Posts

Showing posts from 2017

Customizing Lifecycle states in WSO2 API Manager

Image
WSO2 API Manageris a 100% open source API Management solution inluding support for API publishing, lifecycle management, developer portal, access control and analytics. APIs have their own life cycle which can be managed through WSO2 API Publisher while enabling many essential features for API Management, such as,

Create new APIs from existing versionsDeploy multiple versions in parallelDeprecate versions to remove them from storeRetire them to un-deploy from gatewayKeeps audit of lifecycle changesSupports customizing lifecycles 
The ability to customize API life cycle provides a greater flexibility to achieve various requirements. There are few extension points available for customizing the API Lifecycle. Find more details about those from the product documentation [1].  Adding new lifecycle stateChanging the state transition eventsChanging the state transition execution (In each state transition, we can configure an execution logic to be run)
In this blog post, I will explain how we …

Encrypting passwords in WSO2 APIM 2.0.0

Image
WSO2 products support encrypting passwords which are in configuration files using secure vault.
You can find the detailed documentation form here of how to apply secure vault to WSO2 products.

This post will provide you the required instructions to apply secure vault to WSO2 APIM 2.0.0.

1. Using the automatic approach to encrypt the passwords given in XML configuration files.
Most of the passwords in WSO2 APIM 2.0.0 are in XML configuration files. Therefore you can follow the instructions given in here to encrypt them.



2. Encrypting passwords in jndi.properties file and log4j.properties files.
As did in above section, the passwords in XML configurations can be referred in cipher-tool.properties file via Xpaths. Therefore cipher-tool can automatically replace the plain text passwords in XML configuration files.

However, passwords in files such as jndi.properties file and log4j.properties filee need to be manually encrypted.
Encrypting passwords in jndi.properties file. Since passwords …