Policy Enforcement Actions
Mediator provides the following categories of policy enforcement actions:
Authentication Actions
Authentication actions verify that the OData service client has the proper credentials to access an OData service.
HTTP Basic Authentication: Uses HTTP basic authentication to verify the client's authentication credentials contained in the request's Authorization header against the
Integration Server's user account.
NTLM Authentication: Uses NTLM authentication to verify the client's authentication credentials contained in the request's Authorization header against the
Integration Server's user account.
Logging and Monitoring Actions
Logging and Monitoring actions monitor and collect information about the number of messages that were processed successfully or failed, the average execution time of message processing, and the number of alerts associated with an OData service.
Log Invocations: Logs request/response payloads to a destination you specify.
Monitor Service Level Agreement: Specifies a Service Level Agreement (SLA), which is set of conditions that define the level of performance that a specified client must expect from an OData service.
Monitor Service Performance: This action provides the same functionality as Monitor Service Level Agreement but this action is different because it enables you to monitor the OData service's run-time performance for all clients. This action monitors a user-specified set of run-time performance conditions for an OData service and sends alerts to a specified destination when these performance conditions are violated.
Routing Actions
Routing actions route the incoming message (for example, directly to the OData service, routed according to the routing rules, or routed to a pool of servers for the purpose of load balancing and failover handling) to the desired endpoint.
Straight Through Routing: Routes the requests directly to a native endpoint that you specify.
Context Based Routing: Routes requests to different endpoints based on specific values that appear in the request message.
Load Balancing and Failover Routing: Routes the requests across multiple endpoints.
Dynamic Routing: Routes the request to the dynamic URL generated during runtime.
Set Custom Headers: Specifies the HTTP headers for the outgoing message to the native service.
Security Actions
Security actions provide client validation and confidentiality for request and response messages.
For the client validation, Mediator maintains a list of consumer applications specified in CentraSite that are authorized to access the OData service published to Mediator. Mediator synchronizes this list of consumer applications through a manual process initiated from CentraSite.
There are two different lists of consumers in Mediator:
List of Registered Consumers: Registered consumers are those users and consumer applications (represented as Application assets) who are available in
Mediator and who are also registered as consumers for the OData service in
CentraSite.
List of Global Consumers: Global consumers are those users and consumer applications (represented as Application assets) who are available in
Mediator.
Mediator provides Evaluate actions that you can include in a message flow to identify and validate clients, and then configure their parameters to suit your needs. You use these Evaluate actions to:
Identify the clients who are trying to access the OData services (through IP address or hostname).
Validate the client's credentials.
Following is the list of security actions:
Evaluate Client Certificate for SSL Connectivity:
Mediator validates the client's certificate that the client submits to the OData service in
CentraSite. The client certificate that is used to identify the client is supplied by the client to the
Mediator during the SSL handshake over the transport layer.
Evaluate Hostname:
Mediator tries to identify the client against either the Registered Consumers list (the list of registered consumers in
Mediator) or the Global Consumers list (the list of available consumers in
Mediator).
Mediator tries to validate the client's hostname against the specified list of consumers in the
Integration Server on which
Mediator is running.
Evaluate HTTP Basic Authentication:
Mediator tries to identify the client against either the Registered Consumers list (the list of registered consumers in
Mediator) or the Global Consumers list (the list of available consumers in
Mediator).
Mediator tries to validate the client's authentication credentials contained in the request's Authorization header against the specified list of consumers in the
Integration Server on which
Mediator is running.
Evaluate IP Address:
Mediator tries to identify the client against either the Registered Consumers list (the list of registered consumers in
Mediator) or the Global Consumers list (the list of available consumers in
Mediator).
Mediator tries to validate the client's IP address against the specified list of consumers in the
Integration Server on which
Mediator is running.
Traffic Management Action
Throttling Traffic Optimization: Limits the number of service invocations during a specified time interval and sends alerts to a specified destination when the performance conditions are violated. You can use this action to avoid overloading the back-end services and their infrastructure, to limit specific clients in terms of resource usage, and so on.
Service Result Cache: Enables caching of the results of the SOAP and REST service invocations. You can use this action to improve the throughput of an OData service call.