Identifying Users
In order to expose the journey of a specific user and track the same user across multiple devices, Plumbr also embeds the possibility of identifying users. The exposed identity can be in any form that the particular application can handle. Typical examples of identity are the username or email address of the user.
User identity is automatically linked to a transaction in applications where Plumbr is capable of determining the location of the identity. Plumbr has 3 conceptually different ways of obtaining users’ identity:
- fully automatic discovery for certain frameworks,
- via configuration for certain sources of properties,
- programmatically via our APIs.
Fully automatic discovery, requiring no configuration, supports following frameworks for capturing identity:
- JWT Bearer tokens. If your application passes the identity of the user in the HTTP request headers using JWT Bearer tokens, Plumbr will use the value of the subject extracted from the token as the identity of the user.
- Spring Security. If the application monitored by Plumbr uses the authentication built into the Spring Security library, Plumbr will extract the user’s identity from security.core.userdetails.UserDetails.getUsername().
- Java Authentication and Authorization Service (JAAS). If the application monitored by Plumbr exposes authentication data via standard Servlet API (javax.servlet.http.HttpServletRequest.getUserPrincipal()), Plumbr will extract the identity from java.security.Principal.getName().
In case if Plumbr has not been able to detect the user’s identity automatically, you can help Plumbr to locate the identity yourself by configuring one or more of Identity Detection Rules:
- HTTP Header Rule. If your application passes along the identity of the user using HTTP Request Headers.
- Session Attribute Rule. If your application stores information about current user’s identity in a custom Servlet session attribute.
Configuration of Identity Detection Rules is explained in detail in the following chapter.
When automatic and configurable identity detection doesn’t suit, then Plumbr allows manually setting user identity via its APIs:
Please note, that all identity detection mechanisms except Browser Agent API only work in settings where the application is monitored by the Java Agent (regardless of whether or not the Browser Agent is used).
