question

Andre V. avatar image
Andre V. asked ·

Username in request body but no data for username

Hi, I've configured DCRUM 12.2.1 to use a Request Body called 'username' to extract the user's login name and when I test it, it works (the "+" sign in the username is not ideal, but I'll work on a regex to remove that for a cleaner look once I have the main problem resolved (smile))

 

However, CAS only shows the username, but no corresponding data for any of the users tracked.

I've added Sites to the configs and also added another policy to extract the Client IP based on the X-Forwarded-For header, which works because I get lots of IP's as users but how do I 'marry' the username and corresponding IP address?

 

I'm not sure if this is possible or if I'm making sense (wink)

10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Adam P. avatar image
Adam P. answered ·

Andre,

Extracting usernames from POST parameter discovers the values from POST request and then is associated to configured session cookie value - all pages having configured cookie name with the same value as login (POST) page will be assigned with discovered username.

Did you set session cookie?

Can you please share applications.xml or a screenshot from "final" username configuration in RUM Console?

3 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Adam,

Thanks for the reply - this is my 1st time doing this, so any help you can provide will be much appreciated - I've attached a sanitised applications.xml file, with part of the Software Services IP's masked (I assume the file will still be usable to you in this format).

I haven't set session cookie but when I tried earlier today, I ended up with the session ID instead of the username so obviously I'm not doing it right.

Screenshot of my final screen before applying the config to AMD (excl. my attempt to set session cookie):

Copy of the requested file:

applications.xml

0 Likes 0 · ·

I think I've figured it out, thanks to your suggestions Adam (and some documentation reading)!

It seems to be working now, appreciate your time! (smile)

Final config on my test system:

0 Likes 0 · ·

Yeap, that's what I was about to post (smile)

Glad you was able to figure this out.

Additionally, the cookie configure should be the one that is set by the server i nthe response to POST request and transfered in "Set-Cookie" field. This way you have confirmation that the login process was successful. Otherwise you need to select cookie that is constant across entire user session + login page and additionally set "Acknowledge URL rule" to configure what URL or HTTP component confirms that the login was successful.

W/o this you will have also unsuccessful login attempts reported.

0 Likes 0 · ·
Andre V. avatar image
Andre V. answered ·

Thanks Adam - right now, we just want to report every operation executed by each user, so I assume my setup will work for that?

Is there a way to tie up the user's IP address (using X-Forwarded-For) with his username? I now have usernames but all are grouped into default (All other) location and ideally we would like to report by username, but also split out for Sites at a minimum. Nothing I've tried to date worked unfortunately.

2 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Yes, it will work, you will just have a view also what are incorrect login attempts - they should be tied to login page URL.

AFAIR there is a way to set up static mapping if it's 1-1 relation between user and it's IP. But I haven't heard about using IP as a session identified for users/IPs changing, i.e. due to DHCP ...

0 Likes 0 · ·

Thanks Adam, appreciate your time!

0 Likes 0 · ·
Michael F. avatar image
Michael F. answered ·

Andre,

In your software service go the HTTP Options Tab.   At the bottom of the page find Client IP address extraction.   Pick the Head Tag or Header Regex and put you value in the field below.   This can be set by software service or globally.

HTTP Configuration Options for Selected User-Defined Software Services

Global Settings for Client IP Address Extraction

Hope this helps.

Thanks,

Mike

2 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Mike, thanks I tried that but it didn't work unfortunately.

0 Likes 0 · ·

I spoke to soon, it seems it does work after all Michael (smile)

I think the problem was I had a user name recognition rule set to extract the IP, similar to the one for the username above, which I assume was clashing somehow with the Client IP address extraction method that was also set in the Software Service. Once I removed the 'Client IP' user recognition rule, it started to work.

0 Likes 0 · ·