Access controllers are registered by the /atg/userprofiling/AccessControlServlet
and used to control access to some or all pages within Commerce Service Center based on access rights associated with roles. For detailed information on using and configuring access controllers, refer to the Working with User Profiles section of the Personalization Programming Guide.
Access rights are configured using the allowedAccessRightNames
property of the security properties files located in /atg/commerce/custsvc/security
directory. If the user’s role and access rights match the page’s access right, the user may access the page. The following security files identify the following access rights:
Access Right Controller | Description |
---|---|
| Allow an agent to access and work with customer profiles:
|
| Allow an agent to create returns and mark items as returned:
|
| Allows an agent to change customer passwords:
|
| Allows an agent to create an order:
|
| Allows an agent to create a new customer profile:
|
| Allows an agent to edit a customer order:
|
| Allows an agent to edit a customer profile:
|
|
|