Re: {Remedy ARS} Re: Windows UserID
Why not include the requested info in the survey url? Or just the incident ID? I don't feel like looking up the documentation, but you can set a field value through the url something like F%fieldid%= $IncidentID$ Having the incident id can allow you to use workflow to pull in any info you want from the incident. James On May 5, 2:01 pm, Grooms, Frederick W frederick.w.gro...@xo.com wrote: In your Connector entries in Tomcat's server.xml file (in the conf directory) add enableLookups=true Connector port=8080 maxHttpHeaderSize=8192 URIEncoding=UTF-8 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=true redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true compression=on compressionMinSize=2048 noCompressionUserAgents=gozilla, traviata compressableMimeType=text/html,text/xml / By default Tomcat does not turn on machine name resolution. Personally I added the enableLookups=true to all of the Connector entries in the file. After updating the config file stop and restart Tomcat. Your Java function should then work. The other Java function I use is to get the IP (put it in the same .jsp file). function env_get_ip_info() { var return_value = %= request.getRemoteAddr() %; return (return_value) } Fred From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Veeral Oza Sent: Wednesday, May 05, 2010 7:38 AM To: arsl...@arslist.org Subject: Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza ___ UNSUBSCRIBE or access ARSlist Archives atwww.arslist.org attend wwrug10www.wwrug.comARSlist: Where the Answers Are -- You received this message because you are subscribed to the Google Groups Remedy ARS group. To post to this group, send email to arsl...@googlegroups.com. To unsubscribe from this group, send email to arslist+unsubscr...@googlegroups.com. For more options, visit this group athttp://groups.google.com/group/arslist?hl=en. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -Original Message- From: Veeral Oza veer...@gmail.com Date: Wed, 5 May 2010 18:07:31 To: arslist@ARSLIST.ORG Subject: Re: Windows UserID Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -- *From: *Veeral Oza veer...@gmail.com *Date: *Wed, 5 May 2010 18:07:31 +0530 *To: *arslist@ARSLIST.ORG *Subject: *Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Is there any way that the user could be sent a link to a survey that isn't theirs? And if grabbing the user if is so important, why not ensure a login to take the survey. Seems like a long path to satisfy a dubious requirement. Rick -Original Message- From: Veeral Oza veer...@gmail.com Date: Wed, 5 May 2010 18:15:48 To: arslist@ARSLIST.ORG Subject: Re: Windows UserID Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -- *From: *Veeral Oza veer...@gmail.com *Date: *Wed, 5 May 2010 18:07:31 +0530 *To: *arslist@ARSLIST.ORG *Subject: *Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
With Apache you can use the Apache module mod_auth_kerb to negotiate the security context (which sets and environment variable with the username). mod_auth_kerb will require some configuration and requires that you have a KDC available (active directory is the most common). If you are using mod_jk (Apache module) to connect to Tomcat, you can then set that env var (contains username) into a session attribute. The session attribute is then available through Java (jsp, servlet, etc.). You could then expose that and write it into a field using a combination of java and javascript. The exact implementation of the last piece can vary as there are several options of equal functionality. Axton Grams These represent my opinions and nothing more. On Wed, May 5, 2010 at 7:37 AM, Veeral Oza veer...@gmail.com wrote: ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Of course, the best way to approach this is by using some type of transparent authentication to access the mid-tier server, then rely on that to provide the information. Axton Grams These represent my opinions and nothing more. On Wed, May 5, 2010 at 8:22 AM, Axton axton.gr...@gmail.com wrote: With Apache you can use the Apache module mod_auth_kerb to negotiate the security context (which sets and environment variable with the username). mod_auth_kerb will require some configuration and requires that you have a KDC available (active directory is the most common). If you are using mod_jk (Apache module) to connect to Tomcat, you can then set that env var (contains username) into a session attribute. The session attribute is then available through Java (jsp, servlet, etc.). You could then expose that and write it into a field using a combination of java and javascript. The exact implementation of the last piece can vary as there are several options of equal functionality. Axton Grams These represent my opinions and nothing more. On Wed, May 5, 2010 at 7:37 AM, Veeral Oza veer...@gmail.com wrote: ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Yes, I get that. What I don't understand is the reason for the requirement, and why that is the only way to satisfy it. Rick -Original Message- From: Veeral Oza veer...@gmail.com Date: Wed, 5 May 2010 18:15:48 To: arslist@ARSLIST.ORG Subject: Re: Windows UserID Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -- *From: *Veeral Oza veer...@gmail.com *Date: *Wed, 5 May 2010 18:07:31 +0530 *To: *arslist@ARSLIST.ORG *Subject: *Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
