Hi Team,
I'm looking to access an authentication service policy from an Access Policy using the AuthSvcClient "executeInAccessPolicy" method as described here:
https://www.ibm.com/docs/en/sva/10.0.4?topic=authentication-execute-service-policies-in-info-mapHowever, I'm receiving the errors:
- If I attempt to import the Class: Caused by: org.mozilla.javascript.EvaluatorException: Function importClass must be called with a class; had "[JavaPackage com.tivoli.am.fim.authsvc.local.client.AuthSvcClient] instead."
- If I attempt to call the Class directly: Caused by: org.mozilla.javascript.EcmaError: TypeError: Cannot call property executeInAccessPolicy in object [JavaPackage com.tivoli.am.fim.authsvc.local.client.AuthSvcClient]. It is not a function, it is "object".
It appears that the AuthSvcClient Class has not been whitelisted for Access Policies as per here:
https://www.ibm.com/docs/en/sva/10.0.4?topic=rules-javascript-whitelistThe sample snippet I'm using within an Access Policy script is (noting that the sample includes both import of Class and calling the Class directly):
importClass(Packages.com.tivoli.am.fim.authsvc.local.client.AuthSvcClient);
//...
var jsonRequest = {
"PolicyId": "urn:ibm:security:authentication:asf:testing",
"operation":"verify"
};
var response = com.tivoli.am.fim.authsvc.local.client.AuthSvcClient.executeInAccessPolicy(context, JSON.stringify(jsonRequest), com.tivoli.am.fim.authsvc.local.client.AuthSvcClient.getSimpleSTSUU("testuser"));
IDMappingExtUtils.traceString("AuthSvcClient JSON response: " + response);
//...
So, my questions are:
1) have I misunderstood the intent of this feature?
2) if not, is my snippet incorrect?
Thanks!
------------------------------
Andrew
------------------------------