Identity Detection Rules

In case Plumbr has not been able to identify the users, you would need to help us a bit and hint where the identity of the users is stored. You can do this by configuring the location the user identity via creating a new Identity Detection Rule.

Identity Detection Rules can look for the identity of users from two different locations

In case your application is passing along the identity of the user via HTTP request headers, you need to configure a HTTP Header Rule. In such case, all you need to specify is the name of the HTTP header from where Plumbr will be extracting the tracking information. The value for the header would then be similar to the following:

X-User-Authentication

In case your application is not using HTTP Headers to pass along the identity, you need to configure a Session Attribute Rule instead. In such case you need to configure two parameters: Attribute name and Extraction path.

  • Attribute name is the name of the attribute in the session context storing the user’s identity. For example Spring Security adds it’s security context under the SPRING_SECURITY_CONTEXT attribute. When the attribute specified is not found in a particular HTTP Session either because a wrong attribute name was provided or the application user is not yet authenticated, Plumbr Agent will not proceed to detect the User’s identity from Extraction Path.
  • In the Extraction path field you should define the exact path where the user identity is stored. For example in case of the Spring Security being used, the extraction path used will be: getAuthentication().getPrincipal()#getUsername().

Combining the two parameters allows Plumbr now to look for the identity. Again using the Spring Security as an example and combining the two examples above will result in Plumbr looking for:

session.getAttribute(“SPRING_SECURITY_CONTEXT”).getAuthentication().getPrincipal().getUsername();