5.3 Creating a Custom Rule Class

You can create the custom Rule class by extending the com.novell.nam.nidp.risk.core.rules.Rule class. This class is available with risk-core.jar file. Your class must override the abstract method called 'evaluate()' in the custom class. This method must contain the business logic for the custom rule and this method must return 'true' if the rule condition is success. If not, the method must return 'false'.

Class Details of com.novell.nam.nidp.risk.core.rules.Rule:

Authentication Methods


evaluate ()

Takes HTTPContext, LocationContext, DeviceContext, UserContext and ResponseObject as its arguments. Example of using these classes are provided in the code below.

Returns True, if the rule evaluation passes. If failed, false will be returned and risk score will be considered for this rule.


Returns true if historical data is enabled for the rule


Returns the name of the Rule inString


Returns the priority of the rule in integer.


Returns true if this rule is a Privileged Rule.


Returns true if this rule is enabled


Returns true if Nat setting is enabled for this server


Takes String or List as argument. This is used as part of the constructor to inform the Risk Engine to get the type of History data this Rule needs


Clears the Types set so far


Returns the List of Types set by this Rule


Same as isHistoricalDataEnabled()


Takes name of the property in String as argument and returns its boolean value. These are Rule properties set as part of the configuration.


Takes name of the Property in String and returns the value that is configured for this Rule in String


Takes name of the property in String as argument and returns its long value. These are Rule properties set as part of the configuration.


Takes name of the property in String as argument and returns its int value. These are Rule properties set as part of the configuration.


Takes HTTPContext & LocationContext as arguments and returns IP of the connecting client in String


Same as isNATed()


Returns true if negate results options is enabled for the rule


Evaluated result is passed to it and this applies isNegateResult on it


Returns the risk score assigned to this rule in int


Return true in your custom rule class, if you want to set a cookie back to the browser. You will need to write a small piece of code to set the cookie value. Example of this will be provided in this document.


Override this method in your class. This must return Array of String of user attributes that is required for your rule to evaluate the risk.

Class Details of com.novell.nam.nidp.risk.context.HTTPContext:

Authentication Methods



Returns the name/value map of http headers of the connecting client.


Returns the value of the cookie in string. Takes cookie name as argument in string.

Class Details of com.novell.nam.nidp.risk.context.LocationContext:

Authentication Methods



Returns the client IP from the Http Request object

Class Details of com.novell.nam.nidp.risk.context.UserContext:

Authentication Methods



Returns the long value of Clients login time. Its same value as returned by Calendar.getInstance().getTimeInMillis()


Returns Object for the provided name. This could be Attribute of the user that was requested using getRequiredAttributes() or could be the History Record requested through setType() of Rule class. Examples of this method will be part of Custom Rule example codes.

User session properties that are set by a custom authentication class can be used as part of the custom risk authentication rules. HTTPContext that is passed to the rule evaluation contains this information.

With the following code snippet, you can get the previously set session values by using a custom risk rule class:

Inside evaluate method,

public boolean evaluate(HTTPContext httpContext, LocationContext lContext, DeviceContext dContext, UserContext uContext, ResponseObject rspObject){String email = (String)httpContext.getSessionContext().get("ExernalEmail");// Continue evaluation.}