Capture Login user details on dsp page

Hi Expert,
I am looking for a way I can capture the user details logged in to the dsp page for auditing purpose. Do we have any inbuilt IS service that can be used to perform this task ?

The user details are already present in the dsp page at the top along with the instance name and the IP Address. Note that this corresponds to the user credentials which have been used to log in in the current session.
As an administrator, you can also choose to enable the security logs (Logs->Security) which will log Authentication , Authorization and other event types that can be configured in the Settings->Logging->Security Logger in the admin UI.

It is not clear what the exact usecase is, perhaps you can elaborate more on what you mean by auditing.
-NP

Do you mean you want to identify the user at runtime from within a service ?

If so you need to write a small java service e.g.

public static final void getUserID(IData pipeline) throws ServiceException {
	 String sessionId = null;
	 String name = null;
		 
	    if (Service.getSession() != null)     {
	        try {
	            sessionId = Service.getSession().getSessionID();
	            name = Service.getSession().getUser().getName();
	        } catch (Exception e) {
	            throw new RuntimeException("Unable to retrieve the session ID : " + e);
	        }
	    }
	
	    IDataCursor c = pipeline.getCursor();
	    IDataUtil.put(c, "sessionID", sessionId);
		    
	    if (name != null && !name.equals("Default") && !name.equals("webTaskUser"))
	    		IDataUtil.put(c, "userID", name);
		    
	    	IDataUtil.put(c, "uniqueID", sessionId + getNextCount());
	    c.destroy();	   
}

@John_Carter4 , I thought about this one too, but I couldn’t see how this helps, if you are running this service, that means that you have already logged in /connected with a particular user. And if you have connected , then you know the user anyway.
Perhaps I’m missing the why here.

-NP

Not necessarily, perhaps the user was authentication via openID or OAuth in which case you won’t know. Or it could be that you have a login screen but perhaps it’s authentication directly against /invoke/wm.server/login

regards,
John.

1 Like

Thanks John. This is exactly I was looking for. Basically for auditing purpose , we need to capture the user who is login to the dsp and performing changes.

In case, if this is useful, IS already provides ways to capture HTTP log information. Please have a look @ watt.server.httplog property and “The HTTP Log” section in IS’s Admin Guide - Untitled (softwareag.com).

1 Like