Vulnerability in EPiServer.Forms
We are developing a B2B E-commerce site for a customer. They what to create their customers as Organizations in Commerce, and create Contacts for these organizations. They also want to be able to connect accounts to these contacts. This is all easy.
Now the want to be able to use the same email address for multiple accounts. If I try to create this using the Commerce Manager, I get an error saying that the email address must be unique. Can I change this somehow?
Their reasoning is this: On the day to day business, a customer may need multiple logins to ease their work. But in special cases (e.g. holiday or during illness) some colleagues to the contact may need to be able to access the login for this contact. If the contact is completely unavailable, they may need to be able to reset the password for the contact. In this case, the password-reset mail should be sent to an emailaddress that multiple persons at the customer has access to, e.g. email@example.com. This may require that more than one contact and more than one account needs to be created with the firstname.lastname@example.org email address.
Is this possible?
Thank you for your help.
I think that the provider setting requiresUniqueEmail =false should do the trick
<add name="SqlServerMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=126.96.36.199, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="EPiServerDB" requiresQuestionAndAnswer="false" applicationName="EPiServerSample" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" />