Instructions on how to add these three rules in auth2.3.drl and c-config-forensic.xml to further breakdown the reasons of UserDeviceNotBound
1. Add the following function within the <java:functions> tags in the auth2.3.drl file.
public boolean hasDeviceToken(ForensicFactSet forensic)
{
boolean hasCookie = (forensic.getFact(ForensicFacts.DEVICE_COOKIE) != null);
boolean hasFso = (forensic.getFact(ForensicFacts.DEVICE_FSO) != null);
return (hasCookie || hasFso);
}
2. Add the following lines to the auth2.3.drl file above the UserDeviceNotBound rule, ensure that the salience values in the rules below are unique in your drl file.
<rule name="NoDeviceTokenAndJavascriptNotEnabled" no-loop="true" salience="70">
<parameter identifier="risk">
<class>AuthRiskResult</class>
</parameter>
<parameter identifier="forensic">
<class>com.passmarksecurity.forensic.ForensicFactSet</class>
</parameter>
<java:condition>risk.isJavascriptNotEnabled()</java:condition>
<java:condition>!hasDeviceToken(forensic)</java:condition>
<java:condition>risk.isUserDeviceNotBound()</java:condition>
<java:consequence>
ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "NoDeviceTokenAndJavascriptNotEnabled");
outcome.add(reasonClientFact);
drools.retractObject(risk);
</java:consequence>
</rule>
<rule name="DeviceTokenAndUserDeviceNotBound" no-loop="true" salience="69">
<parameter identifier="risk">
<class>AuthRiskResult</class>
</parameter>
<parameter identifier="forensic">
<class>com.passmarksecurity.forensic.ForensicFactSet</class>
</parameter>
<java:condition>risk.isUserDeviceNotBound()</java:condition>
<java:condition>hasDeviceToken(forensic)</java:condition>
<java:condition>(forensic.getFact(ForensicFacts.DEVICE_CREATED) == null)</java:condition>
<java:consequence>
ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "DeviceTokenAndUserDeviceNotBound");
outcome.add(reasonClientFact);
drools.retractObject(risk);
</java:consequence>
</rule>
<rule name="DeviceTokenAndDeviceCreated" no-loop="true" salience="68">
<parameter identifier="risk">
<class>AuthRiskResult</class>
</parameter>
<parameter identifier="forensic">
<class>com.passmarksecurity.forensic.ForensicFactSet</class>
</parameter>
<java:condition>hasDeviceToken(forensic)</java:condition>
<java:condition>(forensic.getFact(ForensicFacts.DEVICE_CREATED) != null)</java:condition>
<java:consequence>
ClientFactImpl reasonClientFact = new ClientFactImpl("REASON", "DeviceTokenAndDeviceCreated");
outcome.add(reasonClientFact);
drools.retractObject(risk);
</java:consequence>
</rule>
3. Add the following entries to the policyOutcome bean definition in the c-config-forensic.xml file
<entry key="NoDeviceTokenAndJavascriptNotEnabled">
<value>CHALLENGE</value>
</entry>
<entry key="DeviceTokenAndUserDeviceNotBound">
<value>CHALLENGE</value>
</entry>
<entry key="DeviceTokenAndDeviceCreated">
<value>CHALLENGE</value>
</entry> | 
on Jun 16, 2016