Veeral, Here is the javascript code to do what you are asking. However, there are a host of security protocols that come into play to allow it to work in a browser. The mid-tier server will most definitely need to be in the trusted list. You may also need to customize other security rules to allow it to work. I suppose I am saying it can be done because I have seen it. However, I don't recommend it from a security standpoint. script type=text/javascript !--script var wshell = new ActiveXObject(WScript.Shell); var user = (wshell.ExpandEnvironmentStrings(%USERNAME%)); document.write(user) -- HTH, Wes From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Veeral Oza Sent: Wednesday, May 05, 2010 7:35 AM To: arslist@ARSLIST.ORG Subject: Windows UserID ** Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. - How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? - What are the chances of accidental misuse? - Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. - What is the likelihood of intentional misuse? - Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they *might* gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.com wrote: ** Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -- *From: *Veeral Oza veer...@gmail.com *Date: *Wed, 5 May 2010 18:07:31 +0530 *To: *arslist@ARSLIST.ORG *Subject: *Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ _attend WWRUG10 www.wwrug.com ARSlist: Where the Answers Are_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist
Re: Windows UserID
You nailed it Rick! Also once filled out it cannot be resubmitted/retaken Doug From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Rick Cook Sent: Wednesday, May 05, 2010 10:17 AM To: arslist@ARSLIST.ORG Subject: Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. * How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? * What are the chances of accidental misuse? * Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. * What is the likelihood of intentional misuse? * Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they might gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: DISCLAIMER Important! This message is intended for the above named person(s) only and is CONFIDENTIAL AND PROPRIETARY. If you are not the intended recipient of this e-mail and have received it in error, please immediately notify the sender by return email and then delete it from your mailbox. This message may be protected by the attorney-client privilege and/or work product doctrine. Accessing, copying, disseminating or re-using any of the information contained in this e-mail by anyone other than the intended recipient is strictly prohibited. Finally, you should check this email and any attachments for the presence of viruses, as the sender accepts no liability for any damage caused by any virus transmitted by this email. Thank you. ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are
Re: Windows UserID
What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Rick Cook Sent: Wednesday, May 05, 2010 10:17 AM To: arslist@ARSLIST.ORG Subject: Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. * How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? * What are the chances of accidental misuse? * Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. * What is the likelihood of intentional misuse? * Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they might gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: ** Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.commailto:remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick From: Veeral Oza veer...@gmail.commailto:veer...@gmail.com Date: Wed, 5 May 2010 18:07:31 +0530 To: arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG Subject: Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When
Re: Windows UserID
Peter, that's a valid point, but he said that the user's information is already in the survey - from the Incident. That is what prompted my initial question of why they needed further validation of that user's identity. Rick On Wed, May 5, 2010 at 7:33 AM, Lammey, Peter A. peter.a.lam...@espn.comwrote: ** What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 -- *From:* Action Request System discussion list(ARSList) [mailto: arsl...@arslist.org] *On Behalf Of *Rick Cook *Sent:* Wednesday, May 05, 2010 10:17 AM *To:* arslist@ARSLIST.ORG *Subject:* Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. - How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? - What are the chances of accidental misuse? - Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. - What is the likelihood of intentional misuse? - Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they *might* gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.com wrote: ** Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick -- *From: *Veeral Oza veer...@gmail.com *Date: *Wed, 5 May 2010 18:07:31 +0530 *To: *arslist@ARSLIST.ORG *Subject: *Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer
Re: Windows UserID
Ah I see...then you are right. No added identification is needed if there is a incident tied to that survey with a Customer identified there. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Rick Cook Sent: Wednesday, May 05, 2010 10:38 AM To: arslist@ARSLIST.ORG Subject: Re: Windows UserID ** Peter, that's a valid point, but he said that the user's information is already in the survey - from the Incident. That is what prompted my initial question of why they needed further validation of that user's identity. Rick On Wed, May 5, 2010 at 7:33 AM, Lammey, Peter A. peter.a.lam...@espn.commailto:peter.a.lam...@espn.com wrote: ** What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG] On Behalf Of Rick Cook Sent: Wednesday, May 05, 2010 10:17 AM To: arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG Subject: Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. * How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? * What are the chances of accidental misuse? * Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. * What is the likelihood of intentional misuse? * Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they might gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: ** Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.commailto:remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick From: Veeral Oza veer...@gmail.commailto:veer
