Wednesday, September 30, 2015

Auto Login with Cookies aka warm users experience / soft login (ATG Oracle Commerce)

ATG does provide auto login with cookies OOTB, is just matter of configure this:
This will create 2 cookies to make this possible DYN_USER_ID and DYN_USER_CONFIRM. The DYN_USER_CONFIRM cookie is a hash of the DYN_USER_ID cookie.
There are few steps in order to make this happen:

@ /atg/userprofiling/CookieManager.propertie configure sendProfileCookies and profileCookieMaxAge

#Set to true to send a profile cookie including the user ID.
# Set to be 30 days
@ /atg/userprofiling/ProfileRequest.propertie configure extractProfileFromCookieParameter property

# /atg/userprofiling/ProfileRequest
# Profile information associated with a request
# It will tell the application that the profile can login from cookieParameter to allow warm user or soft-login enabled
This is configured at
and all the configuration for those cookies

Important Note: If you did are not using CRS on your project do the following update to make thre rest of the users to be able to autologin with cookies

@ /atg/userprofiling/userProfile.xml configure autoLogin property to have default value as true

With this configuration in place, customers will be logged in with Security level 2 (Auto-login by cookies) as shows the following table:

This is documented at
In order to configure the access that your user logged with cookies will have you can configure AccessControlServlet due, warm users can do just a few things on the site, checkout is somehting you do not want them to do.
Post a Comment