Version 9.5 SP1
 —  Virtualizing APIs Using the CentraSite Business UI  —

Virtualizing an API

This CentraSite release provides a Release Preview of the API Virtualization Feature. The feature described in this section is for evaluation purposes only. It is not yet an official feature of the product and should not be used for production work.

CentraSite provides a wizard for virtualizing and publishing APIs.

Within CentraSite Business UI, the endpoints for an API are shown in the Provider Overview profile of the API.

In this profile, a native endpoint is represented by the Binding; while a virtual endpoint is represented as an Alias that identifies a specific Access URI (i.e., address where the virtual API is published).

The following example shows the Provider Overview profile for an API with the native and virtual endpoints. Note that the Access URI provides the exact address of each endpoint.

The content is organized in the following topics:


General

When virtualizing an API, keep the following points in mind:

Top of page

Virtualize an API

To virtualize an API in CentraSite, you perform the following high-level steps:

Creating a New Virtual Alias

Use the following procedure to create a new virtual alias (API) for the native API.

Start of instruction setTo create a virtual alias

  1. In CentraSite Business UI, display the details page for the API that you want to create a virtual copy. For procedures, see the section Viewing Details of an API.

  2. On the API details page, click Virtualize (graphics/virtualize.png) to open the Virtualize < > wizard.

  3. In panel 1 of the Virtualize < > wizard, complete the following fields:

    In this field... Do the following...
    Create a new virtual alias

    Enter a name for the virtual alias.

    The name you assign to the virtual alias can contain any character, including spaces.

    By default, CentraSite derives the virtual alias name from the display name that you specify for the native API.

    If an alias with the same name already exists, CentraSite issues a warning message.

    Reconfigure an existing virtual alias

    Alternatively, you use this option to redefine an existing virtual API and adapt it to your requirements.

    Endpoint of < > to be virtualized

    For a SOAP-based API. You will see a list of available endpoints for the native API.

    Select the native endpoint that you want to virtualize by choosing its radio button.

    Resource of < > to be virtualized

    For an XML/REST-based API. You will see a list of available resources for the native API.

    Select the native resource that you want to virtualize by choosing its radio button.

  4. When the Next button is enabled, click it.

    Note:
    If you have not specified the virtual alias, the Next button remains disabled.

  5. In panel 2, define policy enforcement for the virtual API. If you need procedures for this step, see Defining Policy Enforcement Rules for a Virtual API.

  6. In panel 3, specify in which of the targets you want to publish the virtual API. If you need procedures for this step, see Publishing a Virtual Alias.

  7. Click Virtualize to create the new virtual copy of native API.

Defining Policy Enforcement Rules for a Virtual Alias

Use the following steps to complete panel 2 in the Virtualize < > wizard. You use this panel to define the set of policy actions and processing steps for the virtual API.

Start of instruction setTo define policy enforcement rules for a virtual alias

  1. Go to panel 2 in the Virtualize < > wizard. If you need procedures for this step, see Creating a New Virtual Alias.

  2. To define the policy enforcement rules for the virtual API, you have one of the following options:

  3. If you choose to create a new definition of the policy enforcement rule, do the following:

    1. Inspect the accordions in the Policy Actions area.

      You can view a tooltip text for any accordion by moving the cursor to the accordion name. The tooltip text gives a summary of the accordion’s purpose.

      The following table identifies the accordions and the runtime actions that each accordion supports.

      Accordion Runtime Action
      Request Handling
      • Request HTTP Protocol

      • Request Transformation

      • Invoke webMethods IS Service

      Policy Enforcement
      • Logging / Monitoring

        • Log Invocations

        • Monitor Service Level Agreement

      • Routing

        • Endpoint Properties

        • Set Headers

        • Set HTTP Authorization

        • Straight Through Routing

      • Security

        • Allow Anonymous Usage

        • Evaluate Hostname

        • Evaluate HTTP Basic Authentication

        • Evaluate IP Address

        • For SOAP APIs. Evaluate WSS Username Token

        • For SOAP APIs. Evaluate X.509 Certificate

        • Evaluate XPath Address

        • Require SSL

      • Validation

        • Validate Schema

      Response Handling
      • Response Transformation

      • Invoke webMethods IS Service

      Error Handling
      • Custom SOAP Response Message

      For more details on the actions that CentraSite provides for runtime governance of an API, see Run-Time Actions Reference for Virtualized APIs in the document Built-In Run-Time Actions Reference for Virtualized APIs.

