Tag Archives: Identity and Access Management

Enabling Microservice Architecture with Middleware

Microservices is rapidly gaining popularity among today’s enterprise architects to ensure continuous, agile delivery and flexible deployments. However many mistake microservice architecture (MSA) to be a completely new architectural pattern. What most don’t understand is that it’s an evolution of Service Oriented Architecture (SOA). It has an iterative architectural approach and development methodology for complex, service-oriented applications.

microservices

Asanka Abeysinghe, the vice president of solutions architecture at WSO2, recently wrote a white paper, which explores how you can efficiently implement MSA in a service-oriented system.

Here are some insights from the white paper.

When implementing MSA you need to create sets of services for each business unit in order to build applications that benefit their specific users. When doing so you need to consider the scope of the service rather than the actual size. You need to solve rapidly changing business requirements by decentralizing governance and your infrastructure should be automated in such a way that allows you to quickly spin up new instances based on runtime features. These are just a few of the many features of MSA, some of which are shared by SOA.

MSA combines the best practices of SOA and links them with modern application delivery and tooling (Docker and Kubernetes) and technology to carry out automation (Puppet and Chef).

In MSA you need to give importance to how you scope out a service rather than the size. The inner architecture of an MSA addresses the implementation architecture of the microservices, themselves. But to enable flexible and scalable development and deployment of microservices, you first need to focus on its outer architecture, which addresses its platform capabilities.

Enterprise middleware plays a key role in both the inner and outer architecture of MSA. Your middleware needs to have high performance functionality and support various service standards. It has to be lean and use minimum resources in your infrastructure as well as be DevOps-friendly. It should allow your system to be highly scalable and available by having an iterative architecture and being pluggable. It should also include a comprehensive data analytics solutions to ensure design for failure.

This may seem like a multitude of functionality and requirements that are just impossible to meet. But with WSO2’s complete middleware stack, which includes the WSO2 Microservices Framework for Java and WSO2 integration, API management, security and analytics platforms, you can easily build an efficient MSA for your enterprise.

MSA is no doubt the way forward. But you need to incorporate its useful features into your existing architecture without losing applications and key SOA principles that are already there. By using the correct middleware capabilities, enterprises can fully leverage the advantages provided by an MSA to enable ease of implementation and speed of time to market.

For more details download Asanka’s whitepaper here.

Everything you need to know about architecture patterns: a quick reference for Solution Architects  

The success of a solutions architect depends on the approach taken from the beginning. The role can be challenging with the need to carefully balance the organization’s business as well as technical requirements. That’s why we had a dedicated track on architecture patterns at WSO2Con Asia 2016 held earlier this year  in Colombo, Sri Lanka, to help SAs understand today’s best practices and how they can deliver value more quickly. If you missed out, here’s a recap of the patterns we discussed with the link to recordings of each talk.

Iterative Architecture: Your Path to On-Time Delivery

Agility is key for enterprises to optimize business functions, introduce new business capabilities, and explore new markets. Thus, enterprise software systems should support both evolutionary as well as revolutionary changes that will impact core business functions.

Screen Shot 2016-04-25 at 12

WSO2’s VP – Solutions Architecture, Asanka Abeysinghe, discussed the advantages of adopting an iterative approach when introducing architectural changes to support business and technical requirements. He demonstrates this with real-world examples of successful implementation of architectures in iterations. 

Breaking Down Silos with Service Oriented Architecture

Service-oriented architecture (SOA) has outrun the notion of systems silos with its use of standard protocols and specifications at integration points, which allows systems to communicate with each other in a much more flexible manner. Nadeesha Gamage, associate lead – solutions engineering at WSO2, explained the drawbacks of having a siloed architecture and how they can be avoided by moving to SOA, thereby enabling greater agility. He discussed how SOA can be broken down further to a finer-grained microservice architecture and, as a result, how an enterprise can benefit using the WSO2 suite of products. 

Event Driven Architecture: Managing Business Dynamics for Adaptive Enterprise

SOA implements a synchronous request-response model to connect remote processes in distributed system; it creates an inherent rigidity and additional dependencies when applied in modelling business processes and workflows. In contrast, event driven architecture (EDA) is based on an asynchronous message-driven communication model to propagate information throughout an enterprise, thus supporting a more natural alignment with an enterprise’s operational model and processes/workflows. In this session, Solutions Architect at WSO2, Dassana Wijesekera, analyzes key business challenges that encourage the use of EDA and discusses a pragmatic approach of designing and implementing an EDA using the WSO2 integration framework.

