[APIM][C5] Environment support for API Manager with Single Sign-On Feature

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

[APIM][C5] Environment support for API Manager with Single Sign-On Feature

Renuka Fernando
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : +94 76 667 8752


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Renuka Fernando
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : +94 76 667 8752


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

chanaka jayasena
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: +94 77 4464006

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Renuka Fernando
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : +94 76 667 8752


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Bhathiya Jayasekara
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: +94715478185

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Renuka Fernando
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : +94 76 667 8752


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Bhathiya Jayasekara
Hi Renuka,

This looks great now. 

What does the Go Back button do on the login page? And shall we rename Identity Server to Identity Provider in the last one?

Thanks,
Bhathiya



On Thu, Dec 21, 2017 at 7:38 PM, Renuka Fernando <[hidden email]> wrote:
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
 
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: +94715478185

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Naduni Pamudika
Hi Renuka,

What is the functionality of the "Go Back" button? Isn't this the page that we are getting even before the login page?

Regards,
Naduni

On Thu, Dec 21, 2017 at 7:50 PM, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka,

This looks great now. 

What does the Go Back button do on the login page? And shall we rename Identity Server to Identity Provider in the last one?

Thanks,
Bhathiya



On Thu, Dec 21, 2017 at 7:38 PM, Renuka Fernando <[hidden email]> wrote:
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
 
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Naduni Pamudika
Software Engineer | WSO2
Mobile: <a href="tel:+94%2071%20914%203658" target="_blank">+94 719 143658 
http://wso2.com/signature

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Bhathiya Jayasekara
In reply to this post by Bhathiya Jayasekara


On Thu, Dec 21, 2017 at 7:50 PM, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka,

This looks great now. 

What does the Go Back button do on the login page? And shall we rename Identity Server to Identity Provider in the last one?
and I think it should be "redirected" not "redirecting".

Thanks,
Bhathiya
 

Thanks,
Bhathiya



On Thu, Dec 21, 2017 at 7:38 PM, Renuka Fernando <[hidden email]> wrote:
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
 
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: +94715478185

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Chamalee De Silva
In reply to this post by Naduni Pamudika


On Thu, Dec 21, 2017 at 7:51 PM, Naduni Pamudika <[hidden email]> wrote:
Hi Renuka,

What is the functionality of the "Go Back" button? Isn't this the page that we are getting even before the login page?

IMO "GO BACk" button should be renamed as "Reset" and add form Reset functionality to it. 

Regards
Naduni

On Thu, Dec 21, 2017 at 7:50 PM, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka,

This looks great now. 

What does the Go Back button do on the login page? And shall we rename Identity Server to Identity Provider in the last one?

Thanks,
Bhathiya



On Thu, Dec 21, 2017 at 7:38 PM, Renuka Fernando <[hidden email]> wrote:
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
 
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Naduni Pamudika
Software Engineer | WSO2
Mobile: <a href="tel:+94%2071%20914%203658" target="_blank">+94 719 143658 
http://wso2.com/signature

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture


Thanks,
Chamalee

--
Thanks & Regards,

Chamalee De Silva

Software Engineer
WSO2 Inc. :http://wso2.com/

Office   :- <a href="tel:%2B94%2011%202145345" value="+94112145345" style="color:rgb(17,85,204)" target="_blank">+94 11 2145345
mobile  :- <a href="tel:%2B94%2077%202782039" value="+94772782039" style="color:rgb(17,85,204)" target="_blank">+94 71 4315942


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [APIM][C5] Environment support for API Manager with Single Sign-On Feature

Renuka Fernando
In reply to this post by Bhathiya Jayasekara
Hi all,

Thank you for pointing out issues. There is no functionality for the button "Go Back". Following are some screenshots of fixed User Interfaces.

Inline images 2
Figure 1: Screenshots

Appreciate any suggestions.
Thanks

Renuka

On 21 December 2017 at 19:51, Bhathiya Jayasekara <[hidden email]> wrote:


On Thu, Dec 21, 2017 at 7:50 PM, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka,

This looks great now. 

What does the Go Back button do on the login page? And shall we rename Identity Server to Identity Provider in the last one?
and I think it should be "redirected" not "redirecting".

Thanks,
Bhathiya
 

Thanks,
Bhathiya



On Thu, Dec 21, 2017 at 7:38 PM, Renuka Fernando <[hidden email]> wrote:
Hi all,

Thank you for your suggestions. I have changed the UI of both Publisher and Store web applications as below.

Inline images 1
 
Figure 1: Screenshots of Login pages.

Also made Publisher and Store web applications are responsive and consistent.

When "VISIT LOGIN PAGE" button is clicked and while redirecting to Identity Server's login page the below screen is shown.

Inline images 2
Figure 2: Screenshot of redirecting.

Appreciate more suggestions.
Thanks

Best regards

On 20 December 2017 at 12:35, Bhathiya Jayasekara <[hidden email]> wrote:
Hi Renuka/Chanaka,

On Wed, Dec 20, 2017 at 12:29 PM, Renuka Fernando <[hidden email]> wrote:
Hi Chanaka,

Thank you for your suggestions. With your suggestions, a loading animation is displayed instead of username and password fields. Here are some screenshots.

I have set up two environments with following configurations.

UI Service

localhost:9292


Development

localhost:9292

SSO disabled

Production

localhost:9292

SSO enabled


Inline images 5
Figure 1: Flow of login page

1. The development environment is the default environment (first environment in the list). Default login page is displayed since SSO disabled.
2. Change the environment and display loading until response reached.
3. Username and password fields are disabled since SSO enabled in the production environment.

