Document Tree
Document Properties
Kbid
30G952
Last Modified
09-Aug-2023
Added to KB
17-Jul-2023
Public Access
Everyone
Status
Online
Doc Type
Support Articles
Product
ICM 7.10
Support Article - Determining User Access from Specific Back Office or Storefront Pipeline Execution

Introduction

Sometimes it is necessary to determine which user executed a storefront or back office operation (pipeline call) in the past.
Now there are two ways to handle this question.

Option A - Use Web Adapter Access Logs and DB Information

  1.  The web adapter log tracked pipeline execution (in our example: ViewApplication-ProcessLogin - notice the part from a session ID)

1688388863112|fe80::7f0:bea4:c286:9da0||jdmuellernb|443|41|/WFS/inSPIRED-Site/en_US/-/USD/ViewApplication-ProcessLogin?LoginForm_Login=admin&LoginForm_Password=!InterShop00!&LoginForm_RegistrationDomain=inSPIRED|Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0||
4hKc4M_w1lew4KtSJu2IUmcwJnPxfYMWe96tJqx8JnPxfQuRj49YgaJt
|NEUBBGSixP8UsqjA-0-00
|
192.168.178.20:10054
|
302|0|0|41|0|0|GET||||p|0:0|0|1|0|0|302|
  1. Search for this session ID in the DB
    Please note that the session ID in the webadapter log is longer than in the sessioninformation table - only a part of the web adapter session ID is important.
    So we do a similar search with right % - example:

select * from BASICPROFILE bp, sessioninformation si where bp.uuid =

si.USERID and si.SESSIONID  

like'%4hKc4M_w1lew4KtSJu2IUmcw%';

Option B - Create Pipeline Auditing by Customized Log Appender

By using a log appender, you can specify the pipeline to be tracked.
If a user executes this pipeline, it will be written into a log file.

An example log appender is attached - code example:

 

<?xml version="1.0" encoding="UTF-8" ?>
<included>
<appender name="AuditPipeline" class="ch.qos.logback.core.rolling.RollingFileAppender">
<filter name="OnlyAuditPipelineTransactionsFilter" class="ch.qos.logback.core.filter.EvaluatorFilter">
<evaluator name="OnlyAuditPipelineTransactions">
<expression>
formattedMessage!=null
&amp;&amp;
(
formattedMessage.contains("Executing pipeline: ViewApplication-ProcessLogin")  
)
</expression>
</evaluator>
<OnMatch>NEUTRAL</OnMatch>
<OnMismatch>DENY</OnMismatch>
</filter>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>TRACE</level>
</filter>
<File>${intershop.logfile.Directory}/AuditPipeline-${intershop.logfile.NamePostfix}.log</File>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<FileNamePattern>${intershop.logfile.Directory}/AuditPipeline-${intershop.logfile.NamePostfix}.%i.log</FileNamePattern>
<MinIndex>1</MinIndex>
<MaxIndex>10</MaxIndex>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>500MB</MaxFileSize>
</triggeringPolicy>
<encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
<layout class="ch.qos.logback.classic.PatternLayout">
<Pattern>

%date{yyyy-MM-dd HH:mm:ss.SSS zZ,GMT}] %-5level ${intershop.HostName} ${intershop.InstallationID} ${intershop.ServerName} [%mdc{requestsite}] [%mdc{requestapplication}] [%mdc{pipelinestack}] [%mdc{job}] %logger [%marker] [%mdc{request.type}] [%mdc{http://session.id }] [%mdc{request.uuid}] [%mdc{user.login}] [%mdc{user.uuid}] "%thread" %msg %ex%n
</Pattern>
</layout>
</encoder>
</appender>
<logger name="com.intershop.beehive.core.internal.pipeline.PipelineProcessorImpl">
<level value="TRACE" />
<appender-ref ref="AuditPipeline" />
</logger>
</included>

In case of pipeline execution, the appender will track related pipeline execution ViewApplication-ProcessLogin from a mentioned user – example log entry...

 2023-07-03 12:35:56.194 GMT+0000] DEBUG JDMUELLERNB ES0 appserver0 [inSPIRED-Site] [-] [] [] com.intershop.beehive.core.internal.pipeline.PipelineProcessorImpl [] [Storefront] [m6OOV5TOr-arV_BsI5Ga5TwOX8LjylL9F8Ui2M3QX8LjylCv9j5KNvlT] [NEUeA2SiwKwUsqjA-0-00] [admin] [gBIKAP8vHOQAAAGIQYkpnB.u] "NEUeA2SiwKwUsqjA-0-00" Executing pipeline: ViewApplication-ProcessLogin (sld_enterprise_app)

 

Disclaimer
The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.
The Intershop Knowledge Portal uses only technically necessary cookies. We do not track visitors or have visitors tracked by 3rd parties. Please find further information on privacy in the Intershop Privacy Policy and Legal Notice.
Home
Knowledge Base
Product Releases
Log on to continue
This Knowledge Base document is reserved for registered customers.
Log on with your Intershop Entra ID to continue.
Write an email to supportadmin@intershop.de if you experience login issues,
or if you want to register as customer.