Moulding Your Enterprise with Resource-Oriented Architecture

An enterprise environment is typically heterogeneous, often spanning across organizational boundaries. Building such systems require tools that promote intrinsic interoperability and provide ease of integrating over boundaries. It also needs to use technology that promotes simplicity and is easy to handle. Resource-oriented architecture (ROA) supports this by focusing on entities and interactions for effective enterprise integration. Shiroshika Kulatilake, solutions architect at WSO2, explained the idea behind having a ROA in your organization, both externally and internally and also talked about how WSO2 technology can help you built your enterprise system in a resource oriented manner. 

Building Web Apps Using Web-Oriented Architecture

Web-oriented architecture (WOA) or SOA + WWW + REST  takes you several steps further by filling the blanks of SOA and helping you build an end-to-end complete web application. In addition to APIs, WOA identifies user interfaces and application states as first-class components of an architecture. Most of what we build today is actually WOA, though the abbreviation might not be that popular.

Screen Shot 2016-04-25 at 2

Lead Solutions Engineer at WSO2, Dakshitha Ratnayake, discussed the changes to WOA over the years, today’s trends, and how you can leverage WOA to build web apps. 

Reinforcing Your Enterprise With Security Architectures

WSO2’s VP – Engineering, Selvaratnam Uthaiyashankar presented an informative session on

leveraging the extensive feature set and extensible nature of the WSO2 platform to provide a robust security architecture for your enterprise. He also explained some of WSO2’s experiences with customers in building a security architecture and thereby extracting commonly used security architecture patterns.

Understanding Microservice Architecture

Today many organizations are leveraging microservice architecture (MSA), which is becoming increasingly popular because of its many potential advantages. MSA itself is divided into two areas – inner and outer architectures –  which require separate attention. Moreover, MSA requires a certain level of developer and devops experience too. Sagara Gunathunge, architect at WSO2, presented an awareness session about MSA and also discussed WSO2’s strategic initiatives in both the platform level and WSO2 MSF4J framework level. 

Deployment Patterns and Capacity Planning

Identifying the right deployment architecture is key when providing smooth operation of a production system. In the next step, it’s crucial to determine the size of the deployment by understanding the number of servers/VMs/containers necessary to support the minimum, average and possible maximum load that the system is expected to handle. Solutions Engineer at WSO, Chathura Kulasinghe, in this talk focused on how you could take a fact based approach to determine the size of your deployment. 

Pattern-Driven Enterprise Architecture: Applying Patterns in Your Architecture

It’s no secret that architectural patterns help you build beautiful enterprise architecture. High-level patterns such as SOA, ROA, EDA, MSA and WOA provide many best practices for enterprise architects who are looking to evolve their existing enterprise architecture or for those creating newer enterprise architecture strategies. Mifan Careem, director – solutions architecture at WSO2, analyzed the good, the bad and the ugly (if any) of the various architectural patterns in his talk. He discussed practical examples of the patterns in practice and also went on to build a solution architecture from scratch using WSO2 components with the help of patterns. 

Still interested in meeting the experts and discussing these topics and more? Sign up now for WSO2Con EU, which will be held in London from June 7 to 9. Be sure to grab the early bird offer before May 8.

 

WSO2Con Insights: Why West Interactive built an app-based cloud platform with WSO2

West Corporation is a spider in a web. Andrew Bird, Senior Vice President at West, speaking at WSO2Con USA 2015, described it as a 2.5-billion dollar giant situated right at the heart of America’s telecommunications. Close to a third of the world’s conference calls run through the West network. To give you some perspective, Google+ and Cisco run calls on West networks – as does the 911 call system.

Screen Shot 2016-04-18 at 10

According to Andrew (who runs product management, development and innovation there) depending on where you are in America, 60% of the time, any call you place would go through the West network.