    2. Expand an accordion node whose action you want to add for the enforcement.

    3. From the accordion, drag and drop an action onto the Message Flow area.

      The Message Flow area has the following policy enforcement workflow components:

      • Receive - This component enables you to specify the actions used for request processing. For example, the Require HTTP Protocol action to configure the format of requests that the virtual API will accept.

      • Enforce - This component enables you to specify the actions used for enforcement. For example, these include actions to monitor the API usage, log the usage per consumer, and validate the request and response messages.

      • Routing - This component enables you to specify the actions used for enforcement. For example, these include actions to configure the endpoints and route the requests to native APIs.

      • Response - This component enables you to specify the actions used for response processing. For example, an action to remove sensitive attributes that may have been added to a request by a consumer as a result of security operations against request elements.

    4. When you drag and drop an action in to the Message Flow area, CentraSite automatically places the action in the corresponding workflow component. Not all components support the full set of actions. Some actions happen only with certain components. For example, an Evaluate action occurs only on the Enforce component; while a Routing action occurs only on the Routing component.

      You can view a tooltip text for any action by moving the cursor to the action name. The tooltip text gives a summary of the action’s purpose. The tooltip text shown is the content of the action’s Description field, as defined for the action in the CentraSite registry.

    5. Repeat steps a to d until you obtain a list that contains the actions that you want to add to Message Flow area.

      CentraSite executes the actions in a predefined order. For details, see Action Evaluation Order and Dependencies for Virtual APIs in the document Built-In Run-Time Actions Reference for Virtual APIs.

  4. Specify parameter values for each of the actions by clicking graphics/icon_settings_bold.png on the right side of the action name.

  5. Remove an action from the Message Flow area by clicking graphics/icon_delete.png.

  6. If you want to save the new policy enforcement rule, so that you can reuse the same enforcement rule again at a later stage, in the Save as Blueprint text box specify a name for the new policy enforcement rule and click Save (graphics/action_save.gif).

  7. When the Next button is enabled, click it.

    Note:
    If you have not specified all of the mandatory parameters for the actions, the Next button remains disabled.

  8. In panel 3, specify in which of the targets you want to publish the virtual API. If you need procedures for this step, see Publishing the Virtual Alias.

    Or:
    Else, click Virtualize to create the new virtual copy of native API.

Publishing a Virtual Alias

Use the following steps to complete panel 3 in the Virtualize < > wizard. You use this panel to simply virtualize the API or to define the targets and publish the virtual API.

Start of instruction setTo publish a virtual alias

  1. Go to panel 3 in the Virtualize < > wizard. If you need procedures for this step, see Creating a New Virtual Alias.

  2. You can choose to perform one of the following operations on the API:

  3. If you choose to publish your virtual API, do the following:

    1. From the Available Targets list, choose the targets in which you want CentraSite to publish the virtual API. Keep the following points in mind when you select the targets for publishing the virtual API:

      • The Available Targets shows a list of targets that are available for you.

      • You can select multiple targets for publishing the virtual API.

      • If necessary, you can click Previous to return to the panel 2 in the Virtualize < > wizard and change your definition.

    2. In the Advanced Settings node, select the Expose to Consumers checkbox. Doing this will allow unauthorized consumers (guests) to search and access the API.

      The Expose to Consumers checkbox is visible only to those users who have "Full" permission on the particular API.

    3. When the Publish button is enabled, click it.

      Note:
      If you have not specified a target, the Publish button remains disabled.

  4. If you choose to simply virtualize the API, do the following:

    1. In the Advanced Settings node, select the Expose to Consumers checkbox to allow unauthorized consumers (guests) search and access the API.

    2. Click the Virtualize button.

Top of page