February 22, 2017 at 9:59 pm #15973indiraParticipant
Im looking at a scenario if multiple users trying to access application from a same ip address. Is there a way ip address addresses can be blocked dynamically for any fraudulent activities. I can see under Authorization i can block specific ips, but is there a way OpenAM does risk analysis and blocks fraudulent ip addresses. I did try adaptive risk where a user attempts wrong passwords and goes through 3rd level of validation.February 23, 2017 at 11:42 am #15989Andrew PotterParticipant
It’s fair to say that OpenAM does not do analytics. However, you can use a scripted authz policy/authn module to query an external datasource of ‘dodgy’ IPs and deny the request if the IP is found. That datasource would be populated by a custom ‘analytics engine’ – typically a 3rd party.
However, that engine could, in theory, be written by you in the scripted components.
You may need special consideration for clients behind proxies as it’s possible that these may all present the same IP?March 6, 2017 at 11:39 pm #16144Scott HegerParticipant
OpenAM has an Adaptive Risk authentication module (See https://backstage.forgerock.com/docs/openam/13.5/admin-guide#adaptive-auth-module-conf-hints). With that it provides an IP Address Range check and an IP Address History check. See if that provides you what you are looking for.March 7, 2017 at 5:12 pm #16160
You must be logged in to reply to this topic.