http://pic.dhe.ibm.com/infocenter/wchelp/v7r0m0/topic/com.ibm.commerce.admin.doc/tasks/tsecremem_cd.htm
Securing > Session management > Using cookies for session management > Persistent sessions (Remember Me)
Feedback
Enabling persistent sessions in a single store
Persistent sessions are particularly useful in consumer direct stores, although it is possible to enable B2B direct stores with persistent sessions as well. The steps to enable persistent sessions in the stores only differ in the locations and names of the files that need to be altered. In both cases, the store's Logon and UserRegistrationAdd forms require changes. The steps must be performed for all the stores in the site that need persistent sessions.
Before you begin
Ensure that you have completed the following task:
Enabling persistent sessions globally.
Procedure
In your store's Logon form and the UserRegistrationAdd form, add the rememberMe parameter as shown in the following example:
<form method="post" name="Logon" action="Logon" id="Logon">
...
<input type="checkbox" name="rememberMe" value="true">
Remember Me </input>
...
</form>
Modify the URL parameter of the Logon form from
<input type="hidden" name="URL"
value="OrderItemMove?page=account&URL=OrderCalculate%3FURL%3DLogonForm"
id="WC_Accouid="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
to
<c:choose>
<c:when test="${!empty WCparam.URL}">
<input type="hidden" name="URL"
value="${WCparam.URL}"
id="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
</c:when>
<c:otherwise>
<input type="hidden" name="URL"
value="OrderItemMove?page=account&URL=OrderCalculate%3FURL%3DLogonForm"
id="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
</c:otherwise>
</c:choose>
Note: The value of the id attribute will differ between stores, but the structure of the code fragment will remain consistent.
Optionally, If you want the partially authenticated user's logon ID to be pre-populated in the user name entry field of the logon form, change the following code:
<input size="20" name="logonId" value=""
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
to:
<c:choose>
<c:when test="${!empty param.logonId}">
<input size="20" name="logonId" value="${param.logonId}"
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
</c:when>
<c:otherwise>
<input size="20" name="logonId" value=""
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
</c:otherwise>
</c:choose>
Note: The value of the id attribute will differ between stores, but the structure of the code fragment will remain consistent.
Add the following configuration fragment to the WebSphere Commerce Struts custom configuration file for the Stores module:
<global-forwards>
<forward className="com.ibm.commerce.struts.ECActionForward"
name="RememberMeLogonFormView/
storeID"
path="/UserArea/AccountSection/LogonSubsection/LogonSetup.jsp">
<set-property property="credentialsAccepted"
value="
storeID:
credAccept" />
</forward>
</global-forwards>
<action-mappings
type="com.ibm.commerce.struts.ECActionMapping">
<action path="/RememberMeLogonFormView"
type="com.ibm.commerce.struts.BaseAction">
<set-property property="https" value="
storeID:1" />
<set-property property="credentialsAccepted" value="
storeID:
credAccept" />
</action>
</action-mappings>
Where:
storeID
The store ID of the store for which you are enabling the persistent session. This value can be found in the STORE table.
credAccept
P to mean that remembered registered users are entitled to accessing this resource without authenticating themselves, or any other value (including NULL) to mean that they must authenticate themselves.
Update actions for all the URLs that remembered registered users are entitled to access without authenticating themselves by setting their credentialsAccepted property to storeID :P.
Update the PERSISTENTSESSION column in the STORE table in order to enable the persistent session:
Open a session to your database.
Find the STORE_ID of the store you are enabling persistent session for by entering the following SQL statement into the session:
SELECT * FROM STORE
Enter the following SQL statement into your database:
UPDATE STORE SET PERSISTENTSESSION =
configValue WHERE STORE_ID =
store
ID
Where:
storeID
The ID of the store for which you are enabling persistent session.
configValue
A value from the following list that represents the appropriate configuration:
0
The rememberMe function is disabled for registered customers and guest customers. This is the default value.
1
The rememberMe function is enabled for registered customers only.
2
The rememberMe function is enabled for guest customers only.
3
The rememberMe function is enabled for registered customers and guest customers.
