Exposing a Simple REST API Using WSO2 API Manager

WSO2 API Manager is a powerful API management tool which can be used as a gateway for your APIs through which they can be exposed to outside. APIM can be used to control access to your APIs, control throttling and to analyse API invocation statistics. This article will elaborate on publishing a simple REST API using APIM then expose certain HTTP methods and invoke them using cURL/Postman. We will be using WSO2 Application Server to host the HTTP service.

Writing a simple JAX-RS Service

Create a new JAX-RS project and add the following code. Build it using “mvn install” command.

Compile the module with “mvn install” and find the HTTPService.war file inside the “target” directory.

Deploying the HTTP Service Using WSO2 Application Server

WSO2 application server is also a free and opensource webapp container which can be used to deploy REST/SOAP web services in a very efficient manner and monitor their invocation statistics. You can download the application server here. Once you have downloaded the product extract the zip archive and run it by executing “sh wso2server.sh” inside the bin directory. (If you are using windows, execute the wso2server.bat file)

The product will start on port 9443 on localhost by default (It will display the URL on the command line after the product is fully loaded) and you should be able to move to the admin console by directing your browser to https://localhost:9443. You can login to the admin console by using “admin” and “admin” as username and the password.

Click on the Application > Add > Web Application from the left side pane and upload the HTTPService.war file. Then move to the applications list and click on go to service link on HTTPService from the table.

This will show up a 404 error. Add “rest/httpservice/get” to the end of the url and refresh the page. It’ll return you a message like “Hello get”.

You can also try invoking POST and DELETE methods too using following cURL commands or Postman.

This should return a 200, Successful message. If you check the application server command line, you will see the received payload is printed there.

Create a new API with WSO2 APIM

Download and extract WSO2 APIM. Same as the AS, you can run the product by running the sh wso2server.sh or equivalent .bat file. Since AS is already running on port 9443, default port of APIM needs to be offset. You can do it by executing it follows.

sh wso2server.sh -DportOffset=3

This will run the APIM on port 9446.

Go to https://localhost:9446/publisher/ and login as admin. Then click on “Add new API” and select the option “Design new API”.

Enter name, context and a version for the API. Then for the URL patterns, enter the variable components of the backend endpoints with particular methods. i.e.:Enter /get as the URL pattern and select GET from the options below. Then click Add.

Once all three methods are entered click Next:Implement.

Select Managed API option from the implement page. Select HTTP/REST endpoint option from the endpoint type dropdown box.

Then, enter the static part of our HTTP service hosted on AS on sandbox URL and production URL text boxes. 

Then click on Next:Manage. On the manage screen, select a tier and click Save & Publish.

Then move to the Store by clicking on the popup or on https://localhost:9446/store.

Login using the same admin/admin combination and select the API we just published under API section. Click on subscribe button on the right hand side of the window with the default application. This will enable you to invoke the API through an application, (In this case via default application)

Then click on the application from the main menu and select the default application. Select the “Production Keys” option from the sub menu and click on generate keys. This will generate OAuth consumer key/secret pair and an access token (bearer authentication) to invoke the service through the application gateway.

To invoke the application via cURL, you need to set a header called “Authorization” and set the value of it to “Bearer ACCESS_TOKEN_VALUE”.

You can use following cURL commands to send requests through the application gateway.

Now this should give the same 200, Successful message as we have coded in all the methods and show the payload on the AS backend.


One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.