Hello Mike,
In process of capture payment, OFBiz create accounting transaction
entries. If you really want to process capture payment you need to
comment out secas_ledger.xml and secas_olap.xml files in accounting
component so that user can process capture payment without accounting
entries.
Anonymous user can't do payment capture process along with authorization
of payment and also it should not happen because It means you are giving
the authority of accounting transaction to anonymous user, a part from
this anonymous user has not permission of accounting transaction.
Actually in the process of payment capture behind the seen you are
creating accounting transaction entries.
Thanks and Regards,
Amit Sharma
Mike Voytovich wrote:
My question is in regards to anonymous purchases on the eCommerce store (i.e., checkout without login).
Regardless, it doesn't seem like one should need to change a user's security
permissions to perform authorization+capture during checkout. Furthermore,
giving ACCTG_ATX_CREATE or ACCTG_ATX_ADMIN permissions to a user sounds like it
could be a potential security issue?
thanks,
-mike
On Feb 4, 2010, at 10:14 AM, Patrick wrote:
Security permissions are set in partymgr they are associated with the
user login. Party manager is at /partymgr/control/main
On Thu, Feb 4, 2010 at 11:26 AM, Mike Voytovich <m...@tastingroom.com> wrote:
Hi,
I wanted to test out Authorization and Capture using the OOTB demo eCommerce site. I went into: Catalog
Manager => Stores => Payments, and changed the Credit Card Payment Authorization Service from
"alwaysApproveCCProcessor" to "alwaysApproveWithCaptureCCProcessor".
However, now I hit the following error when the order is submitted:
2010-02-04 08:19:46,643 (http-0.0.0.0-8443-4) [
RequestHandler.java:412:ERROR] Request processpayment caused an error with the
following message: Error in authOrderPayments service:
org.ofbiz.service.GenericServiceException: Could not commit transaction for
service [authOrderPayments] call: Roll back error, could not commit
transaction, was rolled back instead because of: Service
[createAcctgTransAndEntries] threw an unexpected
exception/errororg.ofbiz.service.ServiceAuthException: Security Error: To run
createAcctgTransAndEntries you must have the one of the following permissions:
ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN (Security Error: To run
createAcctgTransAndEntries you must have the one of the following permissions:
ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN) (Could not commit transaction for service
[authOrderPayments] call: Roll back error, could not commit transaction, was
rolled back instead because of: Service [createAcctgTransAndEntries] threw an
unexpected exception/errororg.ofbiz.service.ServiceAuthException: Security
Error: To run createAcctgTransAndEntries you must have the one of the following
permissions: ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN (Security Error: To run
createAcctgTransAndEntries you must have the one of the following permissions:
ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN))
I have 2 questions:
1) Is it reasonable to set up authorization + capture in this way?
2) If so, what is the proper way to fix the permissions issue - is it something along the
lines of adding accounting permissions to the "system" party?
Thanks for your help!
regards,
-mike