Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon
100% helpful (2/2)
sahajranajee
Saviynt Employee
Saviynt Employee

Short Description

Saviynt provides support to execute and invoke extensions or custom jars from various application modules. Below are a few Do's and Don'ts  that should be followed while building one

Application version

All Versions

Detailed best practice 


Do’s:

  • Leverage APIs for interacting with the Saviynt application. Please refer to the Saviynt REST API documentation on the documentation portal .
  • Package name should be like com.custom.xxxx  (Please do not use com.saviynt structure)
  • Saviynt API connection credentials to flow from config - Please no not hardcode the credentials inside the code.
  • If properties file is used to store sensitive information, then make sure the data is encrypted. And then use decryption within the jar.
  • Specifically close resources - don’t rely on garbage collection. (e.g. connection objects, file handles, etc.). Note- if not handled correctly this can lead to memory leaks.
  • If you are using any third-party jars, please check the license, security vulnerabilities associated with them carefully.
  • All user inputs must be sanitized. Do NOT accept data and directly use it in queries, scripts, etc. that can lead to any form of injection attacks. Check if the data is as per expectation and reject inputs in case of a validation failure.
  • Properly free allocated memory when error conditions occur.
  • Ensure that appropriate timeouts (for recovery or retries) are added in the code with proper messages.


Don’ts:

  • Do not build jar if similar feature is available OOTB.
  • Instead of building all the logic in jar try to reuse features available in the application, for example if as part of the custom logic you have to send email then instead of creating a function with smtp information from scratch use Saviynt's sendemail API. 
  • Do not directly connect to the Saviynt Database .
  • No logs / trace should be printed in loop
  • Avoid unnecessary initialization of objects
  • Don’t print any confidential data in the logs
  • Do not use intermediate shells to execute programs.
  • Do not disclose sensitive information in error responses, including system details, session identifiers or account information

 
General best practices to follow are :

  • Use Java standard coding practices for writing the efficient code.
  • Create and maintain a document including detailed design and test cases
  • Use appropriate exception handling techniques to gracefully handle exceptional situations
  • Optimize performance - Use efficient data structures and algorithms and minimize unnecessary operations
  • Have adequate logs added for debugging purposes.
  • Use proper naming conventions.
  • Have a proper try catch for error handling.
  • Have proper comments / Javadoc added.
  • Avoid excessive synchronization.
  • Keep Synchronized Sections Small.

Key Benefits

Optimized performance and ease of maintenance

Comments
Manu269
All-Star
All-Star

@sahajranajee many thanks for detailed information.

Few points :

1. Can we have a sample snippet that can be referred?

2. How the behaviour would change during upgrades?

3. How can we configure external logging/custom loggin for above items?

Please help with the above queries.

sahajranajee
Saviynt Employee
Saviynt Employee

@Manu269 

Hi Manu,

Please find my answers below :
1. Sample code can be referenced for the SFTP connector which was built by Saviynt Expert services here. You will find the link to download the source code in the integration guide : 
https://docs-be.saviyntcloud.com/bundle/EIC-Connectors/page/Content/Resources/Attachments/SFTPIntegr...

2. There should be no change to behavior with upgrades. Please be mindful with checking the upgrade release notes for any changes in APIs or the app layer that your custom jar might use.

3. Custom logging sample is available with the link i shared for question #1 . Please use the file directory locations (/saviynt_shared/saviynt/Import/Success) to store log files so you can view from UI. You can replace Success with either Datafiles or Fail. Please ensure that you add a log file cleanup logic in your code.

 

Version history
Last update:
‎06/23/2023 01:35 PM
Updated by:
Contributors