The sample application consists of a Web Service and a RESTful API both described and governed in WSRR. A DataPower® domain is configured with WSRR to be a gateway and a sample Web Client is provided to exercise the services.
The consumer of the Store service is the StoreConsumer application, which has the consumer ID of
CEO
. This consumer has two Service Level Agreements (SLAs), Gold and Silver. If a request
comes into DataPower with the consumer ID of CEO
, and a Context ID of Silver
, the
request is allowed to pass through, because the Silver SLA is in place. If the consumer ID is
CEO
, and the context ID is Gold
, the Gold SLA is matched. This SLA has a re-route
policy attached to it, so the request is re-routed to the alternate endpoint stated in the
policy.
If a request arrives with a consumer ID other than CEO
, there is no Application Version
with this consumer ID. There are therefore also no SLAs that could match, so this is a request from
an anonymous consumer. As such, any policies attached to the anonymous SLA are applied. In this
case, this causes a notification to appear in the logs. Note, the sample does not include a way to
send a request with a consumer ID that is not CEO
.
The scenario also performs authorization for the findInventory operation, which is based upon user group membership. An LDAP server is provided with the sample for mapping user credentials to the correct group.
The sample application flow diagram shows the flow of the application with each box representing a different DataPower gateway.
The RESTful service is governed in a similar way to the web service, except in how policies are used. As with the web service there are two SLAs: one for Silver customers and one for Gold customers. For the REST service, however, there are no polices attached at the SLD level (applied to all requests). Instead, there is one policy attached to each of the SLAs. The Gold SLA has a policy that rejects messages after more then 5 requests are made in 9 seconds, and Silver allows 2 requests in 90 seconds before rejecting.