Shall we hide username/password instead of disabling them? 

Thanks,
Bhathiya
 

Appreciate any suggestions.
Thanks

Renuka

On 20 December 2017 at 08:44, Chanaka Jayasena <[hidden email]> wrote:
Hi Renuka,

Few suggestions

With the first load the get one environment. Before sending the request to see the env configs display a loading animation in the username and password sections. 

After getting a response if the SSO is enabled for that env, display a message and a button/link to go to the sso login page. Something like bellow. If sso is not enable for that environment, display the basic auth login form.

Also I don't see a need to persist this info to local storage since this is a single page app.

thanks,
Chanaka


On Tue, Dec 19, 2017 at 10:37 AM, Renuka Fernando <[hidden email]> wrote:
Hi All,

In Multi-Environment support for API Manager, the UI Service can be run as a separate service. Without setting a new configuration for UI Service it is passed with callback url.

Inline images 1
1. Request SSO data.
static getAppSSORequestURL() {
    const uiService = window.location.origin.replace(/\//g, "%2F").replace(/:/g, "%3A");
    return `${Utils.CONST.PROTOCOL}${Utils.getEnvironment().host}${Utils.CONST.SSO_LOGIN}${Utils.CONST.CONTEXT_PATH}`
        + `?uiService=${uiService}/`;
}

Utils.CONST = {
    LOCALSTORAGE_ENVIRONMENT: 'environment',
    SSO_LOGIN: '/login/login',
    LOGOUT: '/login/logout',
    LOGIN_TOKEN_PATH: '/login/token',
    SWAGGER_YAML: '/api/am/publisher/v1.0/apis/swagger.yaml',
    PROTOCOL: 'https://',
    CONTEXT_PATH: '/publisher'
};

UI Service requests SSO data from the default environment by passing the query parameter uiService.
Backend creates a DCR application with callback URL by appending the query parameter if not exists.

2. Response

authorizationEndpoint

"https://prod.sample.com:9443/oauth2/authorize"

client_id

"ncNPLKThYHyb1xHDX2YAA2S6rZwa"

callback_URL

"https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

scopes

"apim:api_delete apim:api_publish apim:external_services_discover apim:subscription_block apim:api_update apim:subscription_view apim:api_create apim:apidef_update apim:api_view openid"


"${authorizationEndpoint}?response_type=code&client_id=${client_id}&redirect_uri=${callback_URL}&scope=${scopes}"

Sample URL: "https://prod.sample.com:9443/oauth2/authorize?...redirect_uri=https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/..."

3. Redirect the request to the above sample URL

4. Redirect to callback URL i.e. "https://prod.sample.com:9292/login/callback/publisher?uiService=https://ui.sample.com:9292/"

5. Get Access Token, Set cookies and Redirect to UI Service i.e. https://ui.sample.com:9292


Appreciate any suggestions.
Thanks

Renuka

On 18 December 2017 at 14:18, Renuka Fernando <[hidden email]> wrote:
Hi All,

We are going to enhance the Multi-Environment feature[1] for API Manager by enabling Single Sign-On feature with environments. SSO feature[2] can be enabled for an environment with following configurations.

# APIM Store/Publisher Configuration Parameters
wso2.carbon.apimgt.application:
    # APIM Base URL
  apimBaseUrl: https://localhost:9292/
    # Authorization Endpoint
  authorizationEndpoint: https://localhost:9443/oauth2/authorize
    # SSO Enabled or not
  ssoEnabled: true
Figure 1: Sample deployment.yaml for enabling SSO feature

Suppose three environments.

Production

prod.sample.com:9292

?

Development

dev.sample.com:9292

SSO enabled

Staged

stg.sample.com:9292

SSO disabled


Inline images 4
Figure 2: Read SSO configurations in default environment

1. Request SSO configurations from default environment (i.e. Production Environment).
Default environment is the first environment in environment configuration list or the environment that was last logged in.
2. Fetch SSO data.

We are going to change the login page by having to select the environment first.

Inline images 11
Figure 3: Login page

If the ssoEnabled value of default environment (i.e. Production Environment) is true, the user is forced to select an environment. Username and password fields are disabled until an environment is selected.

Inline images 12
Figure 4: Login page when SSO is enabled.

When an environment is selected the mentioned request in Figure 1 is sent to the corresponding environment and checks the value of ssoEnabled.

Inline images 15
Figure 5: State of login page corresponding to the ssoEnabled value.

1. Login page
2. Selected an SSO enabled environment
3. Redirected to the corresponding identity provider's login page when clicked on login button.
3. Selected an SSO disabled environment and enable username and password fields.

If the ssoEnabled value of default environment (i.e. Production Environment) is false, the default environment is already selected on the login page. When the user changes the environment it is the same scenario in Figure 5.

[1] Mail on subject: [Architecture] [APIM][C5] Multi Environment support with API difference for API Manager

Appreciate any suggestions.
Thanks

Best regards
Renuka
-- 
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Chanaka Jayasena
Associate Tech Lead,
email: [hidden email]; cell: <a href="tel:+94%2077%20446%204006" value="+94774464006" target="_blank">+94 77 4464006



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : <a href="tel:076%20667%208752" value="+94766678752" target="_blank">+94 76 667 8752




--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc., http://wso2.com

Phone: <a href="tel:+94%2071%20547%208185" value="+94715478185" target="_blank">+94715478185



--
Renuka Fernando
Software Engineering Intern | WSO2 Inc

Mobile : +94 76 667 8752


_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture