WebSphere Commerce Enterprise

Advanced B2B direct access control structure

The following diagram describes an advanced B2B direct business model and access control structure.

Advanced B2B direct access control structure. This is a legend for the preceding diagram.

In this diagram, describing a B2B direct business model, the root organization subscribes to the management and administration policy group as described in Access control policies and policy group structure.

The B2B organization subscribes directly to the B2B, management and administration, and the common shopping policy groups.

The B2B organization also owns and subscribes to the AdvancedB2BDirect policy group. The AdvancedB2BDirect policy group contains the following policies:

  • AllUsersForAdvancedB2BDirectExecuteAdvancedB2BDirectAllUsersViews
  • RegisteredCustomersForOrgForAdvancedB2BDirectExecuteAdvancedB2BDirectRegisteredCustomerViews

The second policy above, allows registered customers to execute a set of commands in the AdvancedB2BDirect store. Registered customers in this case, are the users in the buyer organization that have the Registered Customer role in the B2B organization. These users would get this role when they register in the AdvancedB2BDirect store. All buyers must belong to a buyer organization. Typically, buyer organizations do not subscribe to any policy groups, since management and administration policies inherited from the root organization are sufficient.

Since access control policy groups are subscribed by organizational entities, if you are creating multiple stores in your site, and want to apply different access control policy groups to individual stores, you must create separate organizations to own each store.

  • AdvancedB2BDirectGuestCatalogEnabled

    The B2B organization owns and subscribes to the AdvancedB2BDirectGuestCatalogEnabled policy group. This policy group contains the policies to allow all users to view the catalog browsing views and commands.

  • AdvancedB2BDirectGuestShoppingEnabled

    The B2B organization owns the AdvancedB2BDirectGuestShoppingEnabled policy group. This policy group contains the policies to allow all users to view the catalog browsing views and commands. In addition, this policy also allows all users to execute all order commands plus all shopping flow views. Customers can add this feature manually through Organization Administration Console, if needed.