Topic
  • 2 replies
  • Latest Post - ‏2014-03-03T22:54:23Z by User007
SystemAdmin
SystemAdmin
8614 Posts

Pinned topic Authenticating against a CRM system and migrating external account info to WCS

‏2004-06-09T16:33:57Z |
Hi all,

I would like to start off by stating that I have no prior development
experience with WCS. That being said,
I was recently assigned to work on integrating the standard WCS
login/registration process with our CRM system.
In brief, the business case for this is that our site already has a
'My Account' section and many of our users will
already have an active account in our CRM system. As a result, we
would like to hide or disable the WCS
registration form to avoid a situation where a user would have both
site credentials and store credentials. Store users
should therefore be able to make a purchase as Guest, or after logging
in with the credentials stored in our CRM system

My Approach Thus Far

The approach I have devised so far is to set the authentication to
other, to force the LogonCmd to invoke the
ThirdPartyAuthenticationCmd. Within tmy implementation of the
ThirdPartyAuthenticationCmd, I would then authenticate
against our CRM system. Upon success, the following conditions would
apply upon somehow testing for the existence of a
userreg entry in the database for that user:

1- Entry has not yet been migrated to WCS:

Invoke the UserRegistrationAddCmd to register the user info using the
CRM record

2- Entry exists, but is out of sync with CRM entry

Invoke the UserRegistrationUpdate to update the user

3- Entry exists and is up to date

set the authenticateUserId flag and continue on my merry way
Upon preliminary testing, I encountered a problem where setting
authentication to other affected the Accellerator site as well. I'm
hoping I can somehow use the concepts in this article

http://www-106.ibm.com/developerworks/websphere/library/techarticles/0304_khusial/khusial.html

to allow admin users to auth against the database and store users to
use my custom routine.
I would appreciate any comments on my proposed implementation. As I
mentionned, I have no experience working in this environment
and can't help but feel that I'm not understanding all the
ramifications of these changes, let alone if this is at all feasible.
I would also appreciate any links to articles or suggestions on books
that deal with this. I have scoured the standard online documentation
and newsgroups and have
only found bits and pieces of information so far.

Thanks in advance,

-Marc
Updated on 2013-01-07T22:20:27Z at 2013-01-07T22:20:27Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    8614 Posts

    Re: Authenticating against a CRM system and migrating external account info to WCS

    ‏2004-07-01T15:19:27Z  
    Hi Marc -

    Overall your approach looks like it will work. One thing to keep in mind is that the ThirdPartyAuthenticationCmd interface you're implementing isn't really well documented. The article you refernce is probably the best documentation I've found so far. We've done a little checking, and it looks like the VerifyCredentialsCmd will only call ThirdPartyAuthenticationCmdImpl.isValidCredentials() that you write after invoking the performExecute() on your Third Party implementation. There is a getAuthenticatedUserName() (or something like that) but that's only called when the membersubsystem's authenticationmode is set to LDAP.

    Another thing is that since you're using the LogonCmd, you have to satisfy its parameter validation checks for logonUserId, logonPassword, URL, and relogonURL before the command will even execute your class.

    So - as long as you map your CRM logon parameters into the fieldnames that the WCS LogonCmd expects, and you return true from your custom ThirdPartyAuthenticationImpl.isValidCredentials() after the command successfully executes, you should be good to go.

    Cheers, Michael
  • SystemAdmin
    SystemAdmin
    8614 Posts

    Re: Authenticating against a CRM system and migrating external account info to WCS

    ‏2013-01-07T22:20:27Z  
    Hi Marc,

    I know it's been long from the time it's posted. Did you face any difficulties during this implementation? I need to implement a similar strategy for using both LogonCmd and ThirdPartyAuthenticationCmd. (In a B2B site) some users go through LogonCmd for authentication and some go through ThirdPartyAuthenticationCmd. We use WC 6.