Skip to main content
Skyhigh Security

IM Authentication Rule Set

The IM Authentication rule set is a library rule set for instant messaging authentication.

Library rule set - IM Authentication

Criteria – Always

Cycles – Requests (and IM), responses, embedded objects

The following rule sets are nested in this rule set:

  • IM Authentication Server
  • IM Proxy

IM Authentication Server

This nested rule set handles authentication for instant messaging users. It applies the User Database method for retrieving user information.

Nested library rule set - IM Authentication Server

Criteria – Authentication.IsServerRequest equals true

Cycles – Requests (and IM), responses, embedded objects

The rule set criteria specifies that the rule set applies when authentication has been requested for a user of an instant messaging service.

The rule set contains the following rules.

Authenticate clients against user database

Authentication.Authenticate<User Database at IM Authentication server> equals false–> Authenticate<IM
Authentication>

The rule uses the Authentication.Authenticate property to check whether a user who sends a chat message or file under an instant messaging protocol is authenticated. The settings that follow the property in the rule criteria specify the User Database method for this authentication.

If a user is not authenticated under this method, processing stops and a message is displayed asking the user to authenticate.

The action settings specify that the IM Authentication template is used for displaying the authentication message to the user.

Processing continues when the next user request is received.

Show Authenticated page

Always–> Redirect<Show IM Authenticated> —

Set User-Defined.logEntry =

“[”

+ DateTime.ToISOString

+ “]””

+ URL.GetParameter (“prot”)

+ ““auth””

+ Authentication.Username

+ ““ ””

+ URL.GetParameter (“scrn”)

+ “““

FileSystemLogging.WriteLogEntry (User-Defined.logEntry)<IM Logging>

The rule redirects a request sent from a client by an instant messaging user to an authentication server and displays a message to inform the user about the redirect.

The action settings specify that the Show IM Authenticated template is used for the message.

The rule also uses an event to set values for a log entry on the authentication request. It uses a second event to write this entry into a log file. A parameter of this event specifies the log entry.

The event settings specify the log file and the way it is maintained.

IM Proxy

This nested rule set handles authentication of instant messaging users. It applies the Authentication Server method to retrieve user information.

Nested library rule set - IM Proxy

Criteria – Connection.Protocol.IsIM equals true AND IM.MessageCanSendBack is true

Cycles – Requests (and IM), responses, embedded objects

The rule set criteria specifies that the rule set applies when a user sends a chat message or a file on a connection under an instant messaging protocol and a message can already be sent back from the appliance to the user.

The rule set contains the following rule.

Redirect not authenticated users to the authentication server

Authentication.Authenticate<Authentication Server IM> equals false–> Authenticate<IM Authentication>

The rule uses the Authentication.Authenticate property to check whether a user who sends a chat message or file under an instant messaging protocol is authenticated. The settings that follow the property in the rule criteria specify the Authentication Server method for this authentication.

If a user is not authenticated under this method, processing stops and a message is displayed, asking the user to authenticate.

The action settings specify that the IM Authentication template is used for displaying the authentication message to the user.

Processing continues when the next user request is received.

  • Was this article helpful?