all Technical posts

Sentinet 4.5 has been released

The Nevatech team have just released a new version of their SOA and API Management solution, Sentinet 4.5. This release comes up with improvements, some enhancements and the most awaited OAauth 2.0 support. You can find all the details in the release notes, but here I want to have a look to the main new features in this summer release.

Notes before the Upgrade

Sentinet 4.5 is compiled with .NET 4.5.1 which is now the minimum requirement starting from this version. Sentinet 4.5 will be backwards compatible with the previous version except for .NET 4.5 driven minor incompatibilities with WIF framework (which is now part of .NET starting from .NET 4.5).

The incompatibilities will effect only any custom extensibility components developed for Sentinet that use WIF. Specifically, if you developed custom Access Rules you will have to recompile your components’ code because the interface signature changed (even though functionally everything will be the same).
For custom Access Rule the IMessageEvaluator interface changed in part of its Evaluate method signature.

//previous versions:
bool Evaluate(IClaimsPrincipal principal, ref System.ServiceModel.Channels.Message message);
//from version 4.5 onwards
bool Evaluate(ClaimsPrincipal principal, ref System.ServiceModel.Channels.Message message);

All other customizations (e.g. WCFextensibility, Handlers, Routing, Management API) are fully compatible, no adaptations are required.

OAuth 2.0

The version 4.5 introduce the OAuth support only for the passive authorization mode which means without any user agent interaction to get the authorization code/token.

The Sentinet OAuth can be setup at two sides:

  • Inbound (service side): used on the service side to validate access token provided in the request message. Two types of validation are supported, JWT (validated by checking X509 certificates, RSA and HMAC signatures) or Reference (validated by calling the token validation endpoint).
  • Outbound (client side): used on the consumers side to retrieve access token from OAuth 2.0 server and insert it into the request message to access to the backend service with the delegated authorization. Two authentication flows are supported, ResourceOwner (passing end user and client credentials) and ClientCredentials (passing only the client credentials).

OAuth

Depending on whether you need to validate the token coming from the consumer application or acquire a new token, the OAuth integration is done by configuring the new built-in WebOAuthSecurity binding (full blogpost will follow).

Process Pipeline enhancements

Sentinet 4.5 adds a set of new built-in message processing components to significantly enhance the product capability to implement runtime messages processing and messages transformations. HTTP Header, HTTP Status, Query Parameter, SOAP Header, Message Body and Context Parameter components have been added to easily access and modify all the message parts.

The most interesting one is the Context Parameter component and the way we can combine it with the other components to enables different use cases. With the context property component we can:
• Access any information contained in the message headers, content, URI and message metadata.
• Extract the value using regular expressions, templates or xpath.
• Use the context property value from other components in the processing pipeline.

_Ctx Property Creation

For example we can use a context property component to read a value from the incoming message content and assign it to a property that can be used by a decision shape in the pipeline.
The context property values are accessible from the other components using the”<{ ContextPropertyName}>” token. In the example below the ContextProperty2 is used to control the response message flow (as a part of the “if” clause) and the ContextProperty1 to set the content of the response message.

_Context Property Scenario2

Node Activity Logs

Select a node and click on the Activity Logs tab to access to the new view. This view helps the Sentinet users to understand what’s going on with the Sentinet node and enables a quick troubleshooting without connecting to the machine where the node is hosted.

If it happens that one of the service hosted in the node cannot be activated because of connection problems or firewall restrictions, a warning node status is reported in the summary tab.
The Activity logs view enables us to identify the root cause, which service version is affected by the error and to understand whether it is a general problem or a problem limited to a specific node instance.

_Activity Log SB

Conclusion

No configuration data will be lost during upgrade to the Sentinet 4.5. All the Sentinet physical and virtual services and other associated objects will be available immediately after the upgrade.

Enjoy this new release, cheers.
Massimo

 

Subscribe to our RSS feed

Hi there,
how can we help?

Got a project in mind?

Connect with us

Let's talk

Let's talk

Thanks, we'll be in touch soon!

Call us

Thanks, we've sent the link to your inbox

Invalid email address

Submit

Your download should start shortly!

Stay in Touch - Subscribe to Our Newsletter

Keep up to date with industry trends, events and the latest customer stories

Invalid email address

Submit

Great you’re on the list!