Re: Windows UserID
There are also companies with support organization compensation tied directly to customer satisfaction surveys. In any environment like this where the focus is squarely on customer sat with support effectiveness measured against it and a process of continuous improvement built around it, the risk of intentional misuse of surveys must be protected against. Some reliable mechanism for submitter identification is essential because support individuals will get creative... I would push for user authentication, manual or SSO, if there is any real focus on customer satisfaction surveys in your organization. Regards, Dennis Ruble Lammey, Peter A. peter.a.lam...@espn.com Sent by: Action Request System discussion list(ARSList) arslist@ARSLIST.ORG 05/05/2010 09:33 AM Please respond to arslist@ARSLIST.ORG To arslist@ARSLIST.ORG cc Subject Re: Windows UserID ** What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Rick Cook Sent: Wednesday, May 05, 2010 10:17 AM To: arslist@ARSLIST.ORG Subject: Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? What are the chances of accidental misuse? Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. What is the likelihood of intentional misuse? Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they might gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza veer...@gmail.com wrote: ** Hi Rick, The ticket data is available and the requester details are populated in the survey. However, there is also a requirement to capture windows login id of the user submitting the survey. Regards, Veeral On Wed, May 5, 2010 at 6:10 PM, Rick Cook remedyr...@gmail.com wrote: How about prepopulating the userid from the ticket when the survey is created? If that data is unavailable, how would the survey be directed appropriately? Rick From: Veeral Oza veer...@gmail.com Date: Wed, 5 May 2010 18:07:31 +0530 To: arslist@ARSLIST.ORG Subject: Re: Windows UserID
Re: Windows UserID
That's true, Dennis, but again, if that's going on, the organization has bigger problems...like employees who would steal from them. You can make something foolproof, but you can't make it damnfool proof. How much would the cure cost vs. the disease? Rick On Wed, May 5, 2010 at 8:04 AM, Dennis Ruble ddru...@rockwellcollins.comwrote: ** There are also companies with support organization compensation tied directly to customer satisfaction surveys. In any environment like this where the focus is squarely on customer sat with support effectiveness measured against it and a process of continuous improvement built around it, the risk of intentional misuse of surveys must be protected against. Some reliable mechanism for submitter identification is essential because support individuals will get creative... I would push for user authentication, manual or SSO, if there is any real focus on customer satisfaction surveys in your organization. Regards, Dennis Ruble *Lammey, Peter A. peter.a.lam...@espn.com* Sent by: Action Request System discussion list(ARSList) arslist@ARSLIST.ORG 05/05/2010 09:33 AM Please respond to arslist@ARSLIST.ORG To arslist@ARSLIST.ORG cc Subject Re: Windows UserID ** What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 -- *From:* Action Request System discussion list(ARSList) [mailto: arsl...@arslist.org] *On Behalf Of *Rick Cook* Sent:* Wednesday, May 05, 2010 10:17 AM* To:* arsl...@arslist.org* Subject:* Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. - How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? - What are the chances of accidental misuse? - Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. - What is the likelihood of intentional misuse? - Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they *might* gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until it is better thought through by the business leaders. Rick On Wed, May 5, 2010 at 5:45 AM, Veeral Oza *veer...@gmail.com*veer
Re: Windows UserID
Hello all, Thanks a lot for all your replies. I totally agree with everyone. There is no justification from business which explains this requirement. And if there is, then I am not aware of it. Having said that, I look at it as a technical challenge to implement this requirement. I saw a few suggestions from this forum and will surely consider those while implementing this. Regards, Veeral Oza On Wed, May 5, 2010 at 8:34 PM, Dennis Ruble ddru...@rockwellcollins.comwrote: ** There are also companies with support organization compensation tied directly to customer satisfaction surveys. In any environment like this where the focus is squarely on customer sat with support effectiveness measured against it and a process of continuous improvement built around it, the risk of intentional misuse of surveys must be protected against. Some reliable mechanism for submitter identification is essential because support individuals will get creative... I would push for user authentication, manual or SSO, if there is any real focus on customer satisfaction surveys in your organization. Regards, Dennis Ruble *Lammey, Peter A. peter.a.lam...