cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Learn all about PTC Community Badges. Engage with PTC and see how many you can earn! X

Can I add the windows user to the Apache log file ?

Go to solution
BernardWielfaer
12-Amethyst
12-Amethyst
‎Jan 15, 2015 08:22 AM
‎Jan 15, 2015 08:22 AM

Can I add the windows user to the Apache log file ?

Dear,

I like to have a better view on the people that logging in to Windchill. That is why I am using the Apache log file to get the ip address of the logged on machine and translate this to a machine name. The problem commes when Citrix users are logging on, then I get one ip address for a number of people logged on.

So my question is; can I get more information in the Apache log file so I can identify the windows user properly ? I do know the Windchill user.

The logfile looks like :

172.30.44.XX - nbrm [15/Jan/2015:13:31:44 +0100] "GET /Windchill/servlet/WindchillAuthGW/com.ptc.wvs.server.ui.ThumbnailHelper/getMThumb?oid=wt.epm.EPMDocument:776065947 HTTP/1.1" 200 394 187205

Best regards,

Bernard

Labels:
0 Kudos
Notify Moderator
ACCEPTED SOLUTION

Accepted Solutions
jessh
12-Amethyst
12-Amethyst
(To:BernardWielfaer)
‎Jan 15, 2015 09:38 AM
‎Jan 15, 2015 09:38 AM

The user is nbrm in the line shown. If that's not indicative of who is logging in, then that's an issue with your deployment.

If you additionally want to know which client user account the user is logging in from, I don't suspect that is possible. You can snoop the HTTP headers, but I don't believe that information is present there. If it is, then you can should be able to customize Apache's log file format to include that information.

View solution in original post

0 Kudos
Notify Moderator
2 REPLIES 2
jessh
12-Amethyst
12-Amethyst
(To:BernardWielfaer)
‎Jan 15, 2015 09:38 AM
‎Jan 15, 2015 09:38 AM

The user is nbrm in the line shown. If that's not indicative of who is logging in, then that's an issue with your deployment.

If you additionally want to know which client user account the user is logging in from, I don't suspect that is possible. You can snoop the HTTP headers, but I don't believe that information is present there. If it is, then you can should be able to customize Apache's log file format to include that information.

0 Kudos
Notify Moderator
TomU
23-Emerald IV
23-Emerald IV
(To:BernardWielfaer)
‎Jan 15, 2015 09:41 AM
‎Jan 15, 2015 09:41 AM

From a little Googling it seems like authentication information is only passed to Apache when requested. Since your Windchill logon appears different than the Windows logon, the information being requested will be specific to Windchill, not Windows. Not sure if it's possible or not, but you'd probably have to configure double authentication. Basically some type of hidden single sign on using the windows credentials and then the normal LDAP login for Windchill.

Here are some things on NTLM authentication:

http://www.apachelounge.com/viewtopic.php?p=25073

http://board.phpbuilder.com/showthread.php?10377804-RESOLVED-AUTH_USER-Apache-in-Windows-Domain

Notify Moderator
Announcements


Contact Community Management
Top Tags