000021978 - How to return data in a Web  Services sign-in request to indicate if the user is coming from a Foreign IP address?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021978
Applies ToPlatform Web Services 5.7.2
IssueHow to return data in a Web  Services sign-in request to indicate if the user is coming from a Foreign IP address?
Resolution

To retrieve the Foreign IP status a "ClientFact" needs to be added to the request. This can be accomplished by modifying the "dataValid" rule in a given "drl" file. When added to this rule the following code will add a FOREIGN_IP Fact to the EventRiskFacts Array returned  in the SOAP request.


ClientFactImpl foreignIpFact = new ClientFactImpl("FOREIGN_IP", String.valueOf(output.isForeignIP()));
outcome.add(foreignIpFact);

The above code must be added after the following line:
AuthRiskResult output = (AuthRiskResult)result.getValue();

NotesThe exact "drl" file is defined in the d-config-forensic.xml file. This is defined for each event type within a bean for the "PolicyEngineDrools" class. For this request the "ClientFact" is needed for a sign-in call so the event type is "rule:passmark/SESSION_SIGNIN" and default value for 5.7.2 is "auth2.3.drl".
Legacy Article IDa39692

Attachments

    Outcomes