IBM SG24-6320-00 11.3.3 Migrating the encrypted data

6320ch_migrating.fm Draft Document for Review July 28, 2004 7:33 pm

214 Keeping Commerce Applications Updated WebSphere Commerce 5.1 to 5.6 Migration Guide

--please replace MASTERCATALOG_ID with one of the cata log of the store you want

to designate as MasterCatalog

update storecat set mastercatalog='1' where catalog_id=100 02 and

storeent_id=10001;

insert into catgrptpc (catgroup_id,catalog_id,t radeposcn_id) values

(0,10002,10001);

To execute the file, run the following from a DB2 command window:

db2 -tvf choosemc.sql

Ensure that the script has run successfully be examining the outpu t.

11.3.3 Migrating the encrypted data

Once the database is migrated there are some additional steps to complete t he

migration.

Merchant key and encrypted data

The merchant key in WebSphere Commerce Suite V5.1 can be either default or

custom. A default merchant key is a fixed value selected by WebSphere

Commerce Suite V5.1 while the custom key is defined by the user. A default

merchant key is not valid in WebSphere Commerce V5.6 and must be changed

to a user defined merchant key. Since the encryption behavior has changed for

sensitive data (as described below) the encrypted information must be

re-encrypted using the new behavior to ensure that encrypted data is valid.

Users

Users stored in USERREG table (registered users) have a logon ID and a

password. In WebSphere Commerce Suite V5.1 the password is encrypted using

the merchant key and can be decrypted using the merchant key. In WebSphere

Commerce V5.6 the USERREG has an extra column SALT (introduced in

WebSphere Commerce Suite V5.4), which is used as an extra factor in the

encryption of the password. The SALT key is added to the password and a one

way hash key (SHA-1) is returned from the concatted string. This hash key is

then encrypted. This method ensures that it is almost i mpossible to decrypt and

retain the password. Because of this extra security the passwords must be

decrypted and re-encrypted with a random SALT key and using a one way hash

key.

Credit cards

Credit card data stored in ORDPAYINFO, ORDPAYMTHD and PATTRVALUE

contains sensitive data and will typically be encrypted. The variable PD IEncrypt

in the instance file indicates if credit card data is encrypted. Pr ior to WebSphere

