I am working on project which used Maximo Asset Management program. Our customer wants to know client IP when any person create new service request. I have searched on the internet but I can't find any topics about that. I 'm working with Java on businessobjects , I have took IP but this IP was Server's IP , as you know that Maximo run on server therefore it shows server ip , but I want to take which user/client create new service request.
In Maximo
Go to->Security->Users
Select Action -> Manage Sessions
Click on arrow to expand info on any logged in user
Here you can see Name and Client Host (ip address of user)
Click on the client host field and hold down alt+i to see the database table and field for this. The result MAXSESSION.CLIENTHOST is the table MAXSESSION and the field is CLIENTHOST.
If I can take #davejal's answer a step further, you could try the following:
Create a relationship called MAXSESSION from PERSON to MAXSESSION where userid = :personid. Note that if MAXUSER.USERID != MAXUSER.PERSONID in your system then your relationship will have to be "upgraded" to userid = (select userid from maxuser where personid = :personid).
Create an attribute on TICKET called REPORTEDBYIP same-as MAXSESSION.CLIENTHOST.
Create a crossover domain called TKREPORTEDBY against PERSON.
The Validation Where Clause should be personid = :reportedbyid.
Have a row in your Crossover Fields table where Source Field is MAXSESSION.CLIENTHOST and Target Field is REPORTEDBYIP.
Apply the TKREPORTEDBY domain to the TICKET.REPORTEDBYID attribute.
A known problem with the above is that if the user is logged in twice from different IPs, it is unknown which one will get crossed over onto the ticket / SR. You could upgrade the where clause in the relationship to always get the alphanumerically lower or higher one, using max() or min(). Or you could change the relationship to find the latest LOGINTRACKING record and use that. But again, there's no sure way, in such a situation, to guarantee that the IP you record will be the one they created the ticket from. But still, this solution is a step in the desired direction.
Related
I want to create a unique user name for my users, but this will be not system generated. Users can choose his/her user name.
DB
MongoDB
Ex
Github user name
Current process
sign-up
get a verification link on the email
go to the link, like example.com/verify?token=xyz...
On verify page user can enter a user name, that user name must be unique across the DB.I don't want to keep duplicate user names.
Many websites have implemented this feature, like Github, GitLab, etc. But, I have explored some web about implementing this feature and I didn't get the desired result.
After entering the user name in step 3, the browser will make a POST request to the server.
Server will then check the DB that if this user name already exists or not, if this already exists then throw an error or process the user name otherwise.
This is working on my local PC, but I am not sure whether this will work when multiple users make a request with the same username within a time interval. Then, in this case, there may be some duplicates in DB.
case
There are two users A and B wants to create their user name on the system at the same time.
both are requesting the same user name
A: make the request for the user name u1
Server: check for A's user name is present or not in DB
B: make the request for user name u1
Server: A's user name is not present, save u1 as A's user name
Server: B's user name is not present, save u1 as B's user name
You can see, in the end, both users's haveing the same user name.
Is there any way to avoid this??
The solution depends on your Database. If you are using SQL database, you can just add UNIQUE constrain to the field, so the database will enforce the uniqueness of an attribute value in the table. The first row will be inserted while another row will fail to insert with an error that the field is not unique.
Speaking of MongoDB, you also have a unique index.
-> As the above answer suggested have a unique constraint on DB for user name and if the insert didn't happen send an error response stating username already taken also
-> We do not need to wait until the user submits the request, as the user types in the user name, call an API to check if the username already exists, and while calling this cancel the previous request which we haven't got a response back. For example when the user types vi you send a request and it is still in progress but the user has typed vig now before sending the new request with 'vig' data, cancel the previous request. ( Ans simultaneously show the status whether taken or not as you get the responses )
This improves the user experience.
-> The cancelling of the requests can be done using cancel tokens in Axios, if you are going with Axios.
For MongoDB:
If you can create an additional unique index based on a combination of fields, can't you use an additional dummy field ( which has the same data for all users), so now your username would stay unique? (I haven't used MongoDB a lot to be sure of this. )
OR this is mentioned in the Mongo DB documentation , create a proxy collection to maintain this username as a unique key, following the first segment in the below document
https://docs.mongodb.com/manual/tutorial/unique-constraints-on-arbitrary-fields/
I have a java application running in ECS in which I want to read data from table in account 1 (source_table) and write it to a table in account 2 (destination_table). I created two dynamodb clients with different credential providers - for source_table client I'm using an STSAssumeRoleSessionCredentialsProvider with the arn of a role in account 1; for destination client I'm using DefaultAWSCredentialsProviderChain.
