Michael Williams
asked on
Xpage REST Service: Access User Name
Lets say you have the following REST Service.
Am I able to access the user name of the logged in user who made the service call?
<?xml version="1.0" encoding="UTF-8"?>
<xp:view xmlns:xp="http://www.ibm.com/xsp/core"
xmlns:xe="http://www.ibm.com/xsp/coreex">
(JSON) - View Column - Checkbook
<xp:br></xp:br>
<xe:restService id="restService1" pathInfo="GetViewCheckbook">
<xe:this.service>
<xe:viewJsonService viewName="VIEWCheckbook" systemColumns="0" defaultColumns="true" compact="true" count="1000"/>
</xe:viewJsonService>
</xe:this.service>
</xe:restService>
</xp:view>
Am I able to access the user name of the logged in user who made the service call?
ASKER
FYI....I updated the code to reflect it is accessing the Checkbook view.
I believe so.
I have an application where users have various levels of access. Create documents and access data from certain views is limited.
Example:
Jane Doe - Can Access Checkbook
Jane Doe clicks a link on a website to access the "GetViewCheckbook" REST Service. The JSON response will contain the data from the Checkbook since Jane has access.
John Doe - No Access to the Checkbook
John Doe clicks a link on a website to access the "GetViewCheckbook" REST Service. The JSON response will contain error information since John does not have access.
I know the website can hide the link from John Doe however; I would still like to setup the REST Service to error if John attempts to access the Service. I thought about setting the service up to read a parameter that would contain the user name. This is not a secure option. This is why I would like to obtain the authenticated user name accessing the service.
BTW: Thank you for the assistance on my last few questions. I am getting started with Xpage REST Development and I am probably asking basic questions :)
I believe so.
I have an application where users have various levels of access. Create documents and access data from certain views is limited.
Example:
Jane Doe - Can Access Checkbook
Jane Doe clicks a link on a website to access the "GetViewCheckbook" REST Service. The JSON response will contain the data from the Checkbook since Jane has access.
John Doe - No Access to the Checkbook
John Doe clicks a link on a website to access the "GetViewCheckbook" REST Service. The JSON response will contain error information since John does not have access.
I know the website can hide the link from John Doe however; I would still like to setup the REST Service to error if John attempts to access the Service. I thought about setting the service up to read a parameter that would contain the user name. This is not a secure option. This is why I would like to obtain the authenticated user name accessing the service.
BTW: Thank you for the assistance on my last few questions. I am getting started with Xpage REST Development and I am probably asking basic questions :)
AFAIK the standard Domino security rules still apply, so Author and Reader fields, view security settings, etc. are active as usual. If you need you can circumvent this in your code using getSessionAsSigner().
ASKER
Ok. I will try this evening.
On the other hand, an error will be generated when someone is trespassing. You'll have to use the Display Error control, I think.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I want to say it returned the server name. I will verify this evening.
ASKER
For some reason originally I think I had some sort of syntax error.
session.getEffectiveUserNa me() also returns the user name that is currently logged in.
session.getEffectiveUserNa
session.getUserName()
?