Instructions on how to add these three rules in auth2.3.drl and c-config-forensic.xml to further breakdown the reasons of UserDeviceNotBound 1. Add the following function within the <java:functions> tags in the auth2.3.drl file. public boolean hasDeviceToken(ForensicFactSet forensic) { boolean hasCookie = (forensic.getFact(ForensicFacts.DEVICE_COOKIE) != null); boolean hasFso = (forensic.getFact(ForensicFacts.DEVICE_FSO) != null); return (hasCookie || hasFso); } 2. Add the following lines to the auth2.3.drl file above the UserDeviceNotBound rule, ensure that the salience values in the rules below are unique in your drl file. <rule name="NoDeviceTokenAndJavascriptNotEnabled" no-loop="true" salience="70"> <parameter identifier="risk"> <class>AuthRiskResult</class> </parameter> <parameter identifier="forensic"> <class>com.passmarksecurity.forensic.ForensicFactSet</class> </parameter> <java:condition>risk.isJavascriptNotEnabled()</java:condition> <java:condition>!hasDeviceToken(forensic)</java:condition> <java:condition>risk.isUserDeviceNotBound()</java:condition> <java:consequence> ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "NoDeviceTokenAndJavascriptNotEnabled"); outcome.add(reasonClientFact); drools.retractObject(risk); </java:consequence> </rule> <rule name="DeviceTokenAndUserDeviceNotBound" no-loop="true" salience="69"> <parameter identifier="risk"> <class>AuthRiskResult</class> </parameter> <parameter identifier="forensic"> <class>com.passmarksecurity.forensic.ForensicFactSet</class> </parameter> <java:condition>risk.isUserDeviceNotBound()</java:condition> <java:condition>hasDeviceToken(forensic)</java:condition> <java:condition>(forensic.getFact(ForensicFacts.DEVICE_CREATED) == null)</java:condition> <java:consequence> ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "DeviceTokenAndUserDeviceNotBound"); outcome.add(reasonClientFact); drools.retractObject(risk); </java:consequence> </rule> <rule name="DeviceTokenAndDeviceCreated" no-loop="true" salience="68"> <parameter identifier="risk"> <class>AuthRiskResult</class> </parameter> <parameter identifier="forensic"> <class>com.passmarksecurity.forensic.ForensicFactSet</class> </parameter> <java:condition>hasDeviceToken(forensic)</java:condition> <java:condition>(forensic.getFact(ForensicFacts.DEVICE_CREATED) != null)</java:condition> <java:consequence> ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "DeviceTokenAndDeviceCreated"); outcome.add(reasonClientFact); drools.retractObject(risk); </java:consequence> </rule> 3. Add the following entries to the policyOutcome bean definition in the c-config-forensic.xml file <entry key="NoDeviceTokenAndJavascriptNotEnabled"> <value>CHALLENGE</value> </entry> <entry key="DeviceTokenAndUserDeviceNotBound"> <value>CHALLENGE</value> </entry> <entry key="DeviceTokenAndDeviceCreated"> <value>CHALLENGE</value> </entry> |