API Gateway (OAG) : Concept & marriage with SOA & Mobile by Sudipto Desmukh
August 9, 2015 2 Comments
Oracle API Gateway is a standards-based, policy-driven, standalone software security solution that provides first line of defense in Service-Oriented Architecture (SOA) environments.
It enables organizations to securely and rapidly adopt Cloud, Mobile and SOA Services by bridging the gaps and managing the interactions between all relevant systems.
Oracle Web Services Manager(OWSM) is generally used for application security of a particular service,most customers have any use cases around DMZ or Perimeter Security for Web Services. This product serves as a part of the enterprise security solution.
This would be typically for customers needing access to web services from the internet, similar to how we access a web application. OAG can do a lot of validations
and route the requests only once those checks have passed. This may also be a typical use case for Mobile Applications which use REST Web Services at the backend.
I have seen a strong value in this security product for all SOA and Mobile projects.
Here’s a high-level request flow :
There are many advantages that OAG can provide :
– Authentication, Authorization (Leverages existing LDAP like AD ; existing IDM platforms for this – RSA AM, CA Site Minder, Oracle Access Mgr) Read the complete article here.
For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.
Blog 
Twitter 
LinkedIn ![image[7][2][2][2]](https://paascommunity.com/wp-content/uploads/2013/04/image7222.png?w=20&h=20 "image[7][2][2][2]"){kind=small}
Facebook ![clip_image002[8][4][2][2][2]](https://paascommunity.com/wp-content/uploads/2013/04/clip_image00284222.jpg?w=26&h=23 "clip_image002[8][4][2][2][2]"){kind=small}
Wiki
About Jürgen Kress
PaaS Community Blog 
Hi,
Its valuable post and i have an issue with OAG, if possible could you please help me in solving the below issue.
– OSB proxy used to check for the balance and fund transfer.
– Whenever we try testing the service, OSB proxy will send request to OAG to get the Authorization token.
– OSB successfully sends request and OAG fetching the token from STS but while sending response from OAG to OSB is failing.
– We are working in cluster environment, and this request and response is working fine in OSB1 of production and both servers in UAT environment, and the issue lies only in OSB2 of production environment.
– And nothing working in PROD backup environment, means, in both OSB1 and OSB2.
– It’s the same configuration and project that we have imported/migrated from UAT to Production and in PROD backup.
Error log from OAG:
“ErrorCode” : “Unexpected error”,
“ErrorDescription” : “An unexpected error occoured with error id 9b8bfbb4-2948-49df-9b72-ae5b96b602ad. Please contact support”,
Error log from OSB:
OSB-382568
OSB JavaScript action failed: TypeError: undefined is not an xml object. (<OSB JavaScript expression>#7)
PreTransferValidation Node
request-a004b01.N30efd8d4.0.15bf910c212.N6d90
TokenValidation
request-pipeline
Please create an support request https://support.oracle.com/