However, networks aren’t all that West does. West has a division called West Interactive Services which builds IVR systems for customers that need complex customer interaction networks. Here’s what Andrew had to say about how West Interactive used integrated, modular WSO2 middleware to drastically speed the delivery of service and enhance these systems – for both the customers and for themselves.

The challenge: customer interaction

Screen Shot 2016-04-18 at 9
IVR systems involve providing customer interaction platforms, application design services, multi-channel communication systems, and often goes beyond building solutions for Fortune 100 companies. The services involved are often complex –  context identification, notifications, chat, call, data collection, routing, message delivery, provisioning, identity – and the ability to communicate across Web, IVR, mobile and social platforms.

To represent its work, Andrew played a demo where a customer dials into a call center from an iPhone. The automated system on the other end recognized the customer, recognizes that fact that he is on a mobile device and addresses him by name. It then proceeds to interact with the customer via text and speech – all of this without needing an app.

Context is key here: Andrew Bird – and West – believes that customers should not have to repeatedly tell systems who they are. They should not have to waste time identifying themselves, their devices and the context in which they’re calling. Systems should be able to figure out that Mr Smith is calling from such and such a location and that’s probably because of this reason. West’s systems are designed to understand this kind of context, and they’re very good at it.

The solution: a middleware platform for West

But of course, building is not enough: scaling these kinds of systems is the challenge.

At some point, West apparently realized that while they were the best at scale, running “a couple of complex event processing engines, a couple of business rules managing engines, a couple of databases” – was neither sustainable nor particularly supportable. For one customer, for instance, they were managing 43 APIs, all of which were completely different. They needed everything on common standards, able to work with each other instead of in little silos of their own.

West’s solution was to build cloud-enabled middleware platform that sits between West’s proprietary services and the applications running across different channels. West’s managed services are exposed through the platform via APIs.

This is where WSO2 came in. The WSO2 ESB serves as the SOA backbone, providing mediation and transformation between West’s different applications; WSO2 Governance Registry provides run-time SOA governance, and WSO2 Analytics platform monitors SOA metrics.

Screen Shot 2016-04-18 at 9
Other, more specific functionality is provided by the likes of WSO2 Complex Event Processor, Application Server, Data Services Server and Machine Learner. The multi-channel access services  – those that face the world – rely on WSO2 Identity Server and WSO2 API Manager, providing a way to expose APIs to internal or external applications that may integrate with the platform.

Context is everything

For West to rely on WSO2 for the backbone of their middleware platform is, for us, an indicator of the amount of faith they have in our products. West, after all, is a company that supports some of the biggest organizations in the world. They cannot afford to fail.

But perhaps the best statement was Andrew’s recollection of how much their customers trust WSO2. “I was once meeting with a customer, talking about our vision,” he says, “and they were like ‘so what are you using for an ESB?’ I said, “WSO2”. No more questions. Done. They were using the same thing as well. I needed something like that – something where if I go talk to a customer who I’m trying to take care of, I don’t need to spend my time justifying myself.”

If you’re interested in knowing more, check out Andrew’s complete keynote talk at WSO2Con USA here. For more details on the deployment, read our case study on West Interactive here.

 

WSO2 Insights: iJET builds an end-to-end microservice architecture with WSO2 middleware

For the past 10 years, iJET International has delivered intelligence-driven integrated risk management solutions by assessing an organization’s exposure to risk and threat. To empower these multinational organizations, iJET collects intelligence on a global scale, about health, natural disasters, geopolitical and civil unrest, capturing data in a manner that is machine processable to deliver response solutions.

During his session at WSO2Con USA 2015, David Clark, director of IT architecture at iJET labs, the innovation center at iJET International,  explained how the organization moved from a rigid legacy system to a microservice architecture, with an identity management solution powered by WSO2 middleware.

Satiating the demand for sensitive data security

The biggest challenge Clark was faced with when he joined iJET in 2015 was identity management. With many of iJET’s customers already having identity management solutions in place, Clark recalled the increased demand for federated Single Sign-on (SSO) across the board. Customers had a need for more security protocol options, specifically SAML 2.0 and OAuth 2.0. There was also a need to provide them with user self-provisioning through the secure use of third party systems, as well as multifactor authentication, he noted.

