Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > eCommerce & search engines incompatibility problem

Reply
Thread Tools

eCommerce & search engines incompatibility problem

 
 
=?Utf-8?B?R3JpZmY=?=
Guest
Posts: n/a
 
      11-09-2006
Hi

We have an eCommerce site that was designed as a BusinessToBusiness system.
When anyone accesses a page, the site checks to see whether they have a
current session (i.e. already authenticated) and if not it redirects them to
the log-on page.

Recently, we added some BusinessToConsumer functionality. The same
authentication process described above applies, but when the unknown user
gets redirected to the logon page they see a button that allows them to log
on as the "anonymous user".

We have a corporate web site with a link on it to the eCommerce site's logon
page. This link contains a parameter which effectively mimics the clicking
of the "log on anonymously" button - the end result is that the user gets
logged on transparently, they never see the actual logon page.

Search engines have obviously followed this link from our corporate web site
and gained access into our eCommerce site. All the products can be found on
the search engines sites - which is good for the business2consumer side of
things. However, when one follows the link to a product from the search
engine site, one gets re-directed to the logon page because the
search-engine's session identifier is no longer valid (the session expired).

Ideally, I want people to find our products on the search engine's site and
go seamlessly to the product's details page, but need suggestions on how best
to achieve this.

I guess that if the user is not recognised, I could look at the forwarding
URL (Request.ServerVariables("HTTP_REFERER")) and if it's a known search
engine's site then try to automatically log them on....

Do you think that this a viable way forward, or is there a better way?
Ideally, I don't want to have to redesign the whole security model....

Thanks in advance

Griff
 
Reply With Quote
 
 
 
 
Larry Bud
Guest
Posts: n/a
 
      11-09-2006
> Search engines have obviously followed this link from our corporate web site
> and gained access into our eCommerce site. All the products can be found on
> the search engines sites - which is good for the business2consumer side of
> things. However, when one follows the link to a product from the search
> engine site, one gets re-directed to the logon page because the
> search-engine's session identifier is no longer valid (the session expired).


Why not just have the system assume that if a user goes to one of the
products, they are logged on anonymously?

Why even have a login that is anonymous in the first place?

 
Reply With Quote
 
 
 
 
Bob Milutinovic
Guest
Posts: n/a
 
      11-14-2006
"Griff" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...

<snip>
> Recently, we added some BusinessToConsumer functionality. The same
> authentication process described above applies, but when the unknown user
> gets redirected to the logon page they see a button that allows them to
> log
> on as the "anonymous user".


<snip>


How 'bout something like this on each page?

<%
if Session("loggedin") = "yes" then
bLoggedIn = 1
end if
%>

[HTML of all data normally visible to anonymous users]

<%
if bLoggedIn = 1 then
%>

[HTML of additional data visible only to logged in users]

<%
else
%>

You are not logged in. Click <a href="login.asp">here</a> to log in.

<%
end if
%>


--
Bob Milutinovic
Cognicom - "Australia's Web Presence Specialists"
http://www.cognicom.net.au/
telephone (0417) 45-77-66
facsimile (02) 4727-1898
-------------------------------------------------------
To respond by e-mail: <myname>@<mydomain> (work it out)


> Hi
>
> We have an eCommerce site that was designed as a BusinessToBusiness
> system.
> When anyone accesses a page, the site checks to see whether they have a
> current session (i.e. already authenticated) and if not it redirects them
> to
> the log-on page.
>
>
> We have a corporate web site with a link on it to the eCommerce site's
> logon
> page. This link contains a parameter which effectively mimics the
> clicking
> of the "log on anonymously" button - the end result is that the user gets
> logged on transparently, they never see the actual logon page.
>
> Search engines have obviously followed this link from our corporate web
> site
> and gained access into our eCommerce site. All the products can be found
> on
> the search engines sites - which is good for the business2consumer side of
> things. However, when one follows the link to a product from the search
> engine site, one gets re-directed to the logon page because the
> search-engine's session identifier is no longer valid (the session
> expired).
>
> Ideally, I want people to find our products on the search engine's site
> and
> go seamlessly to the product's details page, but need suggestions on how
> best
> to achieve this.
>
> I guess that if the user is not recognised, I could look at the forwarding
> URL (Request.ServerVariables("HTTP_REFERER")) and if it's a known search
> engine's site then try to automatically log them on....
>
> Do you think that this a viable way forward, or is there a better way?
> Ideally, I don't want to have to redesign the whole security model....
>
> Thanks in advance
>
> Griff



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ecommerce Web Solutions | Ecommerce Software Solutions Martjack Ecommerce ASP .Net 0 12-22-2009 01:09 PM
eCommerce & search engines incompatibility problem Griff ASP General 2 11-14-2006 01:43 PM
removing search engines from the search bar whatever.or.not@gmail.com Firefox 1 02-17-2005 12:06 PM
Search Bar not displaying search Engines Zimran Douglas Firefox 1 01-07-2005 02:30 PM
"Add engines"... how can I "remove engines" ? Jude Barnes Firefox 4 08-19-2004 11:02 PM



Advertisments