This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

APIGEE X JAVA Callout try to initialize satatic class

Posted on 10-03-2022 04:07 AM
yahyaoui
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I'm developing a java jar that validates SAMLResponse "signature" and "decryption".  I used "onelogin lib".

When running, I got this error message 

 

 

 

{
    "fault": {
        "faultstring": "Failed to execute JavaCallout. Could not initialize class com.onelogin.saml2.util.Util",
        "detail": {
            "errorcode": "steps.javacallout.ExecutionError"
        }
    }
}

 

 

 

On my local environment, my code is working.

For the build, i used to ways :

  • import dependencies on my shared flow next to the jar
  • add the dependecies inside the jar 

==> i got the same error message

2022-10-03 13_06_37-apigee-samlresponse [C__Users_yahyaouihi_Desktop_apigee-saml-response-proxy_apig.png2022-10-03 13_05_02-apigee-samlresponse [C__Users_yahyaouihi_Desktop_apigee-saml-response-proxy_apig.png2022-10-03 13_05_34-apigee-samlresponse [C__Users_yahyaouihi_Desktop_apigee-saml-response-proxy_apig.png

 

0 3 122
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

See this response to a different question on Friday. 

It is likely that Apigee is disallowing the onelogin JAR because of permissions errors.  You should be able to check that if you surround the logic in your execute() method with a try...catch, and then emit context variables documenting the exception. 

There are 2 possible workarounds:

  1. host that logic elsewhere, outside of the Apigee gateway - like in a CloudRun instance, that is reachable via ExternalCallout. 
  2. re-engineer the Java logic so that it does not depend on the onelogin JAR (and thus will avoid the permissions error)

Another question  - Have you tried using the ValidateSAMLAssertion policy that is builtin to Apigee?  If so, why is that policy not suitable for your purposes?

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

yahyaoui, any response?

0 Likes

Posted on --/--/---- --:-- AM
yahyaoui
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

thanks for your reply !

 the ValidateSAMLAssertion policy   covers only one use case (A signed SAML Response with a signed Assertion).

On my case, i have a signed SAML Response with an encrypted Assertion. I chose the second option (re-engineer the Java logic).

I’ll let you know when I finish the redesign of the new jar.

 

Top Solution Authors
View all