WebSphere Commerce Version 7.0.0.7WebSphere Commerce Version 7.0.0.6

Enabling interim fix JR45670

Interim fix JR45670 supports multiple authenticated sessions. By default, for enhanced security, a WebSphere Commerce user can have one authenticated session at a time only. When a user logs on, any previous authenticated sessions for the user are implicitly invalidated.

With this interim fix, you can log on to the same store in different channels. Consider the following scenarios where multiple sessions can be used:
  • Multiple devices
  • Multiple browsers on the same device, for example Microsoft Internet Explorer and Mozilla Firefox
  • Web storefront and REST API
Note: Only enable this option if it meets your business requirements. This option is less secure than allowing only a single authenticated session per user.

Before you begin

Install the cumulative interim fix for your fix pack level. JR45670 is included in the cumulative.

Procedure

  1. Open a connection to your database.
  2. Register a custom implementation of SimultaneousLogonHelperCmd task command, that extends SimultaneousLogonHelperCmdImpl:
    insert into CMDREEG (storeent_id, interfacename, classname,  target) values (0,
            'com.ibm.commerce.security.commands.SimultaneousLogonHelperCmd',
            'com.mycompany.commerce.security.commands.CustomSimultaneousLogonHelperCmdImpl',
            'Local')
    Note: Replace 'com.mycompany.commerce.security.commands.CustomSimultaneousLogonHelperCmdImpl' with the name of your custom implementation.