Skip to content

NickNiu/service-proxy

BranchesTags

Repository files navigation

Membrane Service Proxy

GitHub release Hex.pm

Reverse HTTP proxy framework written in Java, that can be used

  • as an API Gateway
  • for HTTP based integration
  • as a security proxy
  • as a WebSockets and STOMP router

To get started, follow the REST and SOAP tutorials or have a look at the examples or the FAQ.

Get Started

Download the binary.

Unpack.

Start service-proxy.sh or service-proxy.bat.

Have a look at the main configuration file conf/proxies.xml. Changes to this file are instantly deployed.

Run the samples in the examples directory or go to the website for more documentation.

Samples

REST

Hosting virtual REST services is easy:

<serviceProxy port="80">
    <path>/restnames/</path>
    <target host="www.thomas-bayer.com" />
</serviceProxy>

SOAP

SOAP proxies configure themselves by analysing WSDL:

<soapProxy wsdl="http://thomas-bayer.com/axis2/services/BLZService?wsdl">
</soapProxy>

Add features like logging or XML Schema validation against a WSDL document:

<soapProxy wsdl="http://thomas-bayer.com/axis2/services/BLZService?wsdl">
	<validator />
	<log />
</soapProxy>

Monitoring and manipulation

Dynamically manipulate and monitor messages with Groovy and JavaScript (Nashorn):

<serviceProxy port="2000">
  	<groovy>
    	exc.request.header.add("X-Groovy", "Hello from Groovy")
    	CONTINUE
  	</groovy>
	<target host="membrane-soa.org" port="80" />
</serviceProxy>
<serviceProxy port="2000">
  	<javascript>
    	exc.getRequest().getHeader().add("X-Javascript", "Hello from JavaScript");
   		CONTINUE;
  	</javascript>
	<target host="membrane-soa.org" port="80" />
</serviceProxy>

Route and intercept WebSocket traffic:

<serviceProxy port="2000">
        <webSocket url="http://my.websocket.server:1234">
            <wsLog/>
        </webSocket>
    <target port="8080" host="localhost"/>
</serviceProxy>

(Find an example on membrane-soa.org)

Limit the number of requests in a given time frame:

<serviceProxy port="2000">
    <rateLimiter requestLimit="3" requestLimitDuration="PT30S"/>
    <target host="www.google.de" port="80" />
</serviceProxy>

Rewrite URLs:

<serviceProxy port="2000">
    <rewriter>
    	<map from="^/goodlookingpath/(.*)" to="/backendpath/$1" />
    </rewriter>
    <target host="my.backend.server" port="80" />
</serviceProxy>

Monitor HTTP traffic:

<serviceProxy port="2000">
    <log/>
    <target host="membrane-soa.org" port="80" />
</serviceProxy>

Security

Use the widely adopted OAuth2/OpenID Framework to secure endpoints:

<serviceProxy name="Resource Service" port="2001">
    <oauth2Resource>
        <membrane src="https://accounts.google.com" clientId="INSERT_CLIENT_ID" clientSecret="INSERT_CLIENT_SECRET" scope="email profile" subject="sub"/>
    </oauth2Resource>    
    <groovy>
        def oauth2 = exc.properties.oauth2
        exc.request.header.setValue('X-EMAIL',oauth2.userinfo.email)
        CONTINUE
    </groovy>
    <target host="thomas-bayer.com" port="80"/>
</serviceProxy>

(Find an example on membrane-soa.org)

Operate your own OAuth2/OpenID AuthorizationServer/Identity Provider:

<serviceProxy name="Authorization Server" port="2000">
    <oauth2authserver location="logindialog" issuer="http://localhost:2000" consentFile="consentFile.json">
        <staticUserDataProvider>
        	<user username="john" password="password" email="[email protected]" />
        </staticUserDataProvider>
        	<staticClientList>
        <client clientId="abc" clientSecret="def" callbackUrl="http://localhost:2001/oauth2callback" />
        </staticClientList>
    	<bearerToken/>
        <claims value="aud email iss sub username">
        	<scope id="username" claims="username"/>
        	<scope id="profile" claims="username email password"/>
        </claims>
    </oauth2authserver>
</serviceProxy>

(Find an example on membrane-soa.org)

Secure an endpoint with basic authentication:

<serviceProxy port="2000">
    <basicAuthentication>
        <user name="bob" password="secret" />
    </basicAuthentication>
    <target host="www.thomas-bayer.com" port="80" />
</serviceProxy>

Route to SSL/TLS secured endpoints:

<serviceProxy port="8080">
	<target host="www.predic8.de" port="443">
		<ssl/>
	</target>
</serviceProxy>

Secure endpoints with SSL/TLS:

<serviceProxy port="443">
	<ssl>
		<keystore location="membrane.jks" password="secret" keyPassword="secret" />
		<truststore location="membrane.jks" password="secret" />
	</ssl>
	<target host="www.predic8.de" />
</serviceProxy>

Limit the number of incoming requests:

<serviceProxy port="2000">
    <rateLimiter requestLimit="3" requestLimitDuration="PT30S"/>
    <target host="www.predic8.de" port="80" />
</serviceProxy>

Clustering

Distribute your workload to multiple nodes:

<serviceProxy name="Balancer" port="8080">
    <balancer name="balancer">
        <clusters>
            <cluster name="Default">
                <node host="my.backend.service-1" port="4000"/>
                <node host="my.backend.service-2" port="4000"/>
                <node host="my.backend.service-3" port="4000"/>
            </cluster>
        </clusters>
    </balancer>
</serviceProxy>

About

API gateway for REST and SOAP written in Java.

www.membrane-soa.org/service-proxy/

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

44 tags

Packages

No packages published

Languages

  • Java 91.2%
  • JavaScript 2.6%
  • Shell 1.5%
  • XSLT 1.5%
  • Batchfile 1.3%
  • CSS 1.3%
  • Other 0.6%