the Life of a Cross-platform, DevOps-enabled TeamDeborah Schalm
 
OpenStack et Windows
OpenStack et WindowsOpenStack et Windows
OpenStack et WindowsMicrosoft Technet France
 
Introduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSIntroduction to Weex: Mobile Apps with VueJS
Introduction to Weex: Mobile Apps with VueJSRafael Casuso Romate
 
Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformHP Seitz
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Hussein Khazaal
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014Yenlo
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no AzureJaqueline Ramos
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Roshani Patel
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeOPITZ CONSULTING Deutschland
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management BasicsASPEX_BE
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07carsonsystems
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev dayPrasanna Venkatesan
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11Sanjay Willie
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyTori Wieldt
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Waldyr Felix
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache StratosWSO2
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)Tamas Bartok
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07carsonsystems
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Codemotion
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
 
Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Conociendo mule esb
Conociendo mule esbConociendo mule esb
Conociendo mule esbLarry Magallanes
 

Mais conteúdo relacionado

Mais procurados

Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformHP Seitz
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Hussein Khazaal
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014Yenlo
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no AzureJaqueline Ramos
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Roshani Patel
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeOPITZ CONSULTING Deutschland
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management BasicsASPEX_BE
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTINGGuido Serra
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07carsonsystems
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev dayPrasanna Venkatesan
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11Sanjay Willie
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Nico Meisenzahl
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyTori Wieldt
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Waldyr Felix
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache StratosWSO2
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)Tamas Bartok
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemixvvaswani
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07carsonsystems
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Codemotion
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Red Hat Developers
 

Mais procurados (20)

Full-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA PlatformFull-Stack JavaScript Development on SAP HANA Platform
Full-Stack JavaScript Development on SAP HANA Platform
 
Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016Presentation - Nuage Networks Partner Program Update 9/2016
Presentation - Nuage Networks Partner Program Update 9/2016
 
API Webinar November 18th 2014
API Webinar November 18th 2014API Webinar November 18th 2014
API Webinar November 18th 2014
 
Criando sua primeira App Service no Azure
Criando sua primeira App Service no AzureCriando sua primeira App Service no Azure
Criando sua primeira App Service no Azure
 
Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020Top Node.JS Frameworks to Look at in 2020
Top Node.JS Frameworks to Look at in 2020
 
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die MotorhaubeBootsFaces, AngularFaces und ein Blck unter die Motorhaube
BootsFaces, AngularFaces und ein Blck unter die Motorhaube
 
Azure Management Basics
Azure Management BasicsAzure Management Basics
Azure Management Basics
 
Load & Performance TESTING
Load & Performance TESTINGLoad & Performance TESTING
Load & Performance TESTING
 
Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07Chris Wilson @ FOWA Feb 07
Chris Wilson @ FOWA Feb 07
 
Micro frontends with react and redux dev day
Micro frontends with react and redux dev dayMicro frontends with react and redux dev day
Micro frontends with react and redux dev day
 
WebRTC & Asterisk 11
WebRTC & Asterisk 11WebRTC & Asterisk 11
WebRTC & Asterisk 11
 
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
Continuous Lifecycle: Enhance Your Compliance and Governance With Policy-Base...
 
Scaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization JourneyScaling with Docker: New Relic’s Containerization Journey
Scaling with Docker: New Relic’s Containerization Journey
 
Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014Sistema de Notificações com SignalR TDC 2014
Sistema de Notificações com SignalR TDC 2014
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache Stratos
 
"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)"A REST kétszer fárad" (English)
"A REST kétszer fárad" (English)
 
Using PHP with IBM Bluemix
Using PHP with IBM BluemixUsing PHP with IBM Bluemix
Using PHP with IBM Bluemix
 
Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07Daniel Appelquist @ FOWA Feb 07
Daniel Appelquist @ FOWA Feb 07
 
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
Ivan Jovanovic - Micro Frontends - Codemotion Rome_2019
 
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
Putting The 'M' In MBaaS—Red Hat Mobile Client Development Platform (Jay Balu...
 

