In the Accelerator, information about the currently selected company of the logged in user (and some other things related to the customer and the checkout stage) is stored in session state. This information is needed when placing an order. Without it, the customer will get an error message saying that he doesn’t have the correct access rights to place the order.
We have the following scenario:
- Customer is logged in and has items in his cart.
- We perform an IIS reset.
- Customer goes to the checkout page.
- Site is started and customer is automatically logged in by the platform (most likely because login information is stored in the cookie “.AspNet.Litium”)
- The checkout page is displayed to the customer, but there is no information about the company that the customer belongs to, so some required fields are empty.
- Customer gets an error message, saying that he doesn’t have the correct access rights, when he tries to place the order.
The reason why the problem occurs is that some session state data (see the PersonStorage and CheckoutStage classes) that is required by the Accelerator, was lost when the site was restarted.
It is not obvious to the customer that he needs to logout and back in again at this stage. We could of course add some message, saying that “you need to logout and then login in again, because …”, but it would be much better if all session information that is associated with the login was also added to the new session when the customer was automatically logged in.
Another possible solution would be if a customer is NOT logged in automatically after a restart of the web site, in which case it will be obvious that he needs to log back in to the system.
Is there an easy way to configure or implement this desired behaviour?
Litium version: 6.1.1