The AccessControlServlet, configured in CommerceAccelerator/Applications/B2CStore/Plugins/Checkout/src/main/config/atg/dynamo/servlet/dafpipeline, controls whether customers can access the checkout page. If a customer is logged in or is a guest that has provided an email ID on the checkoutlogin page, the customer is allowed to view the checkout page. The servlet should be configured as follows:
# List of mappings between paths and AccessController objects. If a path refers # to a directory,all the documents in that directory and its subdirectories will # be protected by the given AccessController. accessControllers+=\ /application-context-root/checkout=/atg/userprofiling/EmailAccessController,\ /application-context-root/checkout/checkoutlogin=\ /atg/rest/userprofiling/AllAccessController
