Thanks for the explanation Amit. It seems like an anonymous checkout would not unusual for an ecommerce site; and, I would think that credit card authorize + capture is not an uncommon method when collecting payments from anonymous customers. I understand that within OFBiz it's an accounting transaction; but, it seems like anonymous authorize + capture should be supported without having to comment out the accounting entries.
Thanks again for the advice though, I'll look into alternative methods for performing automated capture other than setting it up to be the default credit card payment method. regards, -mike On Feb 5, 2010, at 9:11 PM, Amit Sharma wrote: > Hello Mike, > > In process of capture payment, OFBiz create accounting transaction > entries. If you really want to process capture payment you need to > comment out secas_ledger.xml and secas_olap.xml files in accounting > component so that user can process capture payment without accounting > entries. > > Anonymous user can't do payment capture process along with authorization > of payment and also it should not happen because It means you are giving > the authority of accounting transaction to anonymous user, a part from > this anonymous user has not permission of accounting transaction. > Actually in the process of payment capture behind the seen you are > creating accounting transaction entries. > > Thanks and Regards, > > Amit Sharma > > Mike Voytovich wrote: >> My question is in regards to anonymous purchases on the eCommerce store >> (i.e., checkout without login). >> >> Regardless, it doesn't seem like one should need to change a user's security >> permissions to perform authorization+capture during checkout. Furthermore, >> giving ACCTG_ATX_CREATE or ACCTG_ATX_ADMIN permissions to a user sounds like >> it could be a potential security issue? >> >> thanks, >> -mike >> >> >> On Feb 4, 2010, at 10:14 AM, Patrick wrote: >> >> >>> Security permissions are set in partymgr they are associated with the >>> user login. Party manager is at /partymgr/control/main >>> >>> On Thu, Feb 4, 2010 at 11:26 AM, Mike Voytovich <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> I wanted to test out Authorization and Capture using the OOTB demo >>>> eCommerce site. I went into: Catalog Manager => Stores => Payments, and >>>> changed the Credit Card Payment Authorization Service from >>>> "alwaysApproveCCProcessor" to "alwaysApproveWithCaptureCCProcessor". >>>> >>>> However, now I hit the following error when the order is submitted: >>>> >>>> 2010-02-04 08:19:46,643 (http-0.0.0.0-8443-4) [ >>>> RequestHandler.java:412:ERROR] Request processpayment caused an error with >>>> the following message: Error in authOrderPayments service: >>>> org.ofbiz.service.GenericServiceException: Could not commit transaction >>>> for service [authOrderPayments] call: Roll back error, could not commit >>>> transaction, was rolled back instead because of: Service >>>> [createAcctgTransAndEntries] threw an unexpected >>>> exception/errororg.ofbiz.service.ServiceAuthException: Security Error: To >>>> run createAcctgTransAndEntries you must have the one of the following >>>> permissions: ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN (Security Error: To run >>>> createAcctgTransAndEntries you must have the one of the following >>>> permissions: ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN) (Could not commit >>>> transaction for service [authOrderPayments] call: Roll back error, could >>>> not commit transaction, was rolled back instead because of: Service >>>> [createAcctgTransAndEntries] threw an unexpected >>>> exception/errororg.ofbiz.service.ServiceAuthException: Security Error: To >>>> run createAcctgTransAndEntries you must have the one of the following >>>> permissions: ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN (Security Error: To run >>>> createAcctgTransAndEntries you must have the one of the following >>>> permissions: ACCTG_ATX_CREATE, ACCTG_ATX_ADMIN)) >>>> >>>> >>>> I have 2 questions: >>>> >>>> 1) Is it reasonable to set up authorization + capture in this way? >>>> 2) If so, what is the proper way to fix the permissions issue - is it >>>> something along the lines of adding accounting permissions to the "system" >>>> party? >>>> >>>> >>>> Thanks for your help! >>>> >>>> regards, >>>> -mike >>>> >>>> >>>> >> >> > >
