If the data access takes place via an APP router -as it recommended for XSUAA authentication- the transfered user will be always "anonymous" :
srv.before('READ', 'Partner', request => {
var user = request.user.id; // <<< always "anonymous" })
Additional information
default-env.json
{
"destinations" : [
{
"name": "srv-binding",
"url": "https://<our company>.cfapps.eu10.hana.ondemand.com",
"forwardAuthToken": true
}
],
"VCAP_SERVICES": {
"xsuaa": [
{
"name": "wsw_vdr-uaa", "label": "xsuaa", "tags": [ "xsuaa" ],
"credentials": {
"apiurl": "https://api.authentication.eu10.hana.ondemand.com",
....
xs-app.json
{
"welcomeFile": "webapp/index.html",
"authenticationMethod": "route",
"routes": [
{
"source": "^/webapp/index.html",
"target": "index.html",
"localDir": "webapp/",
"cacheControl": "no-cache, no-store, must-revalidate"
},
{
"source": "^/webapp/(.*)$",
"target": "$1",
"localDir": "webapp/",
"authenticationType": "xsuaa"
},
{
"source": "^/logout.html$",
"localDir": "webapp/",
"authenticationType": "none"
},
{
"source": "^(.*)$",
"destination": "srv-binding",
"authenticationType": "xsuaa"
}
],
"logout": {
"logoutEndpoint": "/logout",
"logoutPage": "logout.html"
}
}
mta.yaml
############## SERVER MODULE ##########################
- name: wsw_vdr-srv
type: nodejs
path: srv
parameters:
memory: 256M
disk-quota: 512M
properties:
EXIT: 1 # required by deploy.js task to terminate
requires:
#### Resources extracted from CAP configuration ####
- name: wsw_vdr-db
- name: wsw_vdr-uaa
provides:
- name: srv-binding # required by consumers of CAP services (e.g. approuter)
properties:
srv-url: ${default-url}
############################################################