The assume role bit works and I'm able to read using the source client but using the destination client does not work - it still tries to use the assumed role credentials when trying to write to destination_table and fails with unauthorized error (assumed-role is not authorized to perform Put Item).
I tried using EC2ContainerCredentialsProviderWrapper on the destination client but same error.
Should this work? Or are the credentials shared under the hood which makes it impossible to have two different AWSCredentialProviders running simultaneously like this?
I noticed this answer which uses static credentials and apparently works, so I'm at a loss why this doesn't work.
I figured it out with some help from AWS support. It was a problem with my IAM configuration on the role in account 2. I was misled by the error message which said 'assumed-role is not authorized to perform Put Item' when in fact my original account 2 role itself was unable to do so.
I am trying to create a customer feedback management program in which a link to a page is sent to customer. The link sent to each customer is different(but each customer should land on the same page as it clicks the link) so that no non customer can use the link and each link expires as soon as the customer uses that link( same case as when you try to change Oracle Corporation password).The url(link) should be so that each customer's social security number e.g "35202-6641939-8" and customer's tracking id e.g "10901540381" are combined and then encrypted and then appended to the url(link) which is e-mailed to the customer. But even though the url of each customer is different , even then each customer should land on the same page. My priority is that a Java component(servlet) which handles the above mentioned scenario be created. But don't know how to implement the above mentioned scenario.
Regards!.
Here's an idea:
When you create the link, generate some UUID (see UUID.randomUUID()) and put the uuid, the SSN and the tracking ID in some DB (a file could do the job if you really can't use a DB). => The link for the customer http://www.foo.com/somepath/<UUID> (the servlet is mapped to /somepath/* in this example)
Now the customer click the link, you get the DB record using the UUID, and you then have the SSN and tracking ID. Do something then purge the DB record (side note, you probably want some "batch" to purge old, non used links)
No encryption required.
I am creating a java application that able to login to LDAP server with OpenDJ Client SDK, but I only has Domain Name, User Name (also known as SAMAccountName), and Password. If you don't know domain login, see this image:
You enter the user name field in format: DOMAIN_NAME\USER_NAME instead of just plain USER_NAME. Example of Domain Name is: corp.fabrikam.com.
Now I need to know how to convert Domain Name to Distinguished Name (DN)? Because OpenDJ requires Distinguished Name to connect to LDAP.
For example: Distinguished Name from corp.fabrikam.com is: dc=corp, dc=fabrikam, dc=com.
It seems I just need to split it by ".", but I heard there is thing called Disjoint Domain:
http://technet.microsoft.com/en-us/library/cc731125%28v=ws.10%29.aspx
So splitting trick might not reliable here.
Also, user in LDAP can be under an Organizational Unit (OU). Let's say user john is belong to manager OU, so the full user DN of john would become like this:
uid=john, ou=manager, dc=corp, dc=fabrikam, dc=com
You should always refer to the RootDSE entry of the ldap server to get information about the environment you are connecting to. The RootDSE entry is readable by anyone upon an anonymous bind ( or a particular user, it does not really matter, as long as you are bound ). It contains a lot of interesting stuff, the one you are looking for is defaultNamingContext.
Once bound, perform an ldap read operation on the DN of an empty string: ''. If the framework of your choice provides some API to read the rootDSE, try to use that. It might be much more simple.
This might help you to get a kickstart:
http://opendj.forgerock.org/opendj-ldap-sdk/apidocs/index.html
I did not find any mention of the defaultNamingContext on the opendj documentation pages, but you might just get the information you are looking for via getNamingContexts() method.
Note that rootDSE is an ldap feature, it's not implementation-specific.
I am building a client application for Intra Office Messaging System using Openfire as server. Using Roster class I can find the list of buddies (friends/contacts) using:
Roster rs= con.getRoster();
Collection<RosterEntry> list=rs.getEntries();
System.out.println("\n\n" + list.size() + " buddy(ies):");
for (RosterEntry r : list) {
System.out.println(r.getName());
}
But since this is an IOMS (Intra Office Messaging System), the requirement is diferent. There is no need to add contact. All users should see every other user and his status. Is there a way to achieve this?
One way to do this would be to integrating your openfire with AD. Add all users in a single common group and then import that group in the client. That way a user will automatically appear as a member of that group, and his/her online status will be available to all members of that group. And make sure whenever a new user is added, it becomes member of this group. This way everybody is imported at once in user's list.
Here is a reference link regarding same: Openfire Automatic Roster Population via Shared Groups and here is the guide to integrate Openfire with LDAP
Another way would be to update Openfire code and change registration process to add code for automatically adding all users to buddy list of the newly registered user. You can also do the same code on client side. But this is not a good path to walk on, as it will cause problem as the number of users in system grows.