Cloud Services Gateway ( CSG)

Cloud Services Gateway or CSG for short provides a very useful feature in a cloud deployment. This component let you to expose a private service to public in a securely manner!

I am in the process of re-writing the component according to its new architecture based on the following JMS model.

Refer the diagram.

A service (S) which is behind a firewall need to expose to public. Once a user say publish service S, CSG-agent will deploy that service in JMS transport. This will create a queue Q1 on Message broker (MB, which runs out side the firewall). And also a JMS proxy(P) will be deployed in ESB. This proxy will have a JMS endpoint for Q1. The ESB and MB will be out side the firewall. The JMS connections will be secured JMS connections. MB can live as a standalone component or within ESB ( so that they'll communicate using an in-VM link). An external client will see the JMS proxy(P) and will communicate with that. That proxy in turns will communicate with the actual service S.

If the service is two-way MEP, a reply queue also created(Q2) when use say publish S. The reply queue information will be passed to the JMS proxy P so that it'll be a two way JMS proxy( will send the message to JMS destination (Q1) will read the reply from another JMS destination(Q2)). An external client will interact with the proxy P. A dashed line show the reply path in the diagram.

The secured JMS connections will use the same Carbon credentials so that we can mange secured JMS connections using the Carbon credentials.

The benefit that a user will get through this is the user only have to add the CSG server configuration at CSG agent. Qpid broker component uses the same authentication model as Carbon so a user do not need to configure separate credentials for a user.

I got the proposed JMS model to work and I am in the process of integrating CSG with the Qpid component as the JMS provider. Note that we have a Qpid component which can start with in the Carbon itself. I am planning to finish this work soon.