Destaque

Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management WSO2
 
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...WSO2
 
El mundo Big Data y las APIs
El mundo Big Data y las APIsEl mundo Big Data y las APIs
El mundo Big Data y las APIsBig Data Spain
 
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2
 
Introducción a SOA
Introducción a SOAIntroducción a SOA
Introducción a SOArdiegoc
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentationsflynn073
 

Destaque (9)

Best Practices for API Management
Best Practices for API Management Best Practices for API Management
Best Practices for API Management
 
Conociendo mule esb
Conociendo mule esbConociendo mule esb
Conociendo mule esb
 
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
Gestión de Identidades y Control de Acceso en los Servicios usando WSO2 Ident...
 
Bpel y Open Esb
Bpel y Open EsbBpel y Open Esb
Bpel y Open Esb
 
El mundo Big Data y las APIs
El mundo Big Data y las APIsEl mundo Big Data y las APIs
El mundo Big Data y las APIs
 
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los servicios
 
Introducción a SOA
Introducción a SOAIntroducción a SOA
Introducción a SOA
 
Arquitectura Orientada a Servicios (SOA)
Arquitectura Orientada a Servicios (SOA)Arquitectura Orientada a Servicios (SOA)
Arquitectura Orientada a Servicios (SOA)
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentation
 

Semelhante a Sharing Best Practices and Recommendations from the Integration Battlefield

Lessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureLessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureWSO2
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...VMware Tanzu
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native EraNuwan Dias
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerWSO2
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerSakari Hoisko
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationAlex Vranceanu
 
Scaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseScaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseOpsta
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform WSO2
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
Monitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backMonitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backIcinga
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Yenlo
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCISven Bernhardt
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunk
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker, Inc.
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryWSO2
 
Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing WSO2
 
Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server WSO2
 

Semelhante a Sharing Best Practices and Recommendations from the Integration Battlefield (20)

Lessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric ArchitectureLessons from the Trenches: Building an API-Centric Architecture
Lessons from the Trenches: Building an API-Centric Architecture
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e... Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
Cloud-Native .Net des applications containerisées .Net sur Linux, Windows e...
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5
 
Building APIs in a Cloud Native Era
Building APIs in a Cloud Native EraBuilding APIs in a Cloud Native Era
Building APIs in a Cloud Native Era
 
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Diasapidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
apidays LIVE Paris - Building APIs in a Cloud Native era by Nuwan Dias
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API Manager
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday Docker
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - Presentation
 
Scaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for EnterpriseScaling DevSecOps Culture for Enterprise
Scaling DevSecOps Culture for Enterprise
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
Monitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to backMonitor OpenStack Environments from the bottom up and front to back
Monitor OpenStack Environments from the bottom up and front to back
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
 
Implementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCIImplementing API-led Cloud-native apps on OCI
Implementing API-led Cloud-native apps on OCI
 
SplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by SplunkSplunkLive! London 2017 - DevOps Powered by Splunk
SplunkLive! London 2017 - DevOps Powered by Splunk
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to Docker
 
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industryCombining WSO2 API Manager with WSO2 BAM for billing in the energy industry
Combining WSO2 API Manager with WSO2 BAM for billing in the energy industry
 
Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing Big Data, Analytics and Real Time Event Processing
Big Data, Analytics and Real Time Event Processing
 
Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server Introduction to WSO2 Storage Server
Introduction to WSO2 Storage Server
 

Mais de WSO2

Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2
 
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 

Mais de WSO2 (20)

Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
WSO2CON 2024 - Not Just Microservices: Rightsize Your Services!
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 

