AnsweredAssumed Answered

How do I get the number of failed challenge questions from RSA Adaptive Authentication (OnPrem) 7.1 P6

Question asked by Steve Irwin on May 13, 2016
Latest reply on Aug 24, 2016 by Steve Irwin

Like • Show 0 Likes0
Comment • 5

Our Web development team is trying to get this information from the RSA database. They're not seeing any specific AA or AAAdmin call in the API to get this information....

1 person has this question

Outcomes

5 Replies

Heidi Bleau May 16, 2016 5:00 PM
Mark Correct
Correct Answer
The CHALLENGE_AUTH_METHOD column of EVENT_LOG keeps the data for the Auth method available for user in the analyze response with the minimum Auth level. It is not possible to track whether the user was actually challenged by the question or any other auth method(s) and therefore, this information can’t be pulled out in the existing implementation.
Like • Show 0 Likes0
Actions
- Steve Irwin @ Heidi Bleau on May 17, 2016 9:40 AM
  Mark Correct
  Correct Answer
  Heidi,
  We only use the challenge questions and no other auth method, are you
  saying that we cannot pull this information from the database reliably?
  
  Steve Irwin
  AES/PHEAA
  Enterprise Systems Administration and Support
  Application Development
  sirwin@aessuccess.org
  (717) 720-3493
  Like • Show 0 Likes0
  Actions
  - Narendra Sharma @ Steve Irwin on Jun 7, 2016 8:04 AM
    Mark Correct
    Correct Answer
    Hi Steve,
    Assuming that only auth method configured for the rules that are resulting in a challenge is "Question" then the below query will give the challenge question failures count.
    select COUNT(*) from <db_name>.<db_schema>.EVENT_LOG where CHALLENGE_AUTH_METHOD = 'QUESTION' AND CHALLENGE_SUCCESSFUL = 'N';
    
    hope this helps.
    BR,
    Narendra Sharma
    Like • Show 0 Likes0
    Actions
Somi Reddy Devireddy Aug 24, 2016 1:52 PM
Mark Correct
Correct Answer
@Steve Irwin
I think there is no specific webservice call to retrieve such information. In the Authenticate response, we have the below block, which is always returning back the failCount as 1, even though I failed 2nd or 3rd time in the same session.

                      <ns1:challengeQuestionMatchResult>
                               <ns1:failCount>1</ns1:failCount>
                               <ns1:matchCount>0</ns1:matchCount>
                      </ns1:challengeQuestionMatchResult>

Not sure this is how it should be or this is a bug, which is reporting 1 always irrespective of multiple failures.

But, if you would like to retrieve the count from the database, use the below DB query.

select u.username, u.status, a.acspname, a.counts from RSA_CORE.users u join RSA_CORE.acspuseraccount a on u.id=a.userid where username='<your LoginName here>'
Like • Show 0 Likes0
Actions
- Steve Irwin @ Somi Reddy Devireddy on Aug 24, 2016 2:06 PM
  Mark Correct
  Correct Answer
  Thanks for the update!!!
  
  Steve Irwin
  AES/PHEAA
  Enterprise Systems Administration and Support
  Application Development
  sirwin@aessuccess.org
  (717) 720-3493
  Like • Show 0 Likes0
  Actions

How do I get the number of failed challenge questions from RSA Adaptive Authentication (OnPrem) 7.1 P6

Outcomes

Related Content

Recommended Content