We are using WSO2 API manager, version 2.1.0, for publishing our APIs.
On the other hand, we want to use the inline prototyping feature to mock the APIs not developed yet.
In our installation, we have separate gateways (production and sandbox), as described in
https://docs.wso2.com/display/AM210/Publish+through+Multiple+API+Gateways
Our problem is that all inline prototyped APIs are deployed in production endpoint (and this endpoint is protected). Is there any way to use inline, but with sandbox?
This is already identified[1] and fixed through WUM update. If you have a valid subscription you can use wum tool[2] to update your api manager 2.1.0 distribution
[1] - https://wso2.org/jira/browse/APIMANAGER-5954
[2] - https://wso2.com/updates/wum
Related
what is the best version of keycloak to use with spring boot as backend and react as frontend and I can setup easily with a postgres database, I've tested the latest version 19.0.1 but I couldn't set it up with react and spring boot and it doesn't take the postgres DB I specified in env variables.
can you please suggest me the best version to use and some tutorials, videos or articles to learn more about it and how to implement it in production.
thanks in advance.
I recommand you don't use Keycloak Spring adapters, it is deprecated.
The latest Keycloak version works perfectly. Maybe you just misconfigured or use the wrong libs.
For client (react app), pick a library from certified list
For resource-server (Spring REST API), use either:
spring-boot-starter-oauth2-resource-server (but require quite some Java conf)
spring-addons-webmvc-jwt-resource-server (a lot is configurable from properties, including CORS and roles mapping)
Regarding the connection to Postgres, maybe should you return to the doc and read more carefully.
I'd recomend using the keycloak-spring-boot-starter.
Here is an article on how to set it up: https://www.baeldung.com/spring-boot-keycloak
I would also recomend to always use the most recent version. Especially for a security tool like keycloak. If it doesn't work with the tutorial just set it up in the version the tutorial references and then migrate to a newer version step by step using migration guides.
Is there a "best" way of achieving this?
Basically I want to leverage my company's Azure AD tenant to build a fully featured internal application. Using Microsoft Graph, I can retrieve users via their identifier guids, and use the identifiers as foreign keys for various tables in our on premises database, instead of having a dedicated User table, which would need to be populated and synced up with the AD. There are many other prospective uses for Graph, but leveraging users is the priority right now.
A large chunk of my application is built already. I am able to lock down my client app using the package react-aad-msal, requiring users to authenticate through single-sign-on. I have also successfully been able to pass that token back to the protected .NET Core API, accessing various endpoints as the authenticated user.
From here, I am not sure how I can develop the calls to Microsoft Graph. At which point should I make the connection? Should the client application connect to both the on-prem API, as well as Graph? Or should it only connect to the on-prem, which would then connect to Graph? Curious to know the pros and cons of either method.
I've also heard tell that Microsoft is working on their own package: #azure/msal-react, and that react-aad-msal should no longer be used (as it only supports msal 1.0 and not 2.0. I have no idea which version is better for my needs). While msal-react is still in development, apparently I should be using #azure/msal-browser. But I cannot find a good example of a react app using msal-browser to authenticate.
Here is a Sample on how to use MSAL with React to call Microsoft Graph.
The only different in your case will be that instead of calling Microsoft Graph, you will call your own API.
Bottomline is - there is no direct integration package yet for react. Which can also be read from the official statement on the msal-js repo:
After our current libraries are up to standards, we will begin
balancing new feature requests, with new platforms such as react and
node.js.
You can also use .net core instead. Please go through the sample here which can help.
I want to develop a Java Web App to consume some Microsoft Graph Services. According to Azure Portal's "Quick Start" tab, they recommend MSAL to authenticate and call the services (com.microsoft.aad.msal4j.*).
On the other hand, I've found https://github.com/microsoftgraph/msgraph-sdk-java-auth, which offers a nice API to use the services, but the last uptade is from more than a year.
Which should I use? I'm a bit afraid the SDK gets deprecated.
Thanks.
If you have a look at the dotnet version of this library, you'll see it uses MSAL. Whenever the Java msgraph auth library was started, MSAL Java wasn't ready. There's work that needs to be done to align the Java auth library with the dotnet one so it uses MSAL as well. I'd say go ahead and use the Java auth library keeping in mind a few things:
It will change as the required work gets done
Auth libraries for msgraph SDKs are all in preview and might change in the future
There's currently a limitation addressed by this pull request and that you can workaround as documented here
I want to build a web application using a mixture of App Engine Standard and Flexible Environment as described in the Google docs (flexible as microservice where third party software is needed, standard for everything else).
I need the mentioned microservice to run latex, a few linux tools and python. What is the best way to go from here?
My guess is:
Build a docker container from a Linux OS and use either Google Pub/Sub, Google Task Queue or plain HTTP for communication with the Standard Env App.
But how is this custom runtime then managed by Google regarding security updates, scaling, loadbalancing and everything else promised in the docs?
Sorry for the rather generic question, the infos are thin IMHO and so I have to ask.
It would be your responsability to re-build the custom runtime images (done during every app deployment) to incorporate security updates. If your Dockerfile references other Google-supplied base images then the security updates for them will be automatically picked up in the process. But for any additional packages or customisations you added to your runtime you may need to incorporate the updates yourself.
Scaling depends on your app's configuration (your responsability), see Service scaling settings.
Google automatically load-balances traffic across your app's instances.
Does DotNetNuke have a built in web services API I can call or do I have to create my own end point? All the documentation I can find about the services framework talks about creating your own module with a service to extend theirs. What I would like to do is authenticate against an existing / built in web service that will allow me to create users from an external application. A similar example would be me calling the built in SharePoint web services to retrieve list information with an external application. I don't have to write anything in SharePoint to call the built in web services. They are just there.
If this built in service(s) does exist do you have a link or some sample code about how to call it without writing my own web service module?
Thanks,
Bill
DNN does not (as of version 9.1) have a (supported) external API. There are web services designed to the internal modules to use, but you have to get a little hacky in order to make them usable outside of the site. There has been talk of creating a more standard API like this, but until the happens the scenario requires that you create specific APIs for your exact purposes.