Articles

Working With Custom Policy in Mule 4

,

MuleSoft Custom Policies can be layered on top of the implementation of the APIs to provide the governance, security, and visibility required. While the out-of-the-box API management policies cover the majority of use cases, an organization may need to create a custom policy to meet specific business needs.

There is a lot of documentation that shows how to work with MuleSoft custom policies through API manager, however, developing the custom policy and debugging them locally has been always challenging. In this article, I will demonstrate how to develop and test Mule custom policy on your local standalone Mule runtime instances before uploading to the API manager or Exchange for live running APIs.

Source de l’article sur DZONE

/par

API Security Weekly: Issue #44

,

This week, we look at API vulnerabilities in Kubernetes and 3Fun, upcoming API Specification Conference, and slides from EIN 2019 conference presentation.

Vulnerabilities: Kubernetes

Kubernetes has fixed the API vulnerability CVE-2019-11247.

Source de l’article sur DZONE

/par

Open Source Integration With Apache Camel and How Fuse IDE Can Help

,

Take any integration project and you have multiple applications talking over multiple transports on multiple platforms. As you can imagine, in large enterprises, applications like this can get complex very fast. Much of the complexity stems from two issues:

  1. Dealing with the specifics of applications and transports
  2. Coming up with good solutions to integration problems

Making your applications speak transports and APIs is relatively easy on its own. I’m sure everyone knows how to send JMS messages to their broker of choice; though it still requires in-depth knowledge of the JMS specification, which many developers may not have. On top of that, what happens when you want to route that JMS message to another application? You then have to take care of mapping the JMS message to the application plus handle any new concepts related to the application. Add a dozen other applications into the mix and you’ve got quite a headache on your hands.

Source de l’article sur DZONE

/par

How to Use Spring RESTTemplate to Post Data to a Web Service

,

In this example, I am going to show you how to post data to a RESTful web service in Java using Spring, Spring Java Configuration and more.

Web Service Code

Let’s take a quick look at the Spring MVC Web Service code on the server:

Source de l’article sur DZONE

/par

The Complexity of API Discovery

,

The Complexity of API Discovery

I can’t get API discovery out of my mind. Partly because I am investing significant cycles in this area at work, but it is also something I have been thinking about for so long that it is difficult to move on. It remains one of the most complex, challenging, and un-addressed aspects of the way the web is working (or not working) online today. I feel pretty strongly that there hasn’t been an investment in the area of API discovery because most technology companies providing and consuming APIs prefer things to be un-discoverable, for a variety of conscious and unconscious reasons behind these belief systems.

What Does API Discovery Mean? Depends on Who You Are…

One of the reasons that API discovery does not evolve in any significant way is because there is not any real clarity on what API discovery is. Depending on who you are and what your role in the technology sector is, you’ll define API discovery in a variety of ways. There are a handful of key actors that contribute to the complexity of defining and optimizing in the area of API discovery.

Source de l’article sur DZONE

/par

How NOT to Be API-Misled for Connectivity!

,

How NOT to be API-misled for connectivity!

It was a few years back when API-led connectivity was getting popular and our customers wanted to see it being brought into practice. Some of them also began to choose their hybrid integration products based on the product’s inherent support for the approach. After having implemented two large hybrid integration programs for two different industries (Banking and Manufacturing), I thought I should share my experience as do’s and don’ts for API-led connectivity and Hybrid Integration.

API-led connectivity

The approach was termed as the next step in the evolution of SOA, which is why its principles and the very fundamental concepts will remain timeless, at least in the context of software architecture.

Source de l’article sur DZONE

/par

API Security Weekly: Issue #41

,

This week, we take a look into API vulnerabilities found in Tinder and Axway SecureTransport. In other news, FTC and Equifax have reached a settlement related to the 2017 breach, and the slides for an API security talk have been posted.

Vulnerability: Tinder

Sanskar Jethi has found that Tinder enforces its premium features (such as unblurred images of those who like you) to be available for premium membership only in the app, not in the API. Their API actually delivers regular, unblurred images to everyone.

Source de l’article sur DZONE

/par

MuleSoft 4: Invoke REST API

,

Problem Statement

Recently, while working with MuleSoft 4 (AnyPoint Platform – 7.3.1), I had come across a scenario that requires invocation of another REST API, which is also implemented on MuleSoft. This API requires input in the form of URI parameters. This API works well when invoked from an external client like Postman, however, exceptions are observed when the same API is invoked from MuleSoft.

Implementation Details

App – Currency Conversation is implemented for providing currency conversion details in real-time , this APP can be invoked by URL  -http://<<hostname>> /api/ currenyconversion /baseCcy /<<value>> /targetCcy/<<value>>

Source de l’article sur DZONE

/par

REST: Defining a Resource

,

Defining a resource

Fielding’s dissertation describes a Resource as:

"Any information that can be named" … "a document or image, a temporal service (e.g. “today’s weather in Los Angeles”), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be the target of an author’s hypertext reference must fit within the definition of a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time."

Defining a resource is both a science and an art. It requires both domain knowledge and API architectural skills. The following points detailed below serve as a checklist that may help you determine the shape of your resource, what data it should contain, and how it should be presented to consumers of your API.

Source de l’article sur DZONE

/par

Build and Graduate Your App in RingCentral

,

A developer journey starts with building the app, testing it, maintaining it, and then moving it into production.

RingCentral deals with different kinds of APIs that offer reliable VoIP calling, web meetings, fax, and more features over cloud communication with reliability, security, and quality.

Source de l’article sur DZONE

/par