Último

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 

Último (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 

Sharing Best Practices and Recommendations from the Integration Battlefield

  • 1. Isabelle Mauny VP, Product, WSO2 Last Updated: Nov 2014 Lessons from the ba.lefield Tuesday, December 9, 14
  • 2. 2 About the speaker... ๏ French na)ve ๏ Living in Madrid ๏ Working mostly in Sri Lanka and Europe ๏ 17 years @ IBM, 5 years in startups ๏ Managing the overall WSO2 porEolio ๏ Linux command line user... Tuesday, December 9, 14
  • 3. 3 Who is WSO2 ? ๏ Open Source Middleware Pla2orm Provider ๏ Apache 2.0 License ๏ Provides Integra?on, API Management, Security and Mobile enterprise management products ๏ Main contributor to Apache Stratos PaaS ๏ Creators of DevOps “AppFactory” cloud solu?on Tuesday, December 9, 14
  • 5. Architecture Roadmap 5 Decompose your exis7ng business processes, data and capabili7es into services Make all services accessible via APIs, externally and internally Put services and APIs under control ! Build an ecosystem around your APIs Collect data on your new products and APIs 1 2 3 4 5 Tuesday, December 9, 14
  • 6. 6 Crea%ng and Managing Services Tuesday, December 9, 14
  • 7. 7 Services and APIs ๏ Service deals with implementa)on ๏ API deals with subscrip)on (consumer) ๏ Two very dis)nct life cycles ! ๏ You don’t need the service to create the API... Tuesday, December 9, 14
  • 8. 8 API Lifecycle ๏ An API can pass through mul)ple states ๏ For example: ๏ CREATED ๏ PUBLISHED ๏ DEPRECATED ๏ RETIRED ๏ BLOCKED ๏ Should integrate with complete governance lifecycle Tuesday, December 9, 14
  • 9. 9 Building a Managed API ๏ Crea)ng APIs (interface, docs, samples,etc.) ๏ Adver)sing APIs ๏ Making APIs subscribe-­‐able by consumers ๏ Associa)ng SLAs ๏ Securing APIs ๏ Mone)za)on and Analy)cs Tuesday, December 9, 14
  • 10. 10 API Security Tuesday, December 9, 14
  • 11. 11 API Security ๏ Security is not an aer thought ! ๏ APIs are part of a much larger enterprise picture ๏ How will consumers request an access token ? ๏ Using a SAML 2.0 asser)on ? ๏ Using client_creden)als ? ๏ Using userid/password ? ๏ Make sure you document thoroughly how developers need to manage tokens: ๏ Tokens are like passwords! ๏ Always use SSL for token transporta)on ! ๏ Use Domain restric)ons (WSO2 API Manager) Tuesday, December 9, 14
  • 12. 12 Fine-­‐grained access to APIs ๏ OAuth2 is all about access control: a token is associated to a scope. ๏ XACML (eXtensible Access Control Markup Language) is the de-­‐facto standard for fine-­‐grained access control. ๏ OAuth scope can be represented in XACML policies ๏ Provides fine grain control over what a user/applica?on can do ( i.e. you can call GET but not POST on an API) Tuesday, December 9, 14
  • 13. 13 Passing Auth Informa:on to back-­‐end services ๏ Using JSON Web Tokens (JWT) ๏ Lightweight ๏ Can be signed ๏ Easy to parse and consume ๏ Standard Tuesday, December 9, 14
  • 14. 14 Token Format ๏ JWT Structure {token info}.{claims list}.{signature} ๏ Base-­‐64 Encoded Tuesday, December 9, 14
  • 15. 15 What are Claims ? ๏ Claims are a set of ahributes about a user, mapped to the underlying user store. ๏ A set of claims is called a dialect Tuesday, December 9, 14
  • 16. 16 Deployment Tuesday, December 9, 14
  • 17. 17 Gateway vs. ESB ๏ Oh, but I already have an ESB ! Why do I need a gateway ? ๏ API Gateway vs. Media)on Layer (ESB) ๏ Gateway = light ESB ? ๏ Think ESB as an architecture pahern, not a product! Tuesday, December 9, 14
