Question
· Feb 14, 2020

Hidden change of $UserName

#Authentication #Security #Access control #Caché #InterSystems IRIS

This is more a WARNING than a question


In a default installation I see this behaviour:

USER>w $username
prick
USER>w $system.Process.UserName()
prick
USER>

 

until a re-install (not upgrade) to a new version

USER>w $username
prick@workgroup.com
USER>w $system.Process.UserName()
prick
USER>


you might easy understand the confusion this caused as $USERNAME is my preferred item to check, display, ...

with help of WRC it turned out that it was cause of a system wide setting.

System > Security Management > System-wide Security Parameters
http://localhost:57772/csp/sys/sec/%25CSP.UI.Portal.Parameters.zen



Removing the hook returned me to default behaviour

 Needless to say that I could't find any docs on this unexpected surprise.
 

So be warned !

Discussion (2)0
Log in or sign up to continue
Alexander Koblov · Feb 17, 2020

Thanks for sharing Paul.

Though reference article for $username has this documented:

$USERNAME contains the username for the current process. This can be in one of two forms:

  • The name of the current user; for example: Mary. This value is returned if multiple security domains are not allowed.
  • The name and system address of the current user; for example: Mary@jupiter. This value is returned if multiple security domains are allowed.

To allow multiple security domains, go to the Management Portal, select System Administration, Security, System Security, System-wide Security Parameters. Select the Allow multiple security domains check box. Changes to this setting apply to new invoked processes; changing it does not affect the value returned by the current process.

https://cedocs.intersystems.com/ens201813/csp/docbook/DocBook.UI.Page.cl...

1 0