The following example explains how to create a custom rule class:
import java.util.Base64; import java.util.Map; import java.util.Properties; import com.novell.nam.nidp.risk.context.DeviceContext; import com.novell.nam.nidp.risk.context.HTTPContext; import com.novell.nam.nidp.risk.context.LocationContext; import com.novell.nam.nidp.risk.context.UserContext; import com.novell.nam.nidp.risk.core.rules.Rule; import com.novell.nam.nidp.risk.util.ResponseObject;
public class CustomRuleTmpl extends Rule { /**
* @param configProps
* All the configuration will be passed to the constructor.
*
* Pass the type of user historical data you want.
*
*/
public CustomRuleTmpl(Properties configProps) {super(configProps);
/*
* Check all the properties that is configured
*/
printProperties(configProps); if ( isHistoricalDataEnabled())
{
// Enter all the user attributes that you need from the history database
// Generally you would need one or two values. setType(HistoricalAttributeEntries.IP.name()); /*
* Following commented code shows the way to get other
* historical data from database.
* setType(HistoricalAttributeEntries.LASTLOGGEDINTIME.name());
* setType(HistoricalAttributeEntries.CITY.name())
* setType(HistoricalAttributeEntries.COUNTRY.name());
* setType(HistoricalAttributeEntries.REGION.name());
* setType(HistoricalAttributeEntries.RISKSCORE.name());
* setType(HistoricalAttributeEntries.LOGINRESULT.name());
* setType(HistoricalAttributeEntries.RISKCATEGORY.name());
* setType(HistoricalAttributeEntries.RISKSCORE.name());
* setType(HistoricalAttributeEntries.REGIONCODE.name());
* setType(HistoricalAttributeEntries.METROCODE.name());
* setType(HistoricalAttributeEntries.POSTCODE.name());
*
*
* Or you could even set it using an array List
* clearType(); // Clear the previously set rule type values* ArrayList<String> historyAttributes = newArrayList<String>(); * historyAttributes.add ( HistoricalAttributeEntries.IP.name()); * historyAttributes.add (HistoricalAttributeEntries.LASTLOGGEDINTIME.name()); * setType(historyAttributes); */
}
}
private void printProperties(Properties configProps) { System.out.println("Configured properties are: -");
for (Entry<Object, Object> e: configProps.entrySet())
System.out.println("Name :" + e.getKey() + "Value : " + e.getValue());
} /* (non-Javadoc)
* @see com.novell.nam.nidp.risk.core.rules.Rule#evaluate(com.novell.nam.nidp.risk.context.HTTPContext,
com.novell.nam.nidp.risk.context.LocationContext, com.novell.nam.nidp.risk.context.DeviceContext,
com.novell.nam.nidp.risk.context.UserContext, com.novell.nam.nidp.risk.util.ResponseObject)
*
* This method evaluates the rule and is called in the order of the priority.
*
* Parameters
* HttpContext - Contains all the request http header information
* LocationContext - Contains information about the client location ( IP )
* DeviceContext - Contains device information
* UserContext - Contains user information, that includes, user attributes, roles and historical login data of the user.
* ResponseObject - Can be used for setting cookies, headers and user attributes on completion of the risk calculation.
*
* Return Values
* true - on successful evaluation of the rule.
* false - if failed to evaluate the rule. In this case configured risk score will be considered.
