Document Properties
Kbid
30G952
Last Modified
09-Aug-2023
Added to KB
17-Jul-2023
Public Access
Everyone
Status
Online
Doc Type
Support Articles
Product
ICM 7.10
Support Article - Determining User Access from Specific Back Office or Storefront Pipeline Execution

Table of Contents


Product Version

7.10

Product To Version

7.10

Owner

Danny Müller

Worker

Yvonne Gerstmann

Product Type

Page Type

Support-Article

Introduction

Sometimes it is necessary to determine which user executed a storefront or back office operation (pipeline call) in the past.
Now there are two ways to handle this question.

Option A - Use Web Adapter Access Logs and DB Information

  1.  The web adapter log tracked pipeline execution (in our example: ViewApplication-ProcessLogin - notice the part from a session ID)

1688388863112|fe80::7f0:bea4:c286:9da0||jdmuellernb|443|41|/WFS/inSPIRED-Site/en_US/-/USD/ViewApplication-ProcessLogin?LoginForm_Login=admin&LoginForm_Password=!InterShop00!&LoginForm_RegistrationDomain=inSPIRED|Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0||
4hKc4M_w1lew4KtSJu2IUmcwJnPxfYMWe96tJqx8JnPxfQuRj49YgaJt
|NEUBBGSixP8UsqjA-0-00
|
192.168.178.20:10054
|
302|0|0|41|0|0|GET||||p|0:0|0|1|0|0|302|
  1. Search for this session ID in the DB
    Please note that the session ID in the webadapter log is longer than in the sessioninformation table - only a part of the web adapter session ID is important.
    So we do a similar search with right % - example:

select * from BASICPROFILE bp, sessioninformation si where bp.uuid =

si.USERID and si.SESSIONID  

like'%4hKc4M_w1lew4KtSJu2IUmcw%';

Option B - Create Pipeline Auditing by Customized Log Appender

By using a log appender, you can specify the pipeline to be tracked.
If a user executes this pipeline, it will be written into a log file.

An example log appender is attached - code example:

 

<?xml version="1.0" encoding="UTF-8" ?>
<included>
<appender name="AuditPipeline" class="ch.qos.logback.core.rolling.RollingFileAppender">
<filter name="OnlyAuditPipelineTransactionsFilter" class="ch.qos.logback.core.filter.EvaluatorFilter">
<evaluator name="OnlyAuditPipelineTransactions">
<expression>
formattedMessage!=null
&amp;&amp;
(
formattedMessage.contains("Executing pipeline: ViewApplication-ProcessLogin")  
)
</expression>
</evaluator>
<OnMatch>NEUTRAL</OnMatch>
<OnMismatch>DENY</OnMismatch>
</filter>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>TRACE</level>
</filter>
<File>${intershop.logfile.Directory}/AuditPipeline-${intershop.logfile.NamePostfix}.log</File>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<FileNamePattern>${intershop.logfile.Directory}/AuditPipeline-${intershop.logfile.NamePostfix}.%i.log</FileNamePattern>
<MinIndex>1</MinIndex>
<MaxIndex>10</MaxIndex>
</rollingPolicy>
<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
<MaxFileSize>500MB</MaxFileSize>
</triggeringPolicy>
<encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
<layout class="ch.qos.logback.classic.PatternLayout">
<Pattern>

%date{yyyy-MM-dd HH:mm:ss.SSS zZ,GMT}] %-5level ${intershop.HostName} ${intershop.InstallationID} ${intershop.ServerName} [%mdc{requestsite}] [%mdc{requestapplication}] [%mdc{pipelinestack}] [%mdc{job}] %logger [%marker] [%mdc{request.type}] [%mdc{http://session.id }] [%mdc{request.uuid}] [%mdc{user.login}] [%mdc{user.uuid}] "%thread" %msg %ex%n
</Pattern>
</layout>
</encoder>
</appender>
<logger name="com.intershop.beehive.core.internal.pipeline.PipelineProcessorImpl">
<level value="TRACE" />
<appender-ref ref="AuditPipeline" />
</logger>
</included>

In case of pipeline execution, the appender will track related pipeline execution ViewApplication-ProcessLogin from a mentioned user – example log entry...

 2023-07-03 12:35:56.194 GMT+0000] DEBUG JDMUELLERNB ES0 appserver0 [inSPIRED-Site] [-] [] [] com.intershop.beehive.core.internal.pipeline.PipelineProcessorImpl [] [Storefront] [m6OOV5TOr-arV_BsI5Ga5TwOX8LjylL9F8Ui2M3QX8LjylCv9j5KNvlT] [NEUeA2SiwKwUsqjA-0-00] [admin] [gBIKAP8vHOQAAAGIQYkpnB.u] "NEUeA2SiwKwUsqjA-0-00" Executing pipeline: ViewApplication-ProcessLogin (sld_enterprise_app)

 

Disclaimer

The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.

The Intershop Customer Support website uses only technically necessary cookies. We do not track visitors or have visitors tracked by 3rd parties.

Further information on privacy can be found in the Intershop Privacy Policy and Legal Notice.
Customer Support
Knowledge Base
Product Resources
Tickets