Reference > Shop flow URLs > Member subsystem URLs > Security
RunAsUserSetInSession URL
This URL allows administrators with the proper authority to run subsequent commands in the same session under a specified customer's identity.
This URL allows administrators with the proper authority to run subsequent commands in the same session under a specified customer's identity. The access control framework checks that the current user belongs to one of the following roles:
- Customer Service Representative (CSR)
- Customer Service Supervisor (CSS)
- Operations Manager
- Sales Manager
- Seller
URL structure
- http:// host_name/path/
- The fully-qualified name of the WebSphere Commerce Server and the configuration path.
name-value pair with the &
character. For a detailed description of the parameters and their values, see the list entitled Parameter values." />
Parameter values
- langId
- The preferred language for the duration of the session; the supported languages for a store are found in the STORELANG table.
- URL
- The URL to be called when the command completes successfully. The default value is RunAsUserSetInSessionView.
- storeId
- The reference number of the store to which the user is logging on.
- runAsUserId
- The registered customer's user ID. This is the customer under whom subsequent requests will run.
Example 1
To switch to a specified customer's user ID (for example, 5) an administrator needs to execute the RunAsUserSetInSession URL with the runAsUserId parameter set to "5". Upon successfully running the RunAsUserSetInSession URL, RunAsUserSetInSessionView gets called. https:// myhostname/webapp/wcs/stores/servlet/RunAsUserSetInSession?runAsUserId=5
Example 2
The following example switches to user ID 5 and calls the specified URL (UserAccountView): https:// myhostname/webapp/wcs/stores/servlet/RunAsUserSetInSession?runAsUserId=5&URL=UserAccountView
Behavior
- Verify the user who executes the command is of registerType 'A'.
- The customer to which the command tries to switch (runAsUserId)
is of registerType 'R' (registered user).
- Saves the runAsUserId value in the command context to be stored in the session so that in subsequent requests or commands, the runAsUserId value can be restored.
- If you have switched to a user ID using the RunAsUserSetInSession URL, you cannot switch to another user ID. You must first call RestoreOriginalUserSetInSession before you can make another RunAsUserSetInSession call.
- If you have switched to another user ID, and when running the command, to retrieve the original identity, you can make a call to getCallerId on the CommmandContext.
Exception conditions
| Exception message key | Description |
| _ERR_MISSING_PARMS | The command throws this exception if the runAsUserId value is not specified. |
| _ERR_MEMBER_USER_ADMIN_TYPE | The command throws this exception if the current user is not of registerType 'A' (administrator). |
| _ERR_MEMBER_USER_REGISTERED_TYPE | The command throws this exception if the user that the command tries to switch under is not of registerType 'R' (registered). |
If the forUser parameter is specified while the administrator session is populated with a customer's session information, an exception is generated.
Related concepts
Administrator authority to act for a registered customer
Related reference
RestoreOriginalUserSetInSession URL