Convergence of API and SOA Governance Gets Underway

Convergence of API and SOA Governance Gets Underway

Within most enterprise IT organizations there is a tension between classic approaches to middleware based on software-oriented architectures (SOA) and approaches based on APIs that are easier to build and deploy but potentially more difficult to manage.

But Axway CTO Mark O’Neill says in reality the way APIs will be used in the enterprise will be as a layer of services that will make systems based on SOA more accessible to, for example, mobile computing applications.






Axway Named a Leader in Gartner Application Services Governance Magic Quadrant

Axway Named a Leader in Gartner Application Services Governance Magic Quadrant

Axway (NYSE Euronext: AXW.PA), a market leader in governing the flow of data, today announced it is positioned as a Leader in Gartner’s 2013 Magic Quadrant for Application Services Governance (1). This report comes off the heels of Axway also being named a Leader in Gartner’s 2013 Magic Quadrant for On-premises Application Integration Suites (2).






Pedalling the Connection: Data, Devices and APIs in Le Tour de France

Pedalling the Connection: Data, Devices and APIs in Le Tour de France

198 riders from 22 teams set off on June 29th, 2013 to race in the 100thanniversary of LeTour de France — an annual multiple stage bicycle race primarily held in France. Today, professional cycling is arguably the most technology addicted of all sports, with cyclists frequently using technology to achieve improved performance. Similar to other sectors, API Management is now at the heart of the latest technology advances in this field.






How to do content-based routing with conversion

Content-based routing with conversion for SOAP to REST in the Vordel API Server

The Vordel API Server has some really neat features which make it very easy to do content-based routing based on parameters in a SOAP message, and to use these parameters to construct a REST request. Here is an example of how this is setup. First, I register the WSDL service (a Parlay-X AmountCharging Service) in the Web Service Repository in the Vordel Policy Studio, as shown below:






How to create a WS-Security Username Token

How to create a WS-Security UsernameToken without a password

I've seen the "API Key" pattern also crop up in SOAP messages before. It's reasonably common practice to use a WS-Security block as the way to encapsulate the API Key, rather than, say, coming up with a new custom token.

First load in your SOAP message (or generate one from WSDL). Next, in the "security" menu, choose "Insert WS-Security Username":






How to orchestrate a REST API with SOAP

How to send a message on to a queue with JMS. Sending a SOAP message onto JMS using the "SOAP over Java Message Service" proposal, or as a Text Message

Did you know that you can use Vordel SOAPbox to send a SOAP message onto a JMS message queue? You can choose to send it as a normal TextMessage, or an ObjectMessage. But you can also choose to use the "SOAP over JMS Message Service" proposal to place the message.






How to create a RESTful Security Token Service

How to send a message on to a queue with JMS. Sending a SOAP message onto JMS using the "SOAP over Java Message Service" proposal, or as a Text Message

Did you know that you can use Vordel SOAPbox to send a SOAP message onto a JMS message queue? You can choose to send it as a normal TextMessage, or an ObjectMessage. But you can also choose to use the "SOAP over JMS Message Service" proposal to place the message.






How to monitor Salesforce

One of my favorite Web APIs to use in demos is SalesForce.com . SalesForce has a ton of information about their API on their developer site. The Vordel API Sever can be used to connect up to SalesForce, including sending up the API Key and caching the Session Identifier which is returned back by SalesForce.

One of the neat things is that all traffic from the app to the SalesForce API is now monitored by the Vordel API Server. There are many advantages to this, which I will delve deeper into in later posts. But, one key advantage is that "rogue cloud service usage" is stamped out, since it appears on the Real-Time Monitoring of the Gateway:






How to validate a SAML 2.0 assertion

It's simple to setup the validation of a signed SAML 2.0 assertion in a Vordel XML Gateway. In a circuit, chain together (1) an "XML Signature Verification" filter (which you can find in the "Integrity" group on the right-hand-side of Policy Studio), and (2) a "SAML Authentication" filter (which you can find in the "Authentication" group).

With XML Signature Verification filter, make sure that the SAML assertion is selected under "What must be signed". In the filter to validate the SAML assertion, make sure that it's a SAML 2.0 assertion.






How to convert from REST to SOAP

The popular advantages of REST over SOAP are well known: It's easier to write a REST client, the messages are smaller, you can cache REST traffic using standard Web infrastructure. But what if you have SOAP Web Services and your clients are crying out for REST Web Services instead?

Here is how you create REST Web Services in front of SOAP services using Policy Studio and the Vordel XML Gateway...(http://www.vordel.com/products/API-Server.html)

To do this, create a policy which reads parameters from the REST URL and then inserts those parameters into a SOAP message which it creates on-the-fly.