Developers using the API Platform Cloud Service often make use of the built-in policies that comes with the platform; to implement any logic that needs to be executed before delivering the actual message to the backend service. One common policy used is the Groovy policy, which allows API developers to write Groovy scripts that can be executed either within the request or the response pipeline. These scripts can be used to inspect and even modify the message content (payload, queries, headers) therefore a very powerful tool to have at their disposal.
Because Groovy is a programming language, there are no boundaries of what can be implemented other than what is supported by its specification. Moreover; Groovy will accept any code that is valid in Java, bringing even more powerfulness to your APIs. However, this power comes with a high price to be paid.
The biggest challenge with the Groovy policy is that you have no way to verify if the code written is correct until it is deployed into the gateways. During deployment; the Groovy script will be transformed into a Java class that uses the code written as part of its implementation. If something in the script is wrong, there will be compilation errors that will cause the deployment of the API to fail, as shown in Figure 1.
This whole situation can be quite frustrating if complex Groovy code is being used or if one API accesses multiple instances of the Groovy policy, each one carrying different scripts. Hours can be spent trying to troubleshoot the root-cause of the deployment issue, which is a situation that the Oracle A-Team has been experiencing quite often with different customers. Thus, this blog will discuss the most important details about the Groovy policy, its common pitfalls and which situations must be avoided to ensure a smooth API deployment.
Given the simplicity of the Groovy policy UI, you may be thinking that its internal implementation is also quite simplistic. After all, how complex should be getting a script that contains Groovy code and executing it in a JVM right? the truth is that it is way more complex than what may appear, and properly understanding what happens under-the-hood may give you a better perspective about what to expect from this policy. Read the complete article here.
For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.