An additional challenge was iJET’s legacy architecture. It was not agile, not scalable, and had limited revenue opportunities. What possibly began as a clean three-tier application had over the years snowballed into a mammoth, rigid system that could not pivot with the business anymore. “What this means is we really couldn’t monetize our main asset, which is our intelligence”, Clark said. It was time to move on to a more Service Oriented approach.

Open source, open standards

WSO2 middleware was the best fit for iJET’s Service Oriented Architecture (SOA). “Being open source aligns with iJET’s values”, Clark noted. “We wanted to take ownership of the products and deploy it the way we wanted to, and WSO2 allows us to do that. Being open source, it’s extensible.”

iJET also utilized WSO2’s Quick Start Program (QSP) from the initial stages of the project. DavidClark01 “The QSP ensures that you get off on the right foot,” Clark observed. “Their engineers come in, understand what your business problem is, and ensure that you get the right architecture, and start in the right direction.”

Clark explained the implementation of the WSO2 products to the audience, starting off with federated SSO using WSO2 Identity Server. The product supported configurable authenticators for federation, and just-in-time user provisioning was added, where the incoming claims could be mapped to local schema. This worked in conjunction with the iJET customer user store manager, Clark explained, which was implemented as an OSGI bundle.

Integration of the legacy applications followed. With the iJET applications already configured to use another SSO, Clark explained the use of Apache Mellon to bridge the SAML negotiation and provide a façade between the old and new systems, generating session cookies with the same key value peers the old system was using.

Optimizing iJET’s microservices

The integration of WSO2 API Manager with WSO2 Identity Aerver, Clark continued, was carried out via an OAuth key manager and Java Web token. The core focus then shifted to optimizing iJET’s microservices. WSO2 API Manager is used to prototype, version and publish APIs provided by microservices. But most importantly, Clark observed, API Manager was used to govern the access and provide security to APIs.

A hexagonal architecture was used for the microservices, with business logic at the core.   Inbound controllers and adapters surrounding the core helped expose the REST API that the user applications would access through the API Manager. The outbound repositories helped the service to communicate with the database.

IJet-MS-Arch

Clark also explained that iJET follows a template driven development process to create microservices. Not yet at the point of using Docker containers, Clark stated that each microservice gets deployed on an Amazon EC2 instance.

Six months to successful deployment

“Six months later, we have our federated SSO working”, Clark noted. “We were able to deploy a new application built entirely on REST APIs and these are now available for our customers to consume as well.” The legacy applications too are able to authenticate with third party identity providers, with extremely satisfied iJET customers using their own solutions.

For more information on iJET’s microservice architecture use case, view Clark’s WSO2Con USA 2015 presentation.

WSO2Con Insights: Transforming the Ordnance Survey with WSO2’s Open Source Enterprise Middleware Platform

The British Ordnance Survey officially began in 1791.  Unofficially, it began some years before, when King George II commissioned a military survey of the Scottish Highlands. The work never really stopped. Today, over two hundred years later, Ordnance Survey Ltd is Great Britain’s national mapping agency: a 100% publicly owned, government-run company that’s one of the world’s largest producers of maps. They’re in the Guiness Book for the largest Minecraft map ever made – an 83-billion block behemoth that boggles map-makers around the globe.

Over the centuries, Ordnance Survey produced and sold some of the finest paper maps in the business. However they soon had a problem: people didn’t buy maps anymore. People downloaded maps. People accessed maps on a website. They just weren’t huge fans of the print and CD maps that the Ordnance Survey produced day in and day out.

The fault in our maps

Of course, the OS had to evolve. To solve the problem, they realized they had to move beyond retail and into selling data maps. The OS has a database called MasterMap, which is possibly the largest geospatial database in the world; it contains maps accurate to a single centimeter, updated some 10,000 times a day, underpinning some £100 billion worth of business activity in the UK alone. The OS wanted to make this database accessible. They needed a way to sell this data over the Internet; they wanted delivery mechanisms and a strategy.

The OS had been introducing technology to the map-making process since the 70’s, but this challenge was different. Their maps had to be supremely accessible – web pages, mobile phones, even someone on the highway looking for the next gas station, should all have to be able to access Ordnance Survey data without a fuss. They needed a system that understood context – the user on the smartphone might be using an official OS app for it; the user on the highway might be using something installed by the manufacturer or dealer who sold them the car; all of them would have to be treated and billed accordingly.

