commerce hacker

Given that my cookie value contains nothing but a guid (including {}), why does the following code always result in a null value for profile, when I can see this row with the correct guid in the database:

CommerceContext.Current.UserID = cookie.Value;
Profile profile = CommerceContext.Current.UserProfile;

This code is call from within the AuthenticateRequest event within an HTTPModule.




Re: Commerce Server 2007 Obtaining a Profile

jflarente

Are you using the StarterSite or is this your custom app




Re: Commerce Server 2007 Obtaining a Profile

chuckmed

I'm building a custom site on top of the CSharpSite as my requirements are much simpler than the sample site.

I understand that the behavior of how the CommerceContext.Current.UserID and CommerceContext.Current.UserProfile properties get populated depend upon how the <profiles> element in the web.config file are configured. The CS2007 documentation around this element doesn't provide much clarity for me. Are there any other resources that better explain the web config profiles element and how they affect these properties

At the moment I'm approaching this with the idea that I'll use a guid, stored in a cookie, to uniquely identify users, and retrieve their profile using the user_id property, thus the code fragment that I've provided. Perhaps this is not the best approach

Utimately what I'm trying to achive is to store both registered and anonymous (non-registered) users in the profiles system so that even anonymous(non-registered) users can maintain persistant baskets.





Re: Commerce Server 2007 Obtaining a Profile

J.F. Larente

Right.

<userProfile profileDefinition="UserObject" userIdProperty="GeneralInfo.user_id" organizationIdProperty="AccountInfo.org_id" catalogSetIdProperty="AccountInfo.user_catalog_set" userIdSource="ASP.NET" userIdKey="GeneralInfo.email_address" userIdTarget="GeneralInfo.user_id" />

if your userIdKey is the e-mail address, your Guid won't load your profile, you would have to change your userIdKey to GeneralInfo.user_id.






Re: Commerce Server 2007 Obtaining a Profile

chuckmed

I have updated my <userProfile> element just as you describe, performed and IISReset and I still get back null when I can see the row in the UserObject table. I'm stumped and open to any suggestions.



Re: Commerce Server 2007 Obtaining a Profile

Joseph Johnson

Chuckmed,

Population of those CommerceContext properties is usually handled by one of the existing CommerceServer modules, but if i remember correctly, you need to set up the appropriate authentication system for the module to populate those properties.

If I remember correctly, if you set up authentication correctly, the first request a user makes to your system will create an "ASPXAUTH" cookie in that user's cookie cache. This is just the standard ASP.Net forms authentication cookie. Subsequent requests to the system will cause the appropriate HttpModule to decrypt this cookie and load the decrypted value (the user's GUID) in the HttpContext.Current.User.Identity.Name property, which populates te CommerceContext.Current.UserID property.

Furthermore, if the HttpContext.Current.User.Identity.IsAuthenticated property evaluates to true, the HttpModule in question will also populate the CommerceContext.Current.UserProfile property using the appropriate UserObject retreived from your SQL database.

Therefore, to answer your first question, it's probably not a good idea to access the CommerceContext.Current.UserProfile property without first checking that the HttpContext.Current.User.Identity.IsAuthenticated property evaluates to true. If this user is not registered, they won't have an associated UserProfile object, so that object is going to be null.

To address your actual goal, the really good news is that you don't need to create a profile object in the database in order to allow persistant baskets! Regardless if the user is authenticated in the system, they will always have a unique user id, which is accessed through the CommerceContext.Current.UserID method. Provided that the user in question doesn't clear their cookies, they will have the same UserID persisted to the ASPXAUTH cookie on each visit they make to the site.

Once you set up the ASP.Net membership provider, you should be able to make the following call:

Code Snippet

OrderGroupCollection baskets = CommerceContext.Current.GetBasketsForUser(CommerceContext.Current.UserID);






Re: Commerce Server 2007 Obtaining a Profile

chuckmed

>To address your actual goal, the really good news is that you don't need to create a profile object in the database in order to allow persistant baskets!

Sure I understand that. There's nothing stopping one from creating a row in the OrderTemplatesAndBaskets table using a guid that is stored in a cookie. That being the case one doesn't need a row in UserObject.

>Regardless if the user is authenticated in the system, they will always have a unique user id, which is accessed through the CommerceContext.Current.UserID method.

I don't understand/am convinced of this. I have the Commerce Server membership provider configured. If the user logs in then everything works as you describe ...

( e.g. HttpContext.Current.User.Identity.Name = 'chuckmed', HttpContext.Current.User.Identity.IsAuthenticated = True, CommerceContext.Current.UserId = {aeb0b4ef-9f69-40d1-8757-db41956493d7} CommerceContext.Current.UserProfile=Microsoft.CommerceServer.Runtime.Profiles.Profile )

However I have found that unless the user registers and logs in, the .ASPXAUTH cookie doesn't show up which means that their "key" doesn't show up in CommerceContext.Current.UserID nor their profile in CommerceContext.Current.UserProfile. I'm still learning here but my understanding is that CommerceContext.Current.UserId and .Profile are populate from the Profiles system (UserObject specifically) so one would have to have a row there - anonymous or not - in order to have those properties automatically populated by CommerceServer.

If anyone can explain or point to other resources I would greatly appreciate it.