Publish Internal Service
This topic describes how to publish an internal service on the gateway.
This topic describes how to publish an internal service on the
Layer7 API Gateway.
Publishing an internal service does the following:
- Adds the service to the Services and Policies list on the Policy Manager interface.
- Establishes the service's initial policy in the policy development window.
As with all Gateway-published services, you can publish multiple instances of the same internal service—simply ensure that each contains a unique resolution URI. After publication, you can view the service's WSDL code from within the service properties.
(1) You must have a role of Administrator to publish or modify an internal service. Once a service is published, the "Manage [serviceName] Service" role can be used to give users Administrator-like powers for that specific service only. For more information, see Publish Internal Service Wizard.
Choose a task to perform:
Understanding the Internal Services
An internal service is a category of published services within the
Layer7 API Gatewaythat has all associated information and WSDL information predefined. An internal service is like a standard web service that is defined in the Gateway.
Certain internal services may automatically insert assertions into your policy. These assertions can be used as a starting point for you to customize the service logic to meet your needs.
Do not confuse internal services with
internal use policies. The former are web services that require publishing, while the latter are like policy fragments that are inserted into a service policy. An internal service may or may not insert assertions into your service policy. For more information, see Internal Use Policies.
For more information on how to publish an internal service, see Publish Internal Service Wizard. These are noted below.
The following internal services are currently available:
Gateway REST Management Service
This service provides a REST API for managing the Gateway.
For information on installing the Gateway REST Management interface, refer to REST Management API.
Generic Identity Management Service
This is a generic service that provides a standardized way of authenticating users and extracting authorization information using facilities provided by the
Layer7 API Gateway.
When publishing the Generic Identity Management Service, CA Technologies recommends using the default routing URI.
For information on using the Generic Identity Management Service, see Working with the Generic Identity Management Service.
Security Token Service
This service is used to control the security tokens that have been issued or will be issued. This service requires a WSDL for publishing and it will add a default policy for low level details such as customizing various token requirements (types of tokens issued, authentication mechanisms, etc.). For example, the policy uses the Create SAML Token assertion for creating SAML Tokens with various SAML specification options (e.g., a choice of SAML AuthenticationStatement or AttributeStatement). It uses the Create Security Context Token assertion to create a Security Context Token and applies different authentication as needed.
For information on using the Security Token Service, see Working with the Security Token Service.