Version 3.4.2 includes new customer password security features. These features are disabled by default but even if you do not plan to enable them, there are significant changes to processing of customer logins and there are two changes in particular you should be aware of as you upgrade, which may require action to integrate with your customizations:
CustomerGatewayDAOHibernate.processLogin: This method has been deprecated and is no longer called by
BasicCustomerProcessor.processLogin in the default implementation. It's logic has been moved to
BasicCustomerProcessor.processLogin instead, (which is a more appropriate place since it is business logic).
If you have overridden this method you must either override
BasicCustomerProcessor.processLogin and call it in your subclass, or move your customizations out of your
subclass of CustomerGatewayDAOHibernate.processLogin and into a subclass for
BasicCustomerProcessor.processLogin.layouts/default-html5/customer/password.jsp: The customer's current password is one of the required form elements
now. If you have customized this file, be sure to add the new field to your customizations.If you do plan to enable the new customer password security features following the upgrade you may need also to integrate changes into the following areas:
com.softslate.commerce.customer.customer package: Several action classes and form classes have been changed to
support error handling and validation of the new customer password security features. If you plan to use the features and have subclassed
any of the classes that have changed, be sure to incorporate the upgrade's changes into your subclasses.BasicCustomerProcessor.processLogin: If you have overridden or customized this method, please note there are
numerous changes.layouts/default-html5/customer/password.jsp: In addition to above-mentioned current password field, if you have
customized this file, be sure to add the new conditional that affects which action the form is submitted to. The form is used to update expired
passwords now.Struts action mapping for /Login: If you have overridden the action configuration for /Login, please note a new
<forward%gt; has been added to it: <forward name="passwordHasExpired" path="/ExpiredPasswordForm.do" /%gt;. If you plan to use the
expiring password feature, you'll need to add this forward to the <action%gt; element for /Login that you customized in
WEB-INF/conf/core/struts-config-custom.xmlStruts action mappings for /CheckoutForceLogin and /CheckoutInviteLogin: Likewise, if you have overridden the action
configuration for either of these URLs, please note this new
<forward%gt; has been added to them: <forward name="passwordHasExpired" path="/CheckoutExpiredPasswordForm.do" /%gt;. If you plan to use the
expiring password feature, you'll need to add this forward to the <action%gt; elements for /CheckoutForceLogin and/or /CheckoutInviteLogin
that you customized in WEB-INF/conf/core/struts-config-custom.xmlCopyright © 2009-2017 SoftSlate, LLC. All Rights Reserved.
Powered by SoftSlate Commerce