Some embodiments of the invention provide a system for defining, distributing and enforcing policies for authorizing API (Application Programming Interface) calls to applications executing on one or more sets of associated machines (e.g., virtual machines, containers, computers, etc.) in one or more datacenters. This system has a set of one or more servers that acts as a logically centralized resource for defining and storing policies and parameters for evaluating these policies. The server set in some embodiments also enforces these API-authorizing policies. Conjunctively, or alternatively, the server set in some embodiments distributes the defined policies and parameters to policy-enforcing local agents that execute near the applications that process the API calls. From an associated application, a local agent receives API-authorization requests to determine whether API calls received by the application are authorized. In response to such a request, the local agent uses one or more parameters associated with the API call to identify a policy stored in its local policy storage to evaluate whether the API call should be authorized. To evaluate this policy, the agent might also retrieve one or more parameters from the local policy storage.

A method and apparatus for an extensible, format-independent middleware message interpreter is disclosed in which a host machine is configured with a universal message service (UMS). The UMS communicates with local and cloud servers and destination devices. The UMS is configured with a plug-in service that can accommodate plug-in libraries of plug-in modules. The UMS receives formatted messages from the local and cloud server applications and destination devices, parses the messages, and identifies a command message type. Based on the command message type, the UMS performs actions including executing the local command on the host machine, relaying the embedded-sub-message data to the at least one destination device as indicated by the destination identification, and relaying the embedded-sub-message data to the plug-in service.

A user interface method is provided by an SDK embedded in a third party resource running on a portable device including a camera and a display. The method includes receiving an API call to display an image processing user interface and in response, displaying a first user interface comprising a list of selectable graphical items corresponding to a group of available image modification features. If user selection of a desired graphical item from the list of selectable graphical items is received, image modification features corresponding to the desired graphical item are applied to an image received from the camera, generating a modified image. A second user interface including the modified image is then displayed on the display.

A message broker customization system and method with user administered policy functions. The system uses user defined and controlled policy functions to programmatically customize the behaviors of a message broker's processing of messages and further allowing for that customization to take place on a per channel basis. This provides for greater functionality and flexibility to the users of a message system, especially when the users of the message system do not have administrative control over the message broker.

A user interface method is provided by an SDK embedded in a third party resource running on a portable device including a camera and a display. The method includes receiving an API call to display an image processing user interface and in response, displaying a first user interface comprising a list of selectable graphical items corresponding to a group of available image modification features. If user selection of a desired graphical item from the list of selectable graphical items is received, image modification features corresponding to the desired graphical item are applied to an image received from the camera, generating a modified image. A second user interface including the modified image is then displayed on the display.

A method includes creating a publisher configured to send messages over a channel having a shared memory. The method includes creating at least one subscriber configured to receive the messages over the channel by sequentially referencing memory slots of the plurality of memory slots. The method includes determining that the next sequential memory slot is currently referenced by a subscriber. The method includes delaying sending the message by the publisher based on determining that the next sequential memory slot is currently referenced by the subscriber. The method includes receiving an event trigger indicative of message reading by the subscriber. The method includes, responsive to receiving the event trigger, determining that the next sequential memory slot is not currently referenced. The method includes sending the message to the next sequential memory slot based on determining that the next sequential memory slot is not currently referenced.

A system and a method for routing a message to an application over a connection oriented session in a Kafka messaging platform environment are provided. The method includes: acquiring a plurality of partitions from the Kafka messaging platform; designating a first partition from among the plurality of partitions as a sticky partition; generating a plurality of routing keys that are configured to route to the sticky partition; receiving a subscription from a service that corresponds to a first application; transmitting, to the first application, a first routing key that identifies the subscription from among the plurality of routing keys; and receiving messages from Kafka services that are routed by the first routing key to the first application. For any particular application or set of applications, a plurality of connection oriented sessions may be used to achieve load balancing and high availability.

Methods and systems are provided for processing a stream of incoming messages sent from a specific input message source and validating each incoming message of that stream before sending them to a specific target system.

Some embodiments of the invention provide a system for defining, distributing and enforcing policies for authorizing API (Application Programming Interface) calls to applications executing on one or more sets of associated machines (e.g., virtual machines, containers, computers, etc.) in one or more datacenters. This system has a set of one or more servers that acts as a logically centralized resource for defining and storing policies and parameters for evaluating these policies. The server set in some embodiments also enforces these API-authorizing policies. Conjunctively, or alternatively, the server set in some embodiments distributes the defined policies and parameters to policy-enforcing local agents that execute near the applications that process the API calls. From an associated application, a local agent receives API-authorization requests to determine whether API calls received by the application are authorized. In response to such a request, the local agent uses one or more parameters associated with the API call to identify a policy stored in its local policy storage to evaluate whether the API call should be authorized. To evaluate this policy, the agent might also retrieve one or more parameters from the local policy storage.

Some embodiments of the invention provide a system for defining, distributing and enforcing policies for authorizing API (Application Programming Interface) calls to applications executing on one or more sets of associated machines (e.g., virtual machines, containers, computers, etc.) in one or more datacenters. This system has a set of one or more servers that acts as a logically centralized resource for defining and storing policies and parameters for evaluating these policies. The server set in some embodiments also enforces these API-authorizing policies. Conjunctively, or alternatively, the server set in some embodiments distributes the defined policies and parameters to policy-enforcing local agents that execute near the applications that process the API calls. From an associated application, a local agent receives API-authorization requests to determine whether API calls received by the application are authorized. In response to such a request, the local agent uses one or more parameters associated with the API call to identify a policy stored in its local policy storage to evaluate whether the API call should be authorized. To evaluate this policy, the agent might also retrieve one or more parameters from the local policy storage.