*
* This method will have 3 sections
* 1 ) Pre-evaluation : - To get all the parameters of the user login
* 2 ) Evaluate the rule : - Apply the use case to the evaluation using the parameters
* 3 ) Post-evaluation : - Set result, cookie and history parameters if needed
*/
@Override
public boolean evaluate(HTTPContext httpContext, LocationContext
lContext, DeviceContext dContext, UserContext uContext,
ResponseObject rspObject) {boolean returnValue = false;
if ( m_ruleEnabled)
{
/* ######## Pre-Evaluation Section #####################*/getHTTPHeaderInformation(httpContext);
getCookieInformation(httpContext, "JSESSIONID");
getLocationParameter(lContext);
getUserContext(uContext);
/* ############### Evaluation Section ####################*/
{
/*
* Change the return value according logic of the
* evaluation
*/
if ( true )
returnValue = true;
} /* ############### Post-Evaluation Section ####################*/
/*
* Execute the post evaluation method to consider other configuration like negate result
*/// rspObject.setUserAttr(HistoricalAttributeEntries.IP.name(), clientIP);
return getReturnValue(returnValue);
} return true;
}
/*
* Get all the user context/attributes
*/
private void getUserContext(UserContext uContext) {
// TODO Auto-generated method stubgetUserAttribute(uContext);
getUserRoles(uContext);
getHistoricalData(uContext);
}
/*
* Get the historical data of the user from the configured DataBase
*/
private void getHistoricalData(UserContext uContext) { // It will get all the passed transaction for the user in the past.
// If the transaction you looking for is not found, that mean it has failed for that log in.
HistoryRecord records = (HistoryRecord)uContext.get(HistoricalAttributeEntries.IP.name()); if ( records != null)
{
System.out.println("Printing past entries from the History, in this example its the IP used by the user");
for( Object o : records.getValue() )
System.out.println("< " + (String)o + "
>\n");
}
} /*
* Get the user's current role information
*/
private void getUserRoles(UserContext uContext) {String[] values = (String[]) uContext.get(UserProfile.Constants.ROLES.name());
RiskLog.debug("Roles of the user are ");
for ( String role : values)
RiskLog.debug(" " + role + ",");
} /*
* Get the user's ldap attributes.
*
* NOTE: To get attributes here, you must return
the name of the attributes you need, using method getRequiredAttributes();
*/
private void getUserAttribute(UserContext uContext) { // Value will be null if attribute name is not set as part of getRequiredAttributes()
String mail = (String) uContext.get("mail");
String carlicense = (String) uContext.get("carlicense"); System.out.println("Mail attribute of the user is " + mail + ",
and the carlicense is " + carlicense);
}
/*
* This method should return the name of the user ldap attributes required during evaluation of the rule.
* You could configure those in the custom rule properties and can pass the value here.
*/
@Override
public String[] getRequiredAttributes() {
// TODO Auto-generated method stub
String[] attributes = new String[2]; attributes[0] = "mail";
attributes[1] = "carlicense";
return attributes;
} /*
* Get the location parameter of the user
*
*/
private void getLocationParameter(LocationContext lContext) { String clientIP = lContext.getClientIPAddress();
RiskLog.debug("Client Ip address for this request is = " + clientIP); Properties props = new Properties();
Provider provider;
try {
provider = GeoLocationFactory.getProvider
RiskEngine.getInstance().getCoreProps().getProperty("geolocation.provider"),
null, props);GeoLocBean geoLoc = provider.readGeoLocInfo(InetAddress .getByName(clientIP));
System.out.println("Country = " + geoLoc.getCountry());
System.out.println("Country code = " + geoLoc.getCountryCode());
System.out.println("City = " + geoLoc.getCity());
} catch (GeoLocException | UnknownHostException
e) {
// TODO Auto-generated catch block
System.out.println("Geo location configuration exception
" + e.getLocalizedMessage());
e.printStackTrace();
}}
/*
* Get a spefic cookie out of headers
*/
private void getCookieInformation(HTTPContext httpContext,
String cookieName) {String cookieValue = httpContext.getCookieValue(cookieName);
RiskLog.debug("Cookie Name = " + cookieName + "
Value = " + cookieValue);
} /*
* Get all http Context information.
* Contains all http headers that is part of the request, including cookies.
*/
private void getHTTPHeaderInformation(HTTPContext httpContext) {Map<String, String> headers = httpContext.getM_HTTPHeaders();
Iterator itr = headers.entrySet().iterator();
for ( Map.Entry< String, String> entry : headers.entrySet()
)
RiskLog.debug("Header Name = " + entry.getKey()
+ " Value = " + entry.getValue());}
}