To do all this, they needed a robust API management solution that could recognize context, run the request into a system and deliver an output very, very fast.

Which is where WSO2 came in.

The wheels in motion

Initially, the OS worked with WSO2’s competition – Apigee. Apigee had a good APIM system, but they weren’t as good as the WSO2 platform in connecting to everything else. The initial QuickStart program proved WSO2 could do everything they wanted: within just two weeks, the OS had a POC system on their hands using WSO2 Complex Event Processor, WSO2 Identity Server, WSO2 API Manager and WSO2 Business Analytics Monitor, connected to Magento, which the OS was using.

WSO2’s comprehensive platform made everything significantly easier for the Ordnance Survey. Since the products integrated perfectly with each other, they no longer needed to look at many different vendors for everything they needed.

“When evaluating the vendors, we were looking for flexibility, we were looking for a willingness to get involved, to share information – to be on our side, I guess – and we were looking for a rich resource. Not a single product vendor with a range of products that would meet our needs,” said Hillary Corney, of the Ordnance Survey at WSO2Con Eu 2015.

The Ordnance Survey also liked the fact that WSO2 provided open-source without a premium price. Because Magento was also open source, and they had complete access to the code of the WSO2 solution, the OS team could very tightly integrate the two via SAML and SCIM.

“WSO2 is an open source platform, which allowed us to experiment early and learn in-depth without going through a complex procurement process, because in the government we have to go adhere to the EU tender process. And it’s a rich suite of products, which gave us confidence and allowed us to meet whatever circumstance we came up against,” added Corney. “The value add is really the speed of development; the fact that it’s open-source allows us to integrate, to customize it and bend the source code to our requirements in a way that’s not possible with straightforward off-the-shelf software. So I think that’s the biggest value for us – the flexibility.”

Ordnance – and the fact that it’s public sector – brought with it its own set of insights for WSO2 – especially in how public institutions work and the moving parts involved. As the engineers at WSO2 got used to these processes, we developed ways to get the project rolling without inflating the price, and WSO2 delivered exactly as promised. The Ordnance Survey is now working on not one, but two API delivery production environments with WSO2 software.

“The WSO2 team were embedded in our trenches, and the overall impression was that they really knew their stuff. It was one of the fastest proof of concept builds we’ve ever had; at the end of two weeks we were able to demonstrate almost everything – from start to finish.”

For further information on Ordnance Survey’s open source journey see Hillary Corney’s presentation slides at WSO2Con EU 2015.

Guest Blog: Speeding Delivery of Affordable E-Health With WSO2

The good news is that modern technology is helping us to live longer. According to the Ambient Assisted Living Joint Programme, some 25% of the population in the European Union will be over 65 by the year 2020, and the number of people aged 65 to 80 years will rise by 40% between 2010 and 2030.

The challenge before us is to ensure that as people age, we can enable them to live independently and experience the highest quality of life possible—and do so in a way that is affordable for individuals and governments. Addressing that demand has been a key priority here in the Active Independent Living (AIL) group within Barcelona Digital Technology Center (BDigital).

We have built eKauri, a non-invasive e-health and smart home platform that empowers seniors to gain autonomy, participate in modern society, and achieve independence through solutions based on information and communications technologies (ICT). It includes a patient application that provides a range of services activated by the users—for example a home media center and video conferencing—plus sensors that monitor the patient’s activities and environment. A second care center module gives caregivers and managers tools for such activities as monitoring and managing patients and handling patient alarms, among many others.

The cloud-enabled eKauri platform takes advantage of credit-card sized Raspberry Pi computers and Z-Wave wireless home automation devices within patients’ homes. It also relies on four products from the open source WSO2 Carbon enterprise middleware platform: WSO2 API Manager, WSO2 Identity Server, WSO2 Enterprise Service Bus and WSO2 Application Server. Together, these products enable eKauri to tie together data, applications and services across a range of applications, computers and Internet of Things (IoT) devices.

Notably, all WSO2 products extend from its Carbon base, so it created a seamless environment that allowed for our programmers to rapidly gain an understanding of the technology as well as accelerate our integration and product development.

Because our charter is to develop technology that commercial partners can then deliver as solutions to the market, we wanted to provide a minimally viable version that our commercial partners could start using by January 2015. By speeding our development with WSO2, we were able to complete the first minimally viable version of eKauri in October 2014, three months ahead of schedule, and we already have a built-in market and clients that want to pay for the product.

With a rapidly aging population worldwide, we need to move quickly to bring new solutions to market that enhance the health and quality of life for senior citizens. WSO2 has played an important role in helping us meet that demand with eKauri.

WSO2 recently published a case study about our use of its products with eKauri. You can read it here.

WSO2Con Insights – AlmavivA Adopts Lean Approach to Public Administration with WSO2

The Italian Ministry of Economy was looking for a complete transformation in data management by redefining and organizing its own data, so that information of millions of employees of the Italian Public Administration would be unique and certified.

The proposed system spelt the integration of two main IT systems in the Ministry; one that handles personal data, and a second that handles economic data, so that the system would have one single point of management, and serve applications regarding salaries and personal data as a self-service for the Italian public sector employees.

The Ministry approached AlmavivA Group, Italy’s number one Information and Communication Technology provider, for a solution. Guiseppe Bertone, Solution Architect at AlmavivA S.p.A. said during his session at WSO2Con 2014 EU, in Barcelona, Spain that AlmavivA designed and proposed an ad hoc master data management (MDM) solution for the Ministry, based on WSO2 products to manage the data of 2.6 million employees.

Picking the Best Product Solution

He said that there was a set criteria that AlmavivA and their client listed out prior to choosing the right products and platform for the project. Some of the critical features were interoperability with existing IT components, high modularity, optimized for performance, and most importantly, open source. Comparing pre-built product solutions available in the market, Bertone and his team made a decision to use WSO2 products for the entire solution.

“WSO2 products fit the requirement. You can enable only the components that you need, and leave the rest of it out, unlike in pre-built solutions,” he said.

He added that there were many redundant repositories within the Ministry IT systems; datasets needed to be optimized and integrated with external systems, and a migration workflow for the existing data had to be defined.

The reference architecture for the MDM solution included interface, events, security, and data quality components, as well as the repository layer, which consists of four databases; master data, metadata, historical data and reference data.

The AlmavivA project ‘Anagrafca Unica’, roughly translating to ‘Unique Repository’, was initiated in March 2012.

The WSO2 Advantage

The mapped reference architecture was a total solution platform based on a set of WSO2 products;

WSO2 Enterprise Service Bus (ESB) for interface services, the WSO2 Data Services Server (DSS) to access the repository layer and manage all life cycle services, WSO2 Identity Server (IS) as the security and identity component, WSO2 Message Broker (MB) for communication between applications, WSO2 Governance Registry (G-REG) to store configurations of all components, and the WSO2 Business Activity Monitor (BAM) to monitor services across the entire MDM solution. OracleDB is used as the repository layer.

With BAM being easily integrated to other WSO2 products, AlmavivA simply had to install only a specific BAM load inside each component, so that the statistics and real-time performance could be monitored. An additional console was added as an UI for the system’s custom procedures.

Another advantage of using WSO2 products was brought to light during the development stage; “Many aspects of WSO2 products can be simply configured from the web UI, or the developer studio for all WSO2 components. It’s really useful and easy to use,” explained Bertone.

In a covalent situation such as this, WSO2 deploys Carbon Apps. By creating a carbon app, a single file consisting of all components is created, so that once the file is deployed, the server knows which components to take, according to Bertone. “This is useful because once you have a system like this you can integrate it with an application cycle management solution already present in the customer environment, like we did,” he says. “We have now created a console where with a single click, the customer can pass from staging to production.”

AlmavivA is looking to expand Anagrafica Unica across the country to include all employees of the Italian Public Administration sector in the system, bringing the total user count to 3.5 million. Bertone and his team are also looking to serve data to external systems, such as the Ministry of Health, with more government institutions being added along the way.

For more information on AlmavivA’s development of the Master Data Management System, view the recording of Bertone’s WSO2Con EU presentation.

