You can create the custom Rule class by extending the com.novell.nam.nidp.risk.core.rules.Rule class. This class is available with risk-core.jar file. You class must override the abstract method called 'evaluate()' in the custom class. This method should contain the business logic for the custom rule and this method should return 'true' if the rule condition is success. If not the method should return 'false'.
Class Details of com.novell.nam.nidp.risk.core.rules.Rule.
Authentication Methods |
Description |
---|---|
evaluate () |
Takes HTTPContext, LocationContext, DeviceContext, UserContext and ResponseObject as its arguments. Example of using these classes are provided in the code below. Returns True, if the rule evaluation passes. If failed, false will be returned and risk score will be considered for this rule. |
isHistoricalDataEnabled() |
Returns true if historical data is enabled for the rule |
getName() |
Returns the name of the Rule inString |
getPriority() |
Returns the priority of the rule in integer. |
isExceptionRule() |
Returns true if this rule is a Privileged Rule. |
isRuleEnabled() |
Returns true if this rule is enabled |
isNATed() |
Returns true if Nat setting is enabled for this server |
setType() |
Takes String or List as argument. This is used as part of the constructor to inform the RiskEngine to get the type of History data this Rule needs |
clearType() |
Clears the Types set so far |
getType() |
Returns the List of Types set by this Rule |
isHistoryEnabled() |
Same as isHistoricalDataEnabled() |
getBoolean() |
Takes name of the property in String as argument and returns its boolean value. These are Rule properties set as part of the configuration. |
getProperty() |
Takes name of the Property in String and returns the value that is configured for this Rule in String |
getLong() |
Takes name of the property in String as argument and returns its long value. These are Rule properties set as part of the configuration. |
getInteger() |
Takes name of the property in String as argument and returns its int value. These are Rule properties set as part of the configuration. |
getClientIP() |
Takes HTTPContext & LocationContext as arguments and returns IP of the connecting client in String |
isServerNATed() |
Same as isNATed() |
isNegateResult() |
Returns true if negate results options is enabled for the rule |
getReturnValue() |
Evaluated result is passed to it and this applies isNegateResult on it |
getRiskScore() |
Returns the risk score assigned to this rule in int |
SaveOnSuccessfulAuth() |
Return true in your custom rule class, if you want to set a cookie back to the browser. You will need to write a small piece of code to set the cookie value. Example of this will be provided in this document. |
getRequiredAttributes() |
Override this method in your class. This must return Array of String of user attributes that is required for your rule to evaluate the risk. |
Class Details of com.novell.nam.nidp.risk.context.HTTPContext
Authentication Methods |
Description |
---|---|
getM_HTTPHeaders() |
Returns the name/value map of http headers of the connecting client |
getCookieValue() |
Returns the value of the cookie in String. Takes name of the cookie as argument in String |
Class Details of com.novell.nam.nidp.risk.context.LocationContext
Authentication Methods |
Description |
---|---|
GetClientIPAddress() |
Returns the client IP from the Http Request object |
Class Details of com.novell.nam.nidp.risk.context.UserContext
Authentication Methods |
Description |
---|---|
getUserLoginTimeStamp() |
Returns the long value of Clients login time. Its same value as returned by Calendar.getInstance().getTimeInMillis() |
get() |
Returns Object for the provided name. This could be Attribute of the user that was requested using getRequiredAttributes() or could be the History Record requested through setType() of Rule class. Examples of this method will be part of Custom Rule example codes. |
User session properties that are set by a custom authentication class can be used as part of the custom risk authentication rules. HTTPContext that is passed to the rule evaluation contains this information.
With the following code snippet, you can get the previously set session values by using a custom risk rule class:
Inside evaluate method,
public boolean evaluate(HTTPContext httpContext, LocationContext lContext, DeviceContext dContext, UserContext uContext, ResponseObject rspObject){String email = (String)httpContext.getSessionContext().get("ExernalEmail");// Continue evaluation.}