wso2 app manager - product overview
TRANSCRIPT
WSO2 App Manager 1.2.0 Overview
Agenda
o Background
o The Solution
o Features
Background
Stakes @ Corporate Workspaces
4
Organizations maintain complex app portfolios to serve distinctive job functions accessible via heterogeneous devices (PCs, Laptops, Mobile Phones)
Enterprise IT with the rapid progression of apps & devices needs a unified framework to establish policies for secure delivery of the corporate product portfolio to end users with the ability analyze trends
End Users need a central location to easily access apps irrespective of app type (Web, Mobile), device & job-profile
A Solution with a Vision …
Multi-platform App-Store geared with
Enterprise-wide App Security and
comprehensive Monitoring capabilities
5
Multi-platform App-Store geared with
Enterprise-wide App Security and
comprehensive Monitoring capabilities
Inspired by Boeing and others
o A platform for airlines to access Boeing data and processes
o Part of a wider ecosystem
o To manage & share apps created by Boeing & partners, with native access control & usage reports
The Solution
Overview
8
100% Open Source, under
Apache 2 License
Policy-based Authorization
Insights into App Subscriptions &
Behaviors
Single-Sign-On (SSO) across Web
Apps Unified App Store
Central App Management
(web & mobile)
Access Control based on
Organizational User Roles
Leverages on proven components of WSO2: - Analytics Platform - App Usage Statistics - Security offering - Authentication,
Authorization, Federated Identity and SSO - Enterprise Store - App Provisioning and
Management
Within the WSO2 Platform
9
WSO2 App Manager Components
10
Pros for Enterprise IT
o Provisioning & management of Web & mobile apps
o Manage app visibility and control access to data
o Reduce support centre costs
o Provide visibility into app usage
o Regulatory compliance for segregation of duties
o Monitoring of true app usage for ROI
11
Pros for End Users
o Unified store with easy access to any type of apps increases productivity
o With SSO need not manage multiple User IDs/Passwords across multiple apps
o UX similar to known consumer app stores
12
Features
Centralized App Publishing
o Supports enterprise-owned & third-party apps o Enterprise Subscription o Documentation Support
14
App Lifecycle Management
o Create new Apps from existing versions
o Deploy multiple versions in parallel
o Deprecate versions to remove them from Store
o Retire them to un-deploy from Gateway/Store
o Keeps audit of lifecycle changes
Unified App Store
o Supports Web & mobile apps (e.g. Android, iOS)
16
Unified App Store cont.
o Supports self sign up
o Responsive with device-level app isolation
o Customizable user experience - Prevents users from downloading irrelevant apps
o Social engagement with the ability to rate and tag apps
17
Single-Sign-On
o SAML2 based authentication with Single-Sign-On o End users need not memorize multiple passwords
18
Manage App Visibility
o Manage access to apps based on job-role
o Apps can be declared o Public – Visible to all without having to log into App Store o Limited Access - Visible only to associated role
o Self subscription and enterprise subscription
o Driven by policy at publishing time
o Configurable to plug any user repository (e.g. MS Active Directory, LDAP, Database)
19
Policy Driven Access Control
o Many apps today rely on APIs
o WSO2 App Manager can act as a central OAuth server for all APIs o Manages OAuth key/secret on behalf of apps across various
providers
o Manages token (validation/expiration) on behalf of app
20
Central OAuth Server
o App perceives a single OAuth provider – Keeps only the WSO2 App Manager OAuth key/secret
21
User Authorization with JWT Tokens
o Using JSON Web Tokens (JWT) o Lightweight o Can be signed o Easy to parse and consume o Standard
o JWT Structure {token info}.{claims list}.{signature}
o Base-64 or Base64 URL Encoded
o Contents of JWT are configurable
Statistics
o By default supports a holistic view subscriptions and app usage
23
Statistics cont.
o Custom analytics can be easily accommodated
o Leverages on WSO2 Analytics Platform for batch & real-time processing
o Pluggable to third-party analytics engines (e.g. Google Analytics)
24
Workflow Management
o Provides extension point to engage custom workflows o Default sample implementation leverages WSO2 Business
Process Server, but a simple Java-based implementation or another BPM engine can also be used
o Supports redirecting to third-party entities
o Available for user self-sign up, app creation, app publishing and app subscription
Multitenancy
o Enables adhering to the organization’s existing departmental structure by creating multiple tenants
o Apps can be configured to be shared o Only within the same tenant o With a selected set of tenants o With all tenants
o Facilitates o Cost reduction via shared infrastructure and economies of
scale o Ease of deployment and release management o Scalability
26
Throttling
o Avoids unnecessary bandwidth congestion
o Safeguards against security risks (e.g. DoS attacks)
o Supports resource-level throttling based on URL-patterns
27
Product REST APIs
o Supports all product functionality o Helps to integrate with third-party applications
o Enables custom UI designs
o Publisher API - https://docs.wso2.com/display/APPM120/Publisher+APIs
o Store API - https://docs.wso2.com/display/APPM120/Store+APIs
Scalable Deployment
29
WSO2 Platform Deployment Options
o Stand-alone servers o Private clouds:
e.g. Stratos, Kubernetes o Public Clouds:
e.g. AWS o Hybrid deployments
o Dedicated hosting of any WSO2-based solutions
o WSO2 operations team is managing the deployment and keeps it running
o 99.99% uptime SLA o Any AWS region of choice o Can be VPNed to local network o Includes monitoring, backups,
patching, updates
o Shared public cloud, o Currently available for application
and API hosting (hosted API Manager and App Factory),
o Preset multitenant deployment in AWS US East run by WSO2,
o Month-to-month credit card payment
CONTACT US !