1
0
-1

I am trying to add some loggin for auditability for some gorrvy services I have exposed via the GroovyServiceInvoke role.

I want to log the username using someting like

def currentUserID = com.avoka.fc.core.servlet.RequestContext.getThreadRequest().getRemoteUser()

But the auth doe not seem to be available

i.e. com.avoka.fc.core.servlet.RequestContext.getThreadRequest().getAuthType() returns null

Has anyone done this?

P.S. 

com.avoka.fc.core.servlet.RequestContext.getThreadRequest().getMethod() correctly returns POST

    CommentAdd your comment...

    3 answers

    1.  
      3
      2
      1

      This should produce the result that you want:

       

      import java.util.Base64;
      import com.avoka.fc.core.servlet.RequestContext as RequestContext
       
      def context = RequestContext.getThreadRequest()
       
      def user = new String(
             Base64.getDecoder().decode(
                    context.getHeader('Authorization').substring(6)
             )
      ).replaceAll(/:.*/,'')
       
      println user

       

      I think getAuthType might have a specific meaning in Enterprise Java which doesn't necessarily align with the http basic authentication approach used in TM.

      1. Matthew van Bockel

        I beleive GroovyServiceInvoke runs under a system session rather than a specific user session, hence the AuthenticationService or the .getRemoteUser() methods won't apply in this scenario. I've used the following (which is just a slight tweak on Matthew's code): def requestContext = RequestContext.getThreadRequestContext() def request = requestContext.getRequest() String header = request.getHeader("Authorization") String username = "" if(header.startsWith("Basic ")) { String[] auth = new String(header[6..-1].decodeBase64()).split(":") username = auth[0] } println "username=$username"

      CommentAdd your comment...
    2.  
      1
      0
      -1

      Awesome, thanks guys! 

       

      FYI the following

       

      import java.util.Base64;
      import com.avoka.fc.core.servlet.RequestContext as RequestContext

      def context = RequestContext.getThreadRequest()

      def user = new String(
      Base64.getDecoder().decode(
      context.getHeader('Authorization').substring(6)
      )
      ).replaceAll(/:.*/,'')

      logger.info user


      import com.avoka.fc.core.service.ServiceFactory

      logger.info ServiceFactory.getAuthenticationService().isAuthenticated(context)
      logger.info ServiceFactory.getAuthenticationService().getUserId(context)

       

      gave an output of (with a user called autodeployment) :-

      13:42:23,179 INFO autodeployment

      13:42:23,186 INFO false
      13:42:23,188 INFO null

       

      So I have gone with option 2.

        CommentAdd your comment...
      1.  
        1
        0
        -1

        There is an AuthenticationService that assists with this Jim.

        ServiceFactory.getAuthenticationService().isAuthenticated(request)
        ServiceFactory.getAuthenticationService().getUserId(request)
         
        1. Matthew White

          Hi Ben, isAuthenticated returns false for me when invoking a groovy service via rest.

        2. Ben Warner

          OK. I've used it in dynamic data calls with authenticated sessions. I'm assuming you applied basic auth?

        3. Matthew White

          I used basic auth. I don't know what an authenticated session is, how does it differ from basic auth?

        4. Jim Basey

          Agree - seems to have the same issue my original code was having. Although the REST call requires basic auth by TM it does not seem to pass through the request as authenticated.

        5. Ben Warner

          Hey Matthew, I just meant I'd used the AuthenticationService in a Dynamic Data call from a form in the browser where the user is logged in with a valid HTTP session.

        6. Matthew White

          In that scenario does request.getRemoteUser() work also?

        7. Ben Warner

          I can confirm that the AuthenticationService uses the request.getRemoteUser() function so should return the same result.

        CommentAdd your comment...