Logon command

Log a registered user on to a store or site.

Use this command with SSL (Secure Sockets Layer) to ensure that the customer's logon password and personal information are encrypted. To do so type the command with the HTTPS secure protocol.

Command structure

http://host_name/path/
The fully qualified name of your WebSphere Commerce Server and the configuration path

Diagram of the command structure: the command starts with the fully qualified name of your WebSphere Commerce Server and the configuration path, followed by the command name, Logon  and the ? character. End the command with a list of parameters in the form of name value pairs. Separate each name value pair with the & character. For a detailed description of the parameters and their values, refer to the list entitled Parameter values.

Parameter values

langId
Sets or resets the preferred language for the duration of the session; the supported languages for a store are found in the STORELANG table
URL
The URL to be called when the command completes successfully
storeId
The reference number of the store the user is logging on to
logonId
The registered user's logon ID
logonPassword
The registered user's password
reLogonURL
The URL that is called if the command fails to complete

Example 1

The following example logs the customer with the logon ID henry and the password hsmith on to the store with reference number 4, and then displays the store home page.

    https://myhostname/webapp/wcs/stores/servlet/Logon?logonId=henry 
    &logonPassword=hsmith&URL=http://grocery/home.htm&storeId=4 
    &reLogonURL=/webapp/wcs/stores/servlet/LogonForm

Example 2

This example logs a registered user on to the system. Redirection takes place to a JSP.

    https://myhostname/webapp/wcs/stores/servlet/Logon?storeId=31&logonId=msur1&logonPassword=msur1
    &reLogonURL=LogonForm&URL=FVTestSite.jsp 

Behavior

Note: WebSphere Commerce does not support the concurrent login of two or more users that log in using the same user ID. For example, consider the scenario where two users at a company regularly share an account at a store. Suppose the first user is on the store's payment page, and just before submitting his or her order, the second user logs in. The following is what will take place:

  1. Browser one ... User 1 logs in as user "xyz"; adds an item to the shopping cart.
  2. Browser two ... User 2 logs in as user "xyz" as well, and goes to the shopping cart page and then proceeds to checkout.
  3. Browser one ... User 1 clicks on checkout, but is informed that he or she has been logged off.
  4. Browser two ... User 2 completes the checkout, as normal.

Another scenario is when businesses use a common user ID for their employees to shop at a B2B store. Either only one user should use the common user ID at a given time, or each user should be setup with their own user ID, or else one of the users will likely not complete their transactions.

Exception Conditions

The error handler, ECConstants.EC_ERROR_CODE, captures the error code, which may be one of the following.

Explanation Error Code Value
Missing logon ID ECSecurityConstants.ERR_MISSING_LOGONID
Invalid logon ID ECSecurityConstants.ERR_INVALID_LOGONID
Missing password ECSecurityConstants.ERR_MISSING_PASSWORD
Invalid password ECSecurityConstants.ERR_INVALID_PASSWORD
Account has been disabled ECSecurityConstants.ERR_DISABLED_ACCOUNT
Password is too long or too short ECSecurityConstants.ERR_LENGTH_PASSWORD
Logon attempt took place too soon after previous failed attempt. ECSecurityConstants.ERR_LOGON_NOT_ALLOWED

One of your ancentral organizations has been locked. ECSecurityConstants.ERR_PARENT_ORG_LOCKED

You do not play a role in the store's organization or any of its ancestors. ECSecurityConstants.ERR_NOT_REGISTERED_CUSTOMER

Your status is in pending approval state. You are not allowed to logon unless in approved stated. ECSecurityConstants.ERR_USER_IN_PENDING_APPROVAL