User sessions in WebSphere Commerce Search
User sessions are synchronized between the WebSphere Commerce and WebSphere Commerce search servers.
User sessions are managed separately between the WebSphere Commerce and WebSphere Commerce Search servers. All services on the WebSphere Commerce Search server are stateless, meaning that no session information is persisted at run time.
User sessions are always revalidated with the remote BCS REST service during store preview. Otherwise, user sessions are revalidated locally on the search server without any callback to WebSphere Commerce.
The WebSphere Commerce Search server contains the following optimizations to simultaneously support the WebSphere Commerce session: In the B2C business model:
- Contract-based entitlement revalidation is disabled by default. That is, the contractId that is passed in is not revalidated against WebSphere Commerce at run time.
- User sessions are synchronized when the authentication token or WCToken session cookie is passed in by calling the /usercontext/@self/contextdata REST service. The resulting session is synchronized after the shopper logs in to the storefront as an authenticated shopper.
- Partial authentication is not supported by default. If necessary, we can enable partial authentication, which allows for persistent sessions.
In the B2B business model:
- Contract-based entitlement revalidation is enabled by default. That is, the contractId that is passed in is always revalidated against WebSphere Commerce at run time.
- Passing in a contract ID is not allowed (403 Forbidden HTTP status code) if not secured using SSL.
- User sessions are synchronized when the authentication token or WCToken session cookie is passed in by calling the /usercontext/@self/contextdata REST service. The resulting session is synchronized after the shopper logs in to the storefront as an authenticated shopper.
- Partial authentication is not supported by default. If necessary, we can enable partial authentication, which allows for persistent sessions.