Sunday, November 30, 2008

[9] Admin Logging in as Different user

This one is my favorite ...

Many a times it is needed that 'Admin' ( or Support Staff ) needs to login as different user in Clarity. Primarily it's Support/Admin person's perspective to login as User who is facing some issue(s) and attempt to resolve it. So far it has been bit lengthy process of Disabling the ldap and changing the password of user in database and reverse the process after 'troubleshooting' is done.

I faced this problem initially ( after my bootcamp ) and thought to evolve a easy solution where 'Admin' should be able to log in as any user with ease.. Many thoughts came in mind like creating a SP based Clarity job or a Web page to creating a user Session through Web service and redirect to Overview page using that Session ID and many others... but then finally came up with workaround which according to me was less hassle when compared to other ones...

Workaround : Admin user ( cmn_sec_users.user_name = 'admin' ) can now login as other user ( say williamR ) from Clarity Login page itself. What Admin user would need to do is simple... In Login field ( of Clarity login page ) type Admin/williamR and supply Admin's own password ( Like Screenshot below ) and Hit 'Login' button to login as williamR user.






Solution : Download. This zip file contains instruction for Both SQL Server and Oracle based Clarity instances. Take the backup of the file which is being changed to some safe location, should there be need to revert for any reasons. ( I have tested it on Clarity 7.5.x, 8.x & 12.x versions )

* Post your comments or email the blog's email id, if you face any issues or this doesn't work for you.

11 comments:

  1. Hi Sangeet,
    What if in the scenario where we do not want to share Admin username/password?
    In this case if we use any dummy username. Can that user be able to Login as dummy/admin? If yes then,
    Can this be specifically restricted?
    If no, then dummy user will get all the admin rights.

    ReplyDelete
  2. Good question...
    1. Replace all ADMIN with DUMMY
    2. Have following :-
    Select PWD FROM CMN_SEC_USERS WHERE UPPER(USER_NAME) = 'DUMMY' and @UPPER@(REPLACE((UPPER(?)), 'DUMMY/', '')) <> @UPPER@('ADMIN')
    3. Add another parameter line along others
    <param type="string" name="userName"/>

    * Not tested though but above should work or any other similar SQL modification say additional CASE statement

    - Sangeet

    ReplyDelete
  3. I verified with Clarity 12 (Oracle) and worked well - Sanjay

    ReplyDelete
  4. Hi Sangeet, This is very useful. Hope I knew about this solution few months back.
    Jothikumaran

    ReplyDelete
  5. Hi sangeet,
    it's not working for my clarity 8.1 (oracle)without LDAP.
    plz suggest me any other setting required.

    thanks
    hussain

    ReplyDelete
  6. Hussain,

    I tested and it appears to be working on 7.5.x, 8.x and 12.x with LDAP turned on or off. Try again and if still doesn't work, send me modified securityPMD.xml file, I will have a look at that.

    - Sangeet

    ReplyDelete
  7. This is an unsupported customization. Customizations such as this are only permitted when submitted to CA Support in form of a "Customization Request".

    ReplyDelete
  8. That's good point. I have added disclaimer in the document of this post.

    ReplyDelete
  9. I am trying to create the admin/user but it it not working.
    Placed the code on the securityTestPMD.xml

    ReplyDelete
  10. Very good, but it's a pity that doesn't work on Clarity 13.

    ReplyDelete
    Replies
    1. It works on V13 as well... May be copy/paste from earlier version code may not work as fields gets added/removed with each new version. With minor adjustments in old code, it should work in V13. I am running "Admin Login" on v13.

      - Sangeet

      Delete