on 01-25-2017 4:35 AM
hi,
I am using Hybris 6.0 with powertool site. My login functionality is working fine if i enter b2b customer id and password. For testing purpose i tried to enter id and password of an employee, If the id and password is correct it shows a spring filter chain exception. Please help me to solve the issue. How to Stop employee from login, why spring filter chain exception is thrown.
i have added
<bean id="b2bUserGroupProvider" class="de.hybris.platform.b2bacceleratoraddon.security.impl.DefaultB2BUserGroupProvider"
scope="tenant">
<property name="userService" ref="userService" />
<property name="b2BCustomerService" ref="defaultB2BCustomerService" />
<property name="authorizedGroups">
<set value-type="java.lang.String">
<value>b2bcustomergroup</value>
<value>b2bmanagergroup</value>
<value>b2bapprovergroup</value>
<value>b2badmingroup</value>
</set>
</property>
<property name="authorizedGroupsToCheckOut">
<set value-type="java.lang.String">
<value>b2bcustomergroup</value>
</set>
</property>
</bean>
Hi Lalit! I have more information on fixing this issue:
BadCredentialsException is throw if the user that tries to login does not belong to CUSTOMER_USERGROUP, and the frontend handles the exception and display "Your username or password was incorrect"
Fix is implemented in AbstractAcceleratorAuthenticationProvider. The key part is:
if (!getUserService().isMemberOfGroup(userModel, getUserService().getUserGroupForUID(Constants.USER.CUSTOMER_USERGROUP)))
{
throw new BadCredentialsException(messages.getMessage(CORE_AUTHENTICATION_PROVIDER_BAD_CREDENTIALS, BAD_CREDENTIALS));
}
Hope this helps!
Bill
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Lalit! Sorry you have encountered this problem. It's a known issue that we are trying to fix it soon. When we fix it, i'll post the solution here.
At first glance, this is an issue of class casting down in commerceservices level, because of type EmployeeModel. We need to investigate to be sure, but that might help you.
Product Manager for Accelerator
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Bill , Employee can not login into Storefront. But sometimes there is a need of business where Sales Rep who is the employee in system is required to login into storefront to place the order . For such cases is there any provision or way to support employee login into storefront . Or Any other advise.
User | Count |
---|---|
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.