5.3 Creating a Custom Rule Class

You can create the custom Rule class by extending the com.novell.nam.nidp.risk.core.rules.Rule class. This class is available with risk-core.jar file. You class must override the abstract method called 'evaluate()' in the custom class. This method should contain the business logic for the custom rule and this method should return 'true' if the rule condition is success. If not the method should return 'false'.

Class Details of com.novell.nam.nidp.risk.core.rules.Rule.

Authentication Methods

Description

evaluate ()

Takes HTTPContext, LocationContext, DeviceContext, UserContext and ResponseObject as its arguments. Example of using these classes are provided in the code below.

Returns True, if the rule evaluation passes. If failed, false will be returned and risk score will be considered for this rule.

isHistoricalDataEnabled()

Returns true if historical data is enabled for the rule

getName()

Returns the name of the Rule inString

getPriority()

Returns the priority of the rule in integer.

isExceptionRule()

Returns true if this rule is a Privileged Rule.

isRuleEnabled()

Returns true if this rule is enabled

isNATed()

Returns true if Nat setting is enabled for this server

setType()

Takes String or List as argument. This is used as part of the constructor to inform the RiskEngine to get the type of History data this Rule needs

clearType()

Clears the Types set so far

getType()

Returns the List of Types set by this Rule

isHistoryEnabled()

Same as isHistoricalDataEnabled()

getBoolean()

Takes name of the property in String as argument and returns its boolean value. These are Rule properties set as part of the configuration.

getProperty()

Takes name of the Property in String and returns the value that is configured for this Rule in String

getLong()

Takes name of the property in String as argument and returns its long value. These are Rule properties set as part of the configuration.

getInteger()

Takes name of the property in String as argument and returns its int value. These are Rule properties set as part of the configuration.

getClientIP()

Takes HTTPContext & LocationContext as arguments and returns IP of the connecting client in String

isServerNATed()

Same as isNATed()

isNegateResult()

Returns true if negate results options is enabled for the rule

getReturnValue()

Evaluated result is passed to it and this applies isNegateResult on it

getRiskScore()

Returns the risk score assigned to this rule in int

SaveOnSuccessfulAuth()

Return true in your custom rule class, if you want to set a cookie back to the browser. You will need to write a small piece of code to set the cookie value. Example of this will be provided in this document.

getRequiredAttributes()

Override this method in your class. This must return Array of String of user attributes that is required for your rule to evaluate the risk.

Class Details of com.novell.nam.nidp.risk.context.HTTPContext

Authentication Methods

Description

getM_HTTPHeaders()

Returns the name/value map of http headers of the connecting client

getCookieValue()

Returns the value of the cookie in String. Takes name of the cookie as argument in String

Class Details of com.novell.nam.nidp.risk.context.LocationContext

Authentication Methods

Description

GetClientIPAddress()

Returns the client IP from the Http Request object

Class Details of com.novell.nam.nidp.risk.context.UserContext

Authentication Methods

Description

getUserLoginTimeStamp()

Returns the long value of Clients login time. Its same value as returned by Calendar.getInstance().getTimeInMillis()

get()

Returns Object for the provided name. This could be Attribute of the user that was requested using getRequiredAttributes() or could be the History Record requested through setType() of Rule class. Examples of this method will be part of Custom Rule example codes.

User session properties that are set by a custom authentication class can be used as part of the custom risk authentication rules. HTTPContext that is passed to the rule evaluation contains this information.

With the following code snippet, you can get the previously set session values by using a custom risk rule class:

Inside evaluate method,

public boolean evaluate(HTTPContext httpContext, LocationContext lContext, DeviceContext dContext, UserContext uContext, ResponseObject rspObject){String email = (String)httpContext.getSessionContext().get("ExernalEmail");// Continue evaluation.}