Uploaded image for project: 'GeoServer'
  1. GeoServer
  2. GEOS-6144

Have a better chance of logging the remote user in monitoring across different auth systems

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.10-RC1
    • Component/s: None
    • Labels:
      None

      Description

      Quoting Christian's observation about how we get the user:

      Different authentication mechanisms produce different kind of authentication objects. It is not guaranteed that auth.getPrincipal() is a user object. The Spring Security Authentication interface declares

      Object getPrincipal();
      

      Maybe the the following change would help to improve the situation

        if (auth.getPrincipal() != null ) {
                     if (auth.getPrincipal() instanceof User) )
      Unknown macro: {
                      data.setRemoteUser(((User)auth.getPrincipal()).getUsername());
                  } 
        else 
      Unknown macro: {
                     data.setRemoteUser(auth.getPrincipal().toString);
                  } 
      } 
      

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                harrison.grundy codehaus (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: