The following diagram depicts the collaboration of the main components of WSO2 Application Manager with an easily-integrable monitoring component, which is used to visualize the usage and statistics data of App Manager.
The WSO2 App Manager architecture comprises of the following main components:
Provides an end-user a collaborative web interface for web application providers to publish Apps, share documentation and gather feedback on the quality and usage of Apps. The App Publisher is powered by Jaggery, WSO2 Governance Registry and WSO2 Identity Server.
For more information on App Publisher and its functionality, see the App Publisher Guide.
Provides an end-user a collaborative web interface for end users of web applications to self-register, discover Apps, subscribe to Apps and evaluate them. The App Store is powered by Jaggery, WSO2 Governance Registry and WSO2 Identity Server products.
For more information on the App Store and its functionality, see the App Store Guide.
Web App Gateway
A runtime, back-end component developed using the WSO2 ESB, which is proven for its performance capability. The Web App Gateway secures, protects, manages and scales App calls. The App Gateway is a simple App proxy that intercepts App requests and applies policies such as throttling and security checks. It is also instrumental in gathering App usage statistics. A set of handlers are used for security validation and throttling purposes in the App Gateway. Upon validation, it passes web service calls to the actual back-end.
The App Gateway is accessible through the URL:
https://localhost:9443/carbon, once the App Manager server is up and running.
Although the App Gateway contains ESB features, it is recommended not to use it for ESB-specific tasks and to use it only for the Gateway functionality related to App invocations. For example, if you want to call external services like SAP, use a separate ESB cluster.
When an App is published, a file with its synapse configuration is created in the Web App Gateway. The synapse configuration of each App has a set of handlers. Each of these handlers is executed on the Apps in the order in which they appear in the configuration.
You can find a set of default handlers in any App Synapse definition as shown below:
The functionality of each handler will be as follows:
ReverseProxyHandler: This adds the existing cookies of the Apps to the new context, as end users will be accessing a proxy of the Apps through the App Manger.
SAML2AuthenticationHandler: Validates the SAML2 token used to invoke the App. To extend the default authentication handler, see Writing Custom Authentication Handlers.
Handles resource level authorization using XAML policies so that Apps can be enabled for specific end users.
APIThrottleHandler: Throttles requests based on the throttling policy specified by the
policyKeyproperty. Throttling is applied at the subscription level.
APPMgtUsageHandler: Publishes events to BAM and Google Analytics for collection and analysis of statistics. This handler only comes into effect if . For more information, see Publishing App Manager Runtime Statistics and Integrating with Google Analytics.
You can integrate a monitoring component to the App Manager without any additional configuration effort. It will be used to visualize the usage and statistics data of App Manager. This monitoring component integrates with WSO2 Business Activity Monitor, which can be deployed separately to analyze events generated by the App manager. For more information, see Publishing App Manager Runtime Statistics.
App Manager uses WSO2 Identity Server as the Identity Provider. WSO2 IS is bundled and shipped with the product pack. Optionally, you can integrate an external WSO2 IS server instance as the Identity Provider for App Manager.