Problem Statement:
After successful user login, MigrateUserEntriesCmd will
be called for user and cart migration. During this process, we encounter below
exception in the logs
Caused by:
com.ibm.commerce.exception.ECApplicationException: The user does not have the
authority to run this command
"com.ibm.commerce.order.beans.OrderDataBean".
at
com.ibm.commerce.beans.DataBeanManager.directActivate(DataBeanManager.java:732)
at com.ibm.commerce.beans.DataBeanManager.activate(DataBeanManager.java:290)
at
com.ibm.commerce.beans.DataBeanManager.activate(DataBeanManager.java:188)
at
com.ibm.commerce.order.facade.server.commands.AbstractFetchOrdersSOICmdImpl.performExecute(AbstractFetchOrdersSOICmdImpl.java:416)
at
com.ibm.commerce.foundation.internal.server.command.impl.CommandTarget.executeCommand(CommandTarget.java:66)
at
com.ibm.ws.cache.command.CommandCache.executeCommand(CommandCache.java:332)
at
com.ibm.websphere.command.CacheableCommandImpl.execute(CacheableCommandImpl.java:166)
at
com.ibm.commerce.order.facade.server.commands.GetOrderCmdImpl.performExpression(GetOrderCmdImpl.java:89)
at
com.ibm.commerce.foundation.server.command.bod.AbstractGetBusinessObjectDocumentCmdImpl.performExecute(AbstractGetBusinessObjectDocumentCmdImpl.java:158)
at
com.ibm.commerce.foundation.server.command.bod.BusinessObjectCommandTargetImpl.executeCommand(BusinessObjectCommandTargetImpl.java:112)
Root cause of the
issue:
When MigrateUserEntriesCmd calling OrderItemMoveCmd->OrderCopyCmd->OrderItemUpdateCmd->DoInventoryCmd,
it cloned a command context with the new user(registered user) and pass this
cloned context to the commands. It works for the commands(controller or task
cmd), but it current case, AbstractOrderFacadeClient is called to invoke
component service.
Component service doesn't respect cloned command context, and it retrieves user Id from active session, in which the user is still old user(guest user), so there is the access control issue
Component service doesn't respect cloned command context, and it retrieves user Id from active session, in which the user is still old user(guest user), so there is the access control issue
Resolving
this problem:
APAR JR56905 has been created to address the issue. Install the APAR to resolve the issue. Available as a part of Fix pax 9
Caesars Palace, Las Vegas - MapyRO
ReplyDeleteView the Palace, profile 제천 출장마사지 picture and reviews of 구리 출장마사지 casinos, 사천 출장안마 shows revenue, 충주 출장샵 industry and Casino: Caesars Palace, Las Vegas. 동해 출장샵