User sessions in HCL Commerce Search
User sessions are synchronized between the HCL Commerce and HCL Commerce search servers.
User sessions are managed separately between the HCL Commerce and HCL Commerce Search servers. All services on the HCL Commerce Search server are stateless, meaning that no session information is persisted at run time.
User sessions are always revalidated with the remote BCS REST service during store preview. Otherwise, user sessions are revalidated locally on the search server without any callback to HCL Commerce.
The HCL Commerce Search server contains the following optimizations to simultaneously support the HCL Commerce session:
In the B2C business model:
- Contract-based entitlement revalidation is disabled by default. That is, the contractId that is passed in is not revalidated against HCL Commerce at run time.
- User sessions are synchronized when the authentication token or WCToken session cookie is passed in by calling the /usercontext/@self/contextdata REST service. The resulting session is synchronized after the shopper logs in to the storefront as an authenticated shopper.
- Partial authentication is not supported by default. If necessary, you can enable partial authentication, which allows for persistent sessions.
In the B2B business model:
- Contract-based entitlement revalidation is enabled by default. That is, the contractId that is passed in is always revalidated against HCL Commerce at run time.
- Passing in a contract ID is not allowed (403 Forbidden HTTP status code) if not secured using SSL.
- User sessions are synchronized when the authentication token or WCToken session cookie is passed in by calling the /usercontext/@self/contextdata REST service. The resulting session is synchronized after the shopper logs in to the storefront as an authenticated shopper.
- Partial authentication is not supported by default. If necessary, you can enable partial authentication, which allows for persistent sessions.