WSO2Con Insights – West Interactive Solves Multichannel Communications Challenge With Cloud Solution Powered by WSO2 Carbon Middleware

As the leading provider of technology-driven communication services, West Interactive has developed and managed large-scale, mission-critical transactions for clients’ communications needs for more than 25 years. However, Pranav Patel, West Interactive vice president of systems development, explained in a presentation at WSO2Con US 2013, past solutions deployed by the company weren’t flexible enough to support today’s dynamic business needs.

For West Interactive, the solution was to create West Connect, a cloud solution powered by WSO2 Carbon middleware that enables organizations to provide an improved, personalized experience for their customers.

The Multichannel Challenge

The primary business of West Interactive is to provide contact center solutions, which include cloud-based interactive voice recognition (IVR) and speech automation, mobile applications for customer care, and a hosted contact center—all based on carrier grade, scalable and reliable platform. The company now handles some 4 billion minutes of customer engagement annually.

“Today’s challenge is that there are multiple channels available,” Patel observed. “It’s no longer just a phone call or an IVR that people use to get in touch with your enterprise or customer care.  You have mobile apps, text messages, social media, email, the Web—and enterprises have to manage those and provide customer care solutions across all these channels.”

Patel then explained that, because today’s consumers demand anytime and anywhere access to data and services, across more channels of communication than ever before, it is not enough to simply provide the channels.

“These channels have to be wholly integrated,” Patel said. “The systems that provide these should be very intelligent—that’s the business challenge at hand.”

In seeking to address these business demands, West Interactive realized that the solution would rely, not on extending its existing legacy systems, but by taking advantage of a service-oriented architecture (SOA) based on modern middleware technologies.

West Connect for Modern Communications Demands

The resulting solution was West Connect, a cloud-enabled middleware platform based on a SOA, which is equipped with a set of technologies and core services that are open and flexible. It sits between the top layer of the architecture where there are applications across different channels, and the West Manage API services below, which is where the company can expose services or APIs for customers to use.

Describing West Connect, Patel noted, “The vision here is to build several services on top, as it provides for multichannel communication, multi-tenancy and services like identity management, context awareness, analytics, notifications, rules engine, and more.”

West Connect is based on several products within the cloud-enabled, fully multi-tenant and 100% open source WSO2 Carbon enterprise middleware platform. These include WSO2 Application Server, WSO2 Data Services Server, WSO2 Enterprise Service Bus (ESB), WSO2 API Manager, WSO2 Identity Server, WSO2 Governance Registry, and WSO2 Business Activity Monitor (BAM)

In describing the roles of the products, Patel explained that, “The API will need WSO2 API Manager and Identity Server for exposing the APIs out. West Connect is essentially WSO2 ESB, Governance, and BAM. A lot of the services reside on the Application Server, and when you talk to databases you use the WSO2 Data Services Server.”

The WSO2 Advantage

Patel recounted the factors behind West Interactive’s decision to work with WSO2; “We wanted something we could do a POC with, that would start out quickly and wanted a low cost of entry. The flexible, pluggable architecture made it even much better; we can choose and pick only the products we want. And a low infrastructure footprint—we can run several of these products on a VM.”

WSO2 API Manager was also a major selling point for Patel. “API Manager really gives our business the ability to go outside, not just internally, cataloging the APIs and providing the APIs with documentation as part of the API store.”

Looking ahead, West Interactive is evaluating how other WSO2 products can contribute to expanded capabilities within West Connect.

According to Patel, “We still continue to evaluate all the WSO2 products out there and we can easily see some fitting right here, business rules, complex event processing, and also how to use things like App Factory. The work continues.”

For more information about how West Interactive uses WSO2 products to power West Connect, view Patel’s WSO2Con 2013 presentation.

WSO2Con Insights – How APIs are Driving StubHub’s Business

Transforming a business to an API-centric architecture is a major undertaking, but it’s one that yields many benefits, most notably the ability to grow the business by extending processes to partners. In his keynote presentation at WSO2Con US 2013, Sastry Malladi, chief architect for StubHub, explained how the company has implemented an API-centric architecture to capitalize on this opportunity.

According to Malladi, adopting an API-centric architecture was driven by two factors. First, the company wants to expand from an online marketplace for tickets to become an end-to-destination for fans, including sharing their event experiences and getting information about things to do in event locales. Second, StubHub, which currently has a presence in three countries, plans to expand worldwide.