Related concepts:
Users
Session management
Persistent sessions (Remember Me)
Personalization ID
time stampLast updated: 18 April 2013 Tweet
Topic URL: http://pic.dhe.ibm.com/infocenter/wchelp/v7r0m0/topic/com.ibm.commerce.admin.doc/tasks/tsecremem_cd.htm Share
Securing > Session management > Using cookies for session management > Persistent sessions (Remember Me)
Feedback
Enabling persistent sessions in a single store
Persistent sessions are particularly useful in consumer direct stores, although it is possible to enable B2B direct stores with persistent sessions as well. The steps to enable persistent sessions in the stores only differ in the locations and names of the files that need to be altered. In both cases, the store's Logon and UserRegistrationAdd forms require changes. The steps must be performed for all the stores in the site that need persistent sessions.
Before you begin
Ensure that you have completed the following task:
Enabling persistent sessions globally.
Procedure
In your store's Logon form and the UserRegistrationAdd form, add the rememberMe parameter as shown in the following example:
<form method="post" name="Logon" action="Logon" id="Logon">
...
<input type="checkbox" name="rememberMe" value="true">
Remember Me </input>
...
</form>
Modify the URL parameter of the Logon form from
<input type="hidden" name="URL"
value="OrderItemMove?page=account&URL=OrderCalculate%3FURL%3DLogonForm"
id="WC_Accouid="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
to
<c:choose>
<c:when test="${!empty WCparam.URL}">
<input type="hidden" name="URL"
value="${WCparam.URL}"
id="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
</c:when>
<c:otherwise>
<input type="hidden" name="URL"
value="OrderItemMove?page=account&URL=OrderCalculate%3FURL%3DLogonForm"
id="WC_AccountDisplay_FormInput_URL_In_Logon_1" />
</c:otherwise>
</c:choose>
Note: The value of the id attribute will differ between stores, but the structure of the code fragment will remain consistent.
Optionally, If you want the partially authenticated user's logon ID to be pre-populated in the user name entry field of the logon form, change the following code:
<input size="20" name="logonId" value=""
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
to:
<c:choose>
<c:when test="${!empty param.logonId}">
<input size="20" name="logonId" value="${param.logonId}"
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
</c:when>
<c:otherwise>
<input size="20" name="logonId" value=""
id="WC_AccountDisplay_FormInput_logonId_In_Logon_1" />
</c:otherwise>
</c:choose>
Note: The value of the id attribute will differ between stores, but the structure of the code fragment will remain consistent.
Add the following configuration fragment to the WebSphere Commerce Struts custom configuration file for the Stores module:
<global-forwards>
<forward className="com.ibm.commerce.struts.ECActionForward"
name="RememberMeLogonFormView/
storeID"
path="/UserArea/AccountSection/LogonSubsection/LogonSetup.jsp">
<set-property property="credentialsAccepted"
value="
storeID:
credAccept" />
</forward>
</global-forwards>
<action-mappings
type="com.ibm.commerce.struts.ECActionMapping">
<action path="/RememberMeLogonFormView"
type="com.ibm.commerce.struts.BaseAction">
<set-property property="https" value="
storeID:1" />
<set-property property="credentialsAccepted" value="
storeID:
credAccept" />
</action>
</action-mappings>
Where:
storeID
The store ID of the store for which you are enabling the persistent session. This value can be found in the STORE table.
credAccept
P to mean that remembered registered users are entitled to accessing this resource without authenticating themselves, or any other value (including NULL) to mean that they must authenticate themselves.
Update actions for all the URLs that remembered registered users are entitled to access without authenticating themselves by setting their credentialsAccepted property to storeID :P.
Update the PERSISTENTSESSION column in the STORE table in order to enable the persistent session:
Open a session to your database.
Find the STORE_ID of the store you are enabling persistent session for by entering the following SQL statement into the session:
SELECT * FROM STORE
Enter the following SQL statement into your database:
UPDATE STORE SET PERSISTENTSESSION =
configValue WHERE STORE_ID =
store
ID
Where:
storeID
The ID of the store for which you are enabling persistent session.
configValue
A value from the following list that represents the appropriate configuration:
0
The rememberMe function is disabled for registered customers and guest customers. This is the default value.
1
The rememberMe function is enabled for registered customers only.
2
The rememberMe function is enabled for guest customers only.
3
The rememberMe function is enabled for registered customers and guest customers.
Related concepts:
Users
Session management
Persistent sessions (Remember Me)
Personalization ID
time stampLast updated: 18 April 2013 Tweet
Topic URL: http://pic.dhe.ibm.com/infocenter/wchelp/v7r0m0/topic/com.ibm.commerce.admin.doc/tasks/tsecremem_cd.htm Share
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
