search cancel

Inclusion of libraries (jar) when creating a new custom assertion


Article ID: 102464


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


We are building some new custom assertions, and I am not sure about libs (jar) proper usage. 

We are building some new custom assertions, and I am not sure about libs (jar) proper usage. I have 2 questions:

1) can the jars included in my custom assertion affect overall gateway behavior / runtime? Or the classes in these jars are only visible by this custom assertion? In the case my jars are visible by the gateway libs, what is allowed / non allowed for me to include as jar?

2) is it allowed for my custom assertion to access classes located inside the core gateway libraries? For example the gateway uses Apache Commons Text jar library, can I also use these utilities? Or I have to include my own jar inside my custom assertion?


APIM Gateway 9.2


The answer to your question is in the readme.txt file in the file : 

I must admit for the custom assertion I built. I actually used the .jar files distributed with the gateway (I added class path entry so that it included the .jar files in the gatweway lib directory) . 

But the readme.txt gives a different process for adding dependant .jar files, so that the classloader is different and the dependant .jar files are unrelated to those in the gateway. 

Here is the extract from the readme.txt 

Installation of a Custom Assertion on a SecureSpan Gateway 

A Custom Assertion should be package into a jar library. Building the traffic 
logger code will produce such a jar. This jar should contain the source code 
of the Custom Assertion as well as a providing 
details on the Custom Assertion included in the jar. Look at the sample's 
version of this file for reference on the format to use. Once this jar is 
built, you can install the Custom Assertion following these steps: 
1. stop the SecureSpan Gateway (service ssg stop) 
2. place the custom assertion jar in /opt/SecureSpan/Gateway/runtime/modules/lib 
(make sure owner and permissions are ok) 
3. in the case of the sample provided you must add the file in /opt/SecureSpan/Gateway/node/default/etc/conf 
4. place any libraries that are needed by the Custom Assertion (for example, .so files or .dll files) in /opt/SecureSpan/Gateway/runtime/lib 
5. restart the SecureSpan Gateway (service ssg start) 

Modular Packaging and Installation of a Custom Assertion 

It is also possible to package a Custom Assertion with a set accompanying libraries. In 
order to minimize conflicts with the SecureSpan Gateway, these modular Custom Assertion 
have their dedicated class loader. 

Modular Custom Assertions are packaged in one jar file. This jar file is structured as such: 
1. classes in the root of the jar (same as normal jar) 
2. a lib directory in the root of the jar includes other jars that the code requires 
3. a file also in the root of the jar 

To install such a custom assertion in a SecureSpan Gateway, drop this jar into