Hello everybody! I am writing this post to see if anyone has been in a similar situation and has any advice or simply has more in-depth knowledge on the subject.
I am making a rule to perform certain operations, to do this I need to import a library which has a dependency on the ‘jackson-annotations-2.15.2’ library, in Sailpoint IIQ the latest available library is jackson-annotations-2.13 (our environment is in 8.3p3).
I thought about moving the logic of this rule to a plugin so that I could import the library I need + the jackson-annotations-2.15.2, but I’m not sure if this would create problems with existing processes using the older version. From what I’ve read the environments and reference libraries between plugin and IIQ are separate but how can I verify this?
Thanks to anyone who can share something
Hi Paul, thank you for the reply, but how can I verify it? I’m really curious to figure how can I see even if the external lib I’m importing is really included
You can download Plugin from IIQ console command and verify the embedded jars and classes.
As per my opinion , you should use the same version jar across SailPoint IIQ application whether is plugin or not. Please check the method which is differ in latest version and verify that should not conflict.
Hi Singh,
I need to use some library for Azure and those library requires a more advanced version of this jackson-annotations, as I don’t know where it’s used troughout all IIQ i’d prefer not having to import another version that may lack some method or mark them as depcretaed.
Hi @Po-Matt, Yes, in SailPoint IdentityIQ, it’s safe to use a newer version of jackson-annotations (like 2.15.2) inside a plugin, even if the main IIQ system uses an older version (like 2.13). This is because plugins in IIQ use their own separate classloader. That means the plugin loads its own JAR files and doesn’t interfere with the rest of IIQ.
To make sure your plugin is using the version you included:
• Place your jackson-annotations-2.15.2.jar inside the plugin lib/ folder.
• You can even confirm it’s loaded by printing the source location of the class like this:
System.out.println(com.fasterxml.jackson.annotation.JsonProperty.class.getProtectionDomain().getCodeSource().getLocation());
Just make sure:
You don’t try to pass objects using Jackson from your plugin into core IIQ code, since they might expect the older version.
You keep the newer Jackson usage inside your plugin logic only.
This behaviour is based on how Java classloaders work and how IIQ plugins are built…
TBH SailPoint doesn’t document it directly, but this is proven in actual plugin development.