Configuration: Example

To explain how you can configure the location of the User Identity let us check the following example. In this example application the successful authentication operation results in storing the User’s identity in the HTTP Session as:

request.getSession(true).setAttribute(“USER_CONTEXT”, new UserContext(ipAddress, username));

where request is instance of javax.servlet.http.HttpServletRequest.

Let’s also assume that the UserContext class would be designed as:

public class UserContext {
    public String getIpAddress() {
        return ipAddress;
    }

    public User getUser() {
        return user;
    }

    private final String ipAddress;
    private final User user;

    public UserContext(String ipAddress, String username) {
        this.ipAddress = ipAddress;
        this.user = new User(username);
    }

    private final class User {
        private final String username;

        public String getUsername() {
            return username;
        }

        public User(String username) {
            this.username = username;
        }
    }
}

So we are adding an instance of the UserContext into session attributes under the key USER_CONTEXT. By default Plumbr Agent does not look the identity from this location. To teach Plumbr Agent how to extract user identity in this case, we would specify the configuration as following:

  • Attribute name: USER_CONTEXT
  • Extraction Path: getUser().getUsername()

Equipped with this knowledge, Plumbr Agent will now be monitoring for setAttribute() events in all HTTPSession instances. Whenever such an event arrives and the attribute set is “USER_CONTEXT”, Plumbr starts capturing the identity.

The identity itself is extracted by invoking getUser().getUsername() on the UserContext object stored under “USER_CONTEXT” key.

If Plumbr agent fails to extract identity with defined Extraction Path then in your application logs you will see the following banner:

 *********************************************************************
* Failed to extract user identity with path: getUser().username             *
* Please check your configuration here:                                                          *
* https://app.plumbr.io/settings/identity-detection                            *
**********************************************************************

Using the same example above, the error message becomes clear. The username attribute in the User class is declared private and cannot be thus accessed. To fix, just change the Extraction Path to be equal to getUser().getUsername().