The WebServicesConnector conveniently has clientCertificate and clientKeySpec attributes for storing a client SSL certificate and key, but WebServicesClient seems to only allow basic authentication configuration. Is there a way to use WebServicesClient with cert + key, or a recommended alternative?
This is a fun one. SailPoint includes two separate sets of these utilities. They have one that’s part of the Web Services connector, locked behind the connector-classloader wall, and a public API that’s in sailpoint.connectorDependencies. The classes are identically named - ApacheHttpClient, HttpClient, WebServicesClient, etc - and have nearly identical APIs and inputs, but divergent behavior.
The bad news is that the more advanced one is inaccessible to regular code - sailpoint.connector.webservices.WebServicesClient. It doesn’t implement any interface common to the public one, so you can’t trivially use reflection to access it.
The good news is that Beanshell doesn’t care about variable types when invoking methods. If you’re writing this code in Beanshell, you can simply swap out the implementation class, loading it via reflection and the connector classloader (sailpoint.connector.ConnectorClassLoaderUtil). Just store the client in a variable of type Object and invoke the methods normally. Beanshell will happily use reflection for you.
Object client = fetchTheOtherClientClassSomehow();
client.configure(configOptions);
client.executeGet(url, ...);
It’s bad Java, but fine Beanshell.
If you’re writing this code in Java, I have a hacky present for you.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.