Layer7 API Management

 View Only

Portal Snippet for 4.x for Gateway generated Services

  • 1.  Portal Snippet for 4.x for Gateway generated Services

    Posted Nov 21, 2018 06:38 AM

    Until version and inclusive of Portal 3.5, there was a portal snippet that you had to add to your Portal published services (generated on the gateway) that would function for enforcing API plans and Account plans as well as API_KEY check.


    This snippet does not exist for Portal 4.x and the only close imitations are the Standard Templates. These though work exclusively if included in Portal-generated services, and will not work for Gateway-generated services published to the Portal.


    I have created two components: 

    1) an encapsulated assertions (encass) that allow for all the checks AND also statistics gathering for the Portal. This is the snippet itself that can be included in the service.


    2) a fragment (with another fragment included) called custom-message-completed which is to be imported in the already available custom-message-completed fragment present in the Gateway which deals with capturing routing information.



    Here is an example of a service created on the Gateway that needs Oauth2 and that is published to the Portal:


    The Snippet, when included will ask you 4 things:

    1) Tell it where to retrieve the apikey from, this can be a variable, or a hardcoded one. In the example above, as it can be observed, it is retreived after the service checks the OAUTH2 token and if that is successful, then it will use the variable generated by line 4 (${session.client_id}) to define the apikey.


    2) is the API Secret required? in some cases, that would be a requirement, but in others (like this one) it is not, so the snippet allows for that flexibility.


    3) IF condition 2 is true (API Secret IS required), then you have to specify where to retrieve it from, again, like the key, it could be hardcoded, from a parameter ( eg. ${request.http.parameter.secret}) or from any other context variable call.


    4) Authorisation type: this is truely and solely for statistics: it can be hard coded or a variable or even blank, as mentioned, it is not a breaker, and it is only for statistics.



    1) download the attached XMLs on desktop

    2) open the Policy manager and connect to a Portal-enrolled Gateway

    3) Open the encass wizard:

    [Tasks] -> [Extentions and addons] -> [Manage Encapsulated Assertions]


    4) On the wizard, click on import (on the right) and import the snippet (see highlighted)

    N.B. It will warn you that some fragments already exist and that it will use those ones, press [OK] or [Yes]  to continue



    5) You will have imported the snippet, so close all popups and go back to the Policy manager main window

    6) in the bottom left window look for the custom-message-completed fragment and click on it to appear in the main window


    7) click on 'import Policy' and import the attached custom-message in it, then save and activate it.

    As you can see, this will also import a fragment called 'end snippet - for analytics'



    That is it, 


    Components attached:

    Encass - Portal Snippet

    Fragment - custom-message-completed

    (included fragment - 'end snippet - for analytics')


    I hope it is helpful