VP Innovation at Axway, Co-founder at Vordel

Mark O'Neill

Subscribe to Mark O'Neill: eMailAlertsEmail Alerts
Get Mark O'Neill via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Mark O'Neill

The slides from the recent webinar with Axway and Smartbear, on the topic of API Security, are now online. It's noteworthy that while 56% of the attendees said that API Security was "very important", only 12% reported that they are doing extensive security testing of their APIs. ... (more)

API Workshops for OAuth, Mobile, REST By @Axway | @ThingsExpo [#IoT]

All Around the World - API Workshops for OAuth, Mobile, REST Here at Axway, we regularly run API Workshops worldwide which bring together API practitioners in discussion, debate, and exposure to technologies such as OAuth 2.0, API developer portal design, and identity. And when we say "worldwide", we mean worldwide. To illustrate this, my colleague Philipp Schöne has created an interactive map on CartoDB of the API Workshops over the past year, with photos of each. All that's missing is a backing track of Daft Punk's "Around the World" :) Each API Workshop has been eventful in its ow... (more)

Linking B2B with APIs | @ThingsExpo @Axway #IoT #API #InternetOfThings

Linking B2B with APIs Bill Doerrfeld at Nordic APIs has written today about how APIs are evolving the B2B landscape. This is a particularly interesting article for me, because my personal background is working for an EDI provider, where I linked EDI processes from the private network to the Internet, over 15 years ago. Vordel was founded to allow new Web Services APIs to be used for B2B. Axway, a B2B software company, acquired Vordel in 2012 to link B2B with Web APIs. This caused a domino effect, with other API Management vendors being acquired shortly afterwards. However, none of ... (more)

How To Remove WS-Security Tokens From a SOAP Message

After you've validated a UsernameToken, or checked an XML Signature, it is often good practice to then strip out the WS-Security blocks containing items like tokens and signatures, before sending them downstream to a Web Service. In some cases, you are stripping these out because you don't want the password to remain in the message. In other cases, you may know that the downstream Web Service will choke on the WS-Security block. It also makes the message smaller. The Vordel XML Gateway ships with a built-in stylesheet for stripping WS-Security blocks from SOAP messages. You can s... (more)

Signing OAuth on the Vordel XML Gateway with Java Using Signpost

XML Magazine on Ulitzer Today I was using Matthias Käppler's "Signpost" Java OAuth API. As the Signpost readme says: "Signpost is the easy and intuitive solution for signing HTTP messages on the Java platform in conformance with the OAuth Core 1.0a standard." http://github.com/kaeppler/signpost#readme As an exercise, I ran Signpost on the Vordel XML Gateway to see it insert the OAuth Authorization header into outbound messages. Getting Signpost up and running on the Vordel XML Gateway is simple. Firstly, download the jar files for Signpost and put them into the "/ext/lib" director... (more)