Hi,

I am using a free organisation and I understand that it does not support Java callouts. I have noticed that if we include the jars in the resources folder and create a java callout policy for it, then deploy it into our proxy, it does deploy successfully. However, some java policies do run and some don't. Some policies, we get permission errors. I was just wondering, does anyone have any updates on what is working in the free org?

Some things that I have found

1) I have seen an article that talks about how to find out what jars are avaiable in the current environment. Dino posted a proxy that we can call to find out the available jars. See https://community.apigee.com/questions/15249/how-do-i-get-the-list-of-jar-libraries-already-ava.html

When I run it in the free org, I get the following error. Exception java.security.AccessControlException: access denied ("java.util.PropertyPermission" "*" "read,write") A pretty big sign that I shouldn't run java policies in the free org? 😉

2) I have found that the policy that has worked in the free org is a java policy that does not call a 3rd party jar. It just accesses context variables and KVM values. When I tried a java policy that signs a JWT by using a 3rd part jar, I got permission errors.

My main questions is, does anoyone know the limitations of running a java callout in the free org? eg what jars are available, what permissions do we have? Or is it not worth using a java callout in a free org because it's not supported and reliable?

Also, if I use a paidorg and I need to write a java policy that needs 3rd party jar that is not available in the Apigee org, what is the best practice to include the jar? Include it in the resources folder in the proxy? Or create a fat jar for the java policy to include the jar?

Thanks, Marlene

PS. I did see this article but since it's 2 years old, I wanted to know if there are any updates.

https://community.apigee.com/questions/10452/java-callouts-are-they-supported-on-free-version.html