What account is executing IronPython script/data connection etc. on the Web Player?
Article ID: KB0075533
Updated On:
| Products | Versions |
|---|---|
| Spotfire Web Player | Spotfire Web Player version 7.11 and higher |
Description
Sometimes it can be of interest to verify what account is executing things on the Web Player and what access rights that account has.
It is possible to create and execute an IronPython Script to verify the account name used to execute the script.
In Analyst this will result in the name of the user logged into Windows. On the Web Player, it usually is a service account, or if delegated privileges are used, the name of the user logged in where the browser is running.
If you have desktop access to the node manager (Web Player), you can open a cmd prompt/browser as the user who is executing things. This could be useful to test user/file rights, proxy setting, network access, etc.
It is possible to create and execute an IronPython Script to verify the account name used to execute the script.
In Analyst this will result in the name of the user logged into Windows. On the Web Player, it usually is a service account, or if delegated privileges are used, the name of the user logged in where the browser is running.
If you have desktop access to the node manager (Web Player), you can open a cmd prompt/browser as the user who is executing things. This could be useful to test user/file rights, proxy setting, network access, etc.
Issue/Introduction
Sometimes it can be of interest to verify what account is executing things on the Web Player and what access rights that account has.
Resolution
- Create a Document Property called Debug and show it in a Text Area.
- Create a button that executes the script from the box below. The Document property will show the Spotfire Username, and the Windows account used to execute the script.
- Upload this to the library and show it in your browser from the Web Player. You will find out the name of the account executing the script on the web player
from System import Environment, Threading, Security Document.Properties["Debug"] ="\nSpotfire Username: " + Threading.Thread.CurrentPrincipal.Identity.Name Document.Properties["Debug"] +="\nWindows Username(Env): " + Environment.UserName Document.Properties["Debug"] +="\nWindows Username(WinIdent): " + Security.Principal.WindowsIdentity.GetCurrent().Name
With desktop/admin access, you could then execute things as this user on the Node Manager (example below).
If a service account is used, you need to download psexec from Microsoft.
If a normal account is used on the node manager, 'runas' preexisting in windows works fine.
psexec.exe -s -i cmd.exe "runas /user:gslab\pkurcman cmd"
The command "whoami" verifies the account name in the new cmd prompt:
whoami
Start browser with the below command to verify what proxy setting the account is using etc.
start iexplore
Additional Information
Feedback
Yes
No
Powered by
