This is an old revision of the document!

Check user plugin

This plugin allows us to check session attributes, access rights and transmitted headers for a specific user and URL. This can be useful for IT Ops, dev teams or administrators to debug or check rules. Plugin DISABLED by default.


Just enable it in the manager (section “plugins”).

  • Parameters:
    • Activation: Enable / Disable this plugin
    • Hidden attributes: Attributes not displayed
    • Display persistent session: Display persistent session attributes
    • Display empty value: Display ALL attributes even empty ones
Be careful to not display secret attributes.

checkUser plugin hidden attributes are concatenation of

checkUserHiddenAttributes and hiddenAttributes.

You just have to append checkUser specific attributes.

This plugin displays ALL user session attributes except the hidden ones.

You have to restrict access to specific users (administrators, DevOps, power users and so on...)

by setting an access rule like other VirtualHosts.

By example: $groups =~ /\bsu\b/


When enabled, /checkuser URL path is handled by this plugin.