@espn.com* Sent by: Action Request System discussion list(ARSList) arslist@ARSLIST.ORG 05/05/2010 09:33 AM Please respond to arslist@ARSLIST.ORG To arslist@ARSLIST.ORG cc Subject Re: Windows UserID ** What if the user really felt that the services provided were very unsatisfactory and that was highlighted by their survey results and management wanted to the organization to contact the user (if they elect to by some means) to clarify what their expectation was that was not met. Most of the time people dont even fill out a survey so there may not be many to sift through that are submitted in say a month. But for the people that took the time to fill out the survey and indicated that they were quite unsatisfied with the service provided, it might be helpful for management to contact that person directly and find out exactly where things went wrong and assure them that they will rectify the problems they experienced so that any future services that they request will go much smoother. I know that if I switch to say a different internet provider or new cable provider at home and I experience all kinds of issues, if I took the time to fill a survey out indicating how dissatisfied I was with the service and if I elected to get a callback then I may like the personal attention that cable provider or internet provider gave me to hear about my experience and what they are going to do to rectify the issue for the future. Thanks Peter Lammey ESPN IT Packaging and Automation 860-766-4761 -- *From:* Action Request System discussion list(ARSList) [mailto: arsl...@arslist.org] *On Behalf Of *Rick Cook* Sent:* Wednesday, May 05, 2010 10:17 AM* To:* arsl...@arslist.org* Subject:* Re: Windows UserID ** OK, let me see if I can be more clear in my objections. Your management, for some unexplained reason, wants to know who is filling out the surveys. You are trying to satisfy that requirement technically. I am trying to address it from a business perspective, and that almost always starts with the question Why?. The only reason I can guess for that is that they want to be sure that the person filling it out is the person to whom it was directed. Let's look at three factors in that. - How valuable is knowing who actually filled out the survey, from a practical standpoint? What will be done with those metrics, if anything? - What are the chances of accidental misuse? - Since the surveys are only sent to the person who is supposed to have them, making it pretty difficult for User2 to even know that a survey is available for User1. It would be MORE work for someone to try to answer someone else's survey than to just do the ones they get sent, and most people don't even fill THOSE out. So practically speaking, there is very little chance of an accidental misuse of the survey. - What is the likelihood of intentional misuse? - Are they concerned that there will be an epidemic of people taking surveys for other people? Do they think their people have so little to do that they will spend even free time spoofing other users to fill out their surveys? If so, they have a bigger problem than satisfying this requirement could possibly address. So the likelihood of intentional misuse is again, effectively zero. So my analysis is that what they *might* gain by the satisfaction of this requirement seems insignificant compared to the work of satisfying it. I fail to see ANY worthwhile business justification for this requirement, and in the absence of same, as a developer, I would reject it for that reason alone until
Re: Windows UserID
In your Connector entries in Tomcat's server.xml file (in the conf directory) add enableLookups=true Connector port=8080 maxHttpHeaderSize=8192 URIEncoding=UTF-8 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=true redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true compression=on compressionMinSize=2048 noCompressionUserAgents=gozilla, traviata compressableMimeType=text/html,text/xml / By default Tomcat does not turn on machine name resolution. Personally I added the enableLookups=true to all of the Connector entries in the file. After updating the config file stop and restart Tomcat. Your Java function should then work. The other Java function I use is to get the IP (put it in the same .jsp file). function env_get_ip_info() { var return_value = %= request.getRemoteAddr() %; return (return_value) } Fred From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Veeral Oza Sent: Wednesday, May 05, 2010 7:38 AM To: arslist@ARSLIST.ORG Subject: Re: Windows UserID ** Forgot to mention environment: ARS 7.0 ITSM 7.0.3 Midtier: 7 on Apache-Tomcat on a Windows machine. Oracle 11g database. On Wed, May 5, 2010 at 6:05 PM, Veeral Oza veer...@gmail.commailto:veer...@gmail.com wrote: Hi, I am stuck at this requirement and was wondering if this is feasible to implement: 1) When an Incident is resolved, an email goes to the customer to submit a survey, with a survey link. 2) The link opens the survey form in the brower without the user authenticating in the midtier. A surver-user with a restricted read license is created for this purpose which allows multiple people from multiple locations to submit the survey. 3) There is a submit button on this survey form. 4) When the user clicks on submit button, it is required that, his Windows User ID be captured in one of the fields. ___ Solutions implemented that did not work: 1) Create a little Java function in a .jsp file and put it in your shared folder on your Midtier: Name the file something like /arsys/shared/get_remote_user.jsp. get_remote_user.jsp contains: function env_ip_var() { var return_value = %=request.getRemoteUser()%; return (return_value) } In the Web Header content of the form you want to capture this on, add... SCRIPT src=/arsys/shared/get_remote_user.jsp language=JavaScript/SCRIPT To set a field with the data from the JavaScript functions do the following in an active link... Run Process Command Line: javascript:window.F().DoSet(env_hostname()); Be sure to change with the field ID of the field you want to set. This did not work, function env_ip_var returns null. Solution 2: A set fields actions in an active link: $PROCESS$ CMD /C set username This worked only in user tool. However this functionality is required for web. ___ If you have any other ideas, please do share. Regards, Veeral Oza ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: Where the Answers Are