Webstore uses user-email and user-password to connect to the system. As neither email nor email-password are unique in Compiere this can lead to a situation where 2 users will have the same email and password in the database.
If this happen, when the second user is authenticated via webstore, the system will use the first account found with these fields values. In other words, the second user will access the account, the invoices, the payments of the other user.
Is there any reason not to create an unique index in table AD_USER with columns EMAIL and PASSWORD ?
Log in to post a comment.