  • 18. 18 Generic Facade Pa.ern ๏ Pros ๏ No addi)onal hop in the network ๏ Single Server to be managed ๏ More suited for internal deployments ๏ Cons ๏ Complexity of integra)on at edge of network ๏ API Management layer can’t really scale independently ๏ Not appropriate for DMZ deployments (direct access to backend services) Tuesday, December 9, 14
  • 19. 19 Separated Facade & MediaWon ๏ API Gateway Layer acts as simple reverse proxy, enforcing basic policies ๏ Clear separa?on of concern between layers ๏ Media?on layer and API management layer scale independently ๏ Specific security checks/protec?on at edge of the network ๏ Provides protocol transforma?on to the edge of the network Tuesday, December 9, 14
  • 20. 20 Specific WSO2 SoluWon ๏ Our API gateway is actually a full-­‐blown ESB under the hood, constrained at UI level. ๏ You can install the missing ESB features on top of API manager and combine both architecture layers into a single run)me! ๏ Makes the choice a deployment one. Tuesday, December 9, 14
  • 21. 21 Typical Deployment Tuesday, December 9, 14
  • 22. 22 Users Store ๏ Separate admins / corporate users from the developers users’s store (created via self-­‐sign up) Tuesday, December 9, 14
  • 23. 23 You can’t manage what you can’t measure. Tuesday, December 9, 14
  • 24. 24 Why Analy:cs and API Management are important together? ๏ Build confidence in the API model ๏ Understand your customer ๏ Not just the developer but also the end-­‐user ๏ Help manage services and versions ๏ Understand when deprecated services can be re?red ๏ Plan beZer ๏ Monitor the growth of aggregated API traffic ๏ Monitor the growth of specific apps ๏ Even if you’re not going to put analy?cs in place, make sure you capture all events right from beginning of project. Tuesday, December 9, 14
  • 25. 25 AnalyWcs 101: AggregaWon • How to collect data efficiently • How to store data effec)vely • Choose which data to capture Tuesday, December 9, 14
  • 26. 26 AnalyWcs 101 : Analysis • Data opera)ons • Defining KPIs and analy)cs • Opera)ng on large amounts of historical or current data • Crea)ng intelligence Tuesday, December 9, 14
  • 27. 27 AnalyWcs 101 : PresentaWon • Visualiza)on • Dashboards • Reports Tuesday, December 9, 14
  • 28. 28 Monitor And Analyze ๏ Take decisions in real ?me through Complex Event Processing ๏ Create dashboards for both technical and business monitoring Tuesday, December 9, 14
  • 29. 29 DetecWng Usage Pa.erns ๏ My API customer is trying to steal my business : let’s block them. ๏ A customer is at 80% of API plan : let’s warn them ๏ A customer is systema)cally at 120% of the plan : propose an upgrade to the premium plan Tuesday, December 9, 14
  • 30. 30 Demo Tuesday, December 9, 14
  • 31. 31 Demo Setup Tuesday, December 9, 14
  • 32. 32 References ๏ Building an ecosystem for API Security (White Paper) ๏ hhp://wso2.com/whitepapers/wso2-­‐whitepaper-­‐building-­‐an-­‐ecosystem-­‐for-­‐api-­‐ security/ ๏ API Facade Pahern (Webinar) ๏ hhp://wso2.com/library/webinars/2014/01/implemen)ng-­‐api-­‐facade-­‐using-­‐ wso2-­‐api-­‐management-­‐plaEorm/ ๏ API Management: missing link for SOA ๏ hhp://sanjiva.weerawarana.org/2012/08/api-­‐management-­‐missing-­‐link-­‐for-­‐ soa.html ๏ Promo)ng Service Reuse ๏ hhp://wso2.com/whitepapers/promo)ng-­‐service-­‐reuse-­‐within-­‐your-­‐enterprise-­‐ and-­‐maximizing-­‐soa-­‐success/ Tuesday, December 9, 14
  • 33. 33 Download API Manager today! ๏ hhp://wso2.com/products/api-­‐manager/ Tuesday, December 9, 14
  • 34. Contact us ! Tuesday, December 9, 14