$Web User: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
m (→Syntax) |
||
(11 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE:$Web_User}} | {{DISPLAYTITLE:$Web_User}} | ||
<span class="pageSubtitle" | <span class="pageSubtitle">User ID sent by browser</span> | ||
$Web_User returns the userid that was sent by the browser in the HTTP user authentication header ("Authorization"), which could be different from the current | <var>$Web_User</var> returns the userid that was sent by the browser in the HTTP user authentication header ("Authorization"), which could be different from the current <var class="product">Model 204</var> userid. | ||
==Syntax== | ==Syntax== | ||
<p class="syntax">< | <p class="syntax"><span class="term">%bruser</span> = $Web_User | ||
</p> | |||
$Web_User takes no arguments, and it returns a null indicating that the browser sent no userid, or it returns the userid sent by the browser. | <var>$Web_User</var> takes no arguments, and it returns a null indicating that the browser sent no userid, or it returns the userid sent by the browser. | ||
The most likely use for $Web_User is in a LOGONERR exception handler () or in NEWSESCMD processing. Since a LOGONERR exception handler runs under the WEBUSER userid, $USERID will not indicate the userid for which the login failed. Also, NEWSESCMD processing runs under the PRELOGINUSER userid, so, again, $USERID will not return the userid sent in the HTTP headers by the browser. | ==Usage notes== | ||
<ul> | |||
<li>The most likely use for <var>$Web_User</var> is in a LOGONERR exception handler ([[JANUS WEB exception rules|"JANUS WEB exception rules"]]) or in NEWSESCMD processing. Since a LOGONERR exception handler runs under the WEBUSER userid, $USERID will not indicate the userid for which the login failed. Also, NEWSESCMD processing runs under the PRELOGINUSER userid, so, again, $USERID will not return the userid sent in the HTTP headers by the browser. | |||
<li>For non-public, that is, logon required URLs, <var>$Web_User</var> will equal $USERID if HTTP user authentication is used. But it might be null or even a different userid, if NEWSESCMD is used to do some other kind of user authentication, such as certificate-based authentication. For public URLs, <var>$Web_User</var> might be null or it might contain the last userid that the browser used to log on for the port. Since a browser does not know which URLs for a port are public or private, it will usually send a userid and password for every URL on a port after a successful login. | |||
<li>While <var>$Web_User</var> can be used in any code, its most common use is likely to be in [[JANUS WEB exception rules|exception rules]], especially those associated with logon processing, such as LOGONERR and NEWPASSWORD rules, or in NEWSESCMD processing. | |||
</ul> | |||
==Example== | |||
The following example from a LOGONERR exception handler stores a record in a file for a failed logon attempt. | The following example from a LOGONERR exception handler stores a record in a file for a failed logon attempt. | ||
<p class="code"> %BRUSER = $Web_User | <p class="code">%BRUSER = $Web_User | ||
%BRIPADDR = $Web_IPAddr | |||
%TIME = $Web_Date | |||
IN FILE SECLOG STORE RECORD | |||
RECTYPE = 'LOGONERR' | |||
TIME = %TIME | |||
USER = %BRUSER | |||
IPADDR = %BRIPADDR | |||
END STORE | |||
</p> | </p> | ||
==See also== | |||
<ul> | |||
<li><var>[[$Web_Password]]</var> | |||
</ul> | |||
[[Category:Janus Web Server $functions|$Web_User]] | [[Category:Janus Web Server $functions|$Web_User]] |
Latest revision as of 21:56, 5 June 2013
User ID sent by browser
$Web_User returns the userid that was sent by the browser in the HTTP user authentication header ("Authorization"), which could be different from the current Model 204 userid.
Syntax
%bruser = $Web_User
$Web_User takes no arguments, and it returns a null indicating that the browser sent no userid, or it returns the userid sent by the browser.
Usage notes
- The most likely use for $Web_User is in a LOGONERR exception handler ("JANUS WEB exception rules") or in NEWSESCMD processing. Since a LOGONERR exception handler runs under the WEBUSER userid, $USERID will not indicate the userid for which the login failed. Also, NEWSESCMD processing runs under the PRELOGINUSER userid, so, again, $USERID will not return the userid sent in the HTTP headers by the browser.
- For non-public, that is, logon required URLs, $Web_User will equal $USERID if HTTP user authentication is used. But it might be null or even a different userid, if NEWSESCMD is used to do some other kind of user authentication, such as certificate-based authentication. For public URLs, $Web_User might be null or it might contain the last userid that the browser used to log on for the port. Since a browser does not know which URLs for a port are public or private, it will usually send a userid and password for every URL on a port after a successful login.
- While $Web_User can be used in any code, its most common use is likely to be in exception rules, especially those associated with logon processing, such as LOGONERR and NEWPASSWORD rules, or in NEWSESCMD processing.
Example
The following example from a LOGONERR exception handler stores a record in a file for a failed logon attempt.
%BRUSER = $Web_User %BRIPADDR = $Web_IPAddr %TIME = $Web_Date IN FILE SECLOG STORE RECORD RECTYPE = 'LOGONERR' TIME = %TIME USER = %BRUSER IPADDR = %BRIPADDR END STORE