He observed that to achieve this goal, StubHub needed to build a developer community and enable partners to bring their content and services to the StubHub audience.

For example, Malladi noted, “If you’re at a hotel, and say you want to do something this evening to a concierge—how do we integrate those? You need to go to places where people are instead of expecting them to come to your site.”

Reusable Components Are Key to API Architecture

Before StubHub could extend APIs to partners, Malladi told attendees, the company first had to break down StubHub’s monolithic, hardwired application into shared, usable components, or services. This was necessary, he explained, because an API is an externally exposed “service,” which includes a developer program and typically has a “functional” contact as well as a “non-functional” contract, such as a service-level agreement (SLA). Moreover, the API potentially maybe orchestrated across multiple services, he said.

As part of this effort, Malladi explained, StubHub has established a domain meta model in which each domain is separate and independent and has one or more functions; each of these functions can have one or more APIs, but there is a one-to-one relationship between an API and an endpoint. Additionally, he said, the StubHub team does dependency modeling, so when someone is developing a function or API, the dependency is understood. Finally, he explained that domains are done in such a way that the entities belonging to a domain are owned by that domain, and the only way to access those entities is by going through the domain.

“Bottom line,” Malladi noted, “These APIs are giving us the business agility that we need and the operational excellence.”

API Architecture Opportunities Vs. Challenges

Malladi observed that an API-centric architecture offers several benefits for StubHub in addition to business agility:

  • Sellers have the flexibility to build their own customized solutions, and systems scale well to inventory and traffic.
  • Buyer experiences are enhanced, since it allows the developer community to extend the StubHub fan experience.
  • API brands serve to drive revenue and increase visibility.
  • Developers are encouraged to explore the APIs and see what they can accomplish with them.

However, becoming an API-centric organization presents challenges as well.

Malladi noted that while a new business could start from scratch, an established company, such as StubHub needed to balance the re-architecture with meeting other commitments to the business and customers.

A second challenge according to Malladi is that consumption patterns are not fully “baked” at the time of building an API; you won’t know fully who is going to consume them and what their patterns will be. Similarly, chargeback models and SLAs will not be clearly baked at first.

That is why it is important to build the API in such a way that it is flexible and can adapt to changes, he said. Moreover, exposing APIs to a lot of partners is not free, so architects and developers need to incorporate capacity planning and accountability into their models, he added.

At the same time, fraudsters are looking to make money off of Internet business sites. For this reason, companies need to be able to detect and prevent them from leveraging the API, and impersonating and collecting confidential data, Malladi advised.

The Role of WSO2 API Manager

For its own API architecture, StubHub is using the Store and Publisher in WSO2 API Manager, API Gateway based on WSO2 Enterprise Service Bus, and WSO2 Identity Server, Malladi said. The Publisher is where internal team members publish their APIs and manage the lifecycle of the APIs, he explained.

The Store is where an API is exposed both to the external and internal consumers, so they can create their applications. Malladi noted that the Store works the same way both internally and externally on both the website and mobile apps. He also invited attendees to visit StubHub’s implementation of the Store, the Developer Portal, at https://developer.StubHub.com.

WSO2 Identity Server manages user authentication, key management, JSON Web Token (JWT) assertion, Malladi said. Meanwhile, the WSO2 ESB-based API Gateway routes all incoming requests and works with WSO2 Identity Server to authenticate them.

Malladi noted that the combination of WSO2 API Manager and WSO2 ESB has enabled StubHub to address the need to manage APIs across Web and mobile domains. This is an important feature, since mobile is where StubHub sees the biggest growth, he explained.

Big Data Insights into APIs

To support StubHub and its expanded business model, the company is creating a big data platform to answer key questions, Malladi said. For example: How does the API manage social data and business analytics? How do StubHub APIs use these data sources, process the data, and bring it back in real time?

“It’s not just about creating an API but how it works on the backend,” Malladi observed. ““It’s so important to understand who your customer is and what they are doing.”

As Malladi then closed his session, he noted that building an API-centric architecture is a key driver for business growth, but as with any initiative there are challenges as well.

“The good news is you aren’t alone,” Malladi said. “And there are solutions.”

For more information about StubHub’s process for creating APIs, you can view Malladi’s WSO2Con US 2013 keynote address.