Commerce Suite V5.1.1.2 the merchant key was not used to encrypt credit card

Contents

Main ibm.com/redbooks Keeping Commerce ce Applications Updateddated Front cover WebSphere Commerce 5.1 to 5.6 Migration Guide Page Page Page Contents Page Page Page Page Page Page Page Notices 6320spec.fm xii Trademarks Preface The team that wrote this redbook Page Become a published author Comments welcome Page Page Page Page 1.1 Overview 1.2 Structure of the book Part 1, Introduction to WebSphere Commerce V5.6 Part 2, Development environment Part 3, Production environment Part 4, Appendixes Page Overview 2.1 Product overview Page 6320ch_sum_of_changes.fm 10 Figure 2-1 WebSphere Commerce Server runtime components 2.2 WebSphere Commerce software components WebSphere Application Server HTTP WebSphere Commerce Payments Server Configuration Tools 2.2.1 Web server 2.2.2 WebSphere Application Server 2.2.3 Database Server 2.2.4 WebSphere Commerce Server 2.2.5 WebSphere Commerce Payments Server 2.2.6 Enablement software WebSphere Commerce enablement software WebSphere enablement software 2.3 WebSphere Commerce Server subsystems 2.3.1 Member subsystem User registration methods Page Member security services Page Single sign-on 2.3.2 Catalog subsystem 2.3.3 Trading subsystem 2.3.4 Order subsystem 2.3.5 Merchandising subsystem 2.3.6 Marketing subsystem 2.3.7 Inventory subsystem 2.4 WebSphere Commerce Tools WebSphere Commerce Accelerator Configuration Manager Organization Administration Console Administration Console 2.5 WebSphere Commerce Business models 2.5.1 Direct Sales Consumer direct B2B direct 2.5.2 Value Chain Demand chain Buyers, resellers, and manufacturers Resellers, manufacturers, and distributors Supply chain 2.5.3 Hosting Ex-Sites Hosting Ex-Site 2.6 Whats new in WebSphere Commerce V5.6 2.6.1 WebSphere Commerce Development Environment 2.6.2 WebSphere Commerce Payments 2.6.3 Configuration Manager 2.6.4 Loader Package 2.6.5 Password Manager 2.6.6 Adaptor for CrossWorld 2.6.7 Catalog and product management Catalog import Catalog filtering Master and Navigational catalog SKU generation Accounts (Business Edition) The Product Management tooling 2.6.8 Business Models 2.6.9 Access Control 2.6.10 Collaboration 2.6.11 Campaigns and Promotions 2.6.12 Order and inventory Management 2.6.13 Analytics 2.6.14 Security 2.6.15 Caching Dynacache Page 2.6.16 Product Advisor Page Planning 3.1 Migration Strategy considerations 3.1.1 Add or replace functionality 3.1.2 Take advantage of DynaCache 3.1.3 Optimization 3.1.4 External product and user management 3.1.5 How does custom code impact the process? 3.1.6 Prepare a detailed Plan 3.2 Migration Planning 3.2.1 Skill requirements 3.2.2 Hardware and software prerequisites Production Environment Hardware prerequisites Software prerequisites Development Environment Hardware prerequisites Software prerequisites 3.3 Product versions mapping 3.4 Migration approach for development environment 3.5 Migration approaches for runtime environment 3.5.1 Switch-Over migration scenario FIREWALL 3.5.2 Co-existence migration scenario 3.5.3 In-place migration scenario 3.6 Approach used for this migration 3.6.1 Detailed overview of development migration steps 3.6.2 Detailed overview of production environment migration Page Page Page during the migration 4.1 Commerce application 4.1.1 Application environment Hardware Configuration Application Server Tier Database Server Tier 4.2 Commerce customization 4.2.1 Shopping flow Account Creation Dynamic Shiprates/Expected Delivery Dates Payment Processing Offline Orders Billing/Shipping Selection Chapter 4. Commerce Application used during the migration 59 Draft Document for Review July 28, 2004 7:33 pm 6320ch_application_used.fm Figure 4-1 InFashion default shopping flow 6320ch_application_used.fm 60 4.2.2 Commands Table4-1 provides a summar y of the custom commands used with the application. 4.2.3 Database tables 4.3 Catalog 4.4 Database Page Page Page Commerce Development Environment 5.1 Development environment overview 5.2 Pre-installation requirements 5.2.1 VisualAge for Java V4.0 prerequisites 5.3 Installing WebSphere Studio Application Developer 5.3.1 Pre-installation steps 5.3.2 Installing WebSphere Studio Application Developer V5.1.1 5.3.3 Apply fixes to the test environment Prepare for fixpack installation Install WebSphere Application Server V5.0.2 cumulative fix 3 Page Install interim fixes 5.4 Installing WebSphere Commerce V5.6 Toolkit 5.4.1 Installing WebSphere Commerce V5.6 Toolkit Installation verification 5.5 Installing DB2 Universal Database V8.1 5.5.1 Backup development databases 5.5.2 Installation requirements 5.5.3 Preparing a Windows user for DB2 5.5.4 Installing DB2 Universal Database V8.1 Page Page 5.5.5 Installing DB2 Universal Database fixpack 5 Page 5.5.6 Migrate databases to DB2 Universal Database V8.1 level 5.6 Configuring the development environment for DB2 Page 5.7 Installing VisualAge for Java V4.0 5.7.1 Installing VisualAge for Java V4.0 Page 5.7.2 Configuring VisualAge for Java V4.0 Install features and fixes for VisualAge for Java V4.0 Install the DeployTool fix Add features to workspace Install the Readonly fix Install IBM WebSphere Test Environment fix Install IBM EJB Tool fix Prepare the VisualAge for Java V4.0 workspace Import WebSphere Commerce Studio V5.1 repository Page Page 6.1 Preparation overview 6.2 Instance preparation 6.2.1 Updating the product information file 6320ch_DEV_before_migration.fm 98 6. Save and close the file. 7. Copy the file product.dtd from the following directory : To the following directory: For example, we copied the file product.dtd from the directory: 6.2.2 Prepare resources 6.2.3 Merge EJB groups 6.2.4 Export code from VisualAge for Java V3.5.3 Overview repository Exporting the Java code 6.3 Database preparation 6.3.1 Update database configuration values Page 6.3.2 Unsent messages 6.3.3 Order status 6.3.4 Catalog Master catalog Product-item relationship 6.3.5 Members Organizational structure Profile types Administrators Role changes 6.3.6 Custom message types 6.3.7 Dropping foreign key references 6.3.8 Erroneous data in encrypted fields Page environment 7.1 Current development environment 7.2 Development environment migrated 7.3 Migrating the development instance 7.3.1 Overview 7.3.2 Running the tool Page 7.4 Migrating the development database 7.4.1 Migrating unencrypted data 7.4.2 Migrating encrypted data 7.4.3 Summary 7.5 Migrating custom EJBs 7.5.1 Overview 7.5.2 Export the EJB project from VisualAge for Java V3.5.3 7.5.3 Import the EJB projects into VisualAge for Java V4.0 7.5.4 Regenerate the deployed code for the EJBs 7.5.5 Export EJBs as EJB 1.1 JAR files 7.5.6 Import the EJBs into WebSphere Studio Application Developer Page Page 8.1 Setting up aliases Page Page 8.2 Migrating custom code 8.2.1 Access control 8.2.2 Command parameter validation 8.2.3 User registration 8.2.4 Logon command 8.2.5 Calculation usage framework Background Page Migration Page 6320ch_DEV_post_migration.fm 136 Page Page Interface changes WebSphere Commerce V5.6 command interfaces WebSphere Commerce Suite V5.1 command interfaces Accessing the order items Page Page 8.2.6 Configuration and code changes for migrated EJBs Access bean string converters Page Change the access isolation level Page Add the WCSecurity role Change the container transaction type Remove serialVersionUID constants Ensure that ejbCreate returns primary key object Remove java.rmi.RemoteException from remote methods Match ejbPostCreate and ejbCreate methods Remove FinderHelper interface Regenerating the deploy code 8.2.7 J2EE Connector Architecture 8.2.8 Pricing New task commands New data bean methods 8.2.9 Product Advisor Package name change 8.2.10 Rule server administration commands 8.2.11 JSP and property file changes Changes to myAccount.jsp Changes to Register.jsp Page Changes to property files