Related Tips & Info

Maxmind Geolocation Provider for Risk Based Authentication with NAM 4.1

csr
0 Likes

Introduction


 
Maxmind offers downloadable database for free and paid version. Please read the terms and conditions before using free version.

This database is used offline without internet based outbound calls.

Goal of this solution


 
NetIQ Access Manager can support custom Geo location providers in order to determine the risk score. Risk Based Authentication with NAM 4.1 will consume this custom provider implementation to read geolocation of user from where user is accessing the system.

This solution will demonstrate how to use Maxmind Geolocation provider with Risk Based Authentication.

Configuration steps


 

  1. Download Maxmind Geolocation database to IDP system and note down file path (download location http://dev.maxmind.com/geoip/legacy/geolite/ );

  • Download zip file with this cool solution, it contains maxmind api jar and custom Geo provider for NAM

  • Copy the jar file to NAM IDP system at location /opt/novell/nam/idp/webapps/nidp/WEB-IN/lib

  • Copy the com folder to NAM IDP system at location /opt/novell/nam/idp/webapps/nidp/WEB-INF/classes

  • Restart NAM IDP “/etc/init.d/novell-idp restart”

  • Go to Admin Console --> Risk Configuration --> Geolocation

  • Enable Location Profiling

  • Select Custom Provider as the Geolocation Provider

  • Enter name for Provider name

  • Enter com.netiq.custom.risk.core.geoloc.providers.MaxMindLocalDB as Java Class Path

  • Under Provider Properties Add citydbfile as Property Name and downloaded Maxmind geolocation db file path as value. For example /opt/novell/GeoLiteCity.db

    screenshot1

  • Click ok and finish configuration


Testing


 

  1. Create Geolocation rule and add that to Rule Group

  • Access Troubleshooting Tool for Risk Based Authentication

  • Select risk group and read the result.


References


 
https://www.netiq.com/documentation/access-manager-41/admin/data/b1dg0omz.html#b1dg0omz
http://dev.maxmind.com/geoip/legacy/install/city/
http://dev.maxmind.com/geoip/legacy/geolite/
http://dev.maxmind.com/geoip/legacy/downloadable/

Update for maxmind GeoLite2



Updated maxmind provider java source MaxMindLocalDB.zip
Download Maxmind java jar files and copy maxmind-db-1.2.2.jar and geoip2-2.12.0.jar to NIDP lib folder.
Compile provider java source file with NIDP lib jar files in classpath and make jar and copy to NIDP lib folder and restart.
Download Maxmind GeoLite2 city db and follow the same configuration in this cool solution.

Please share your comments!!

Labels:

How To-Best Practice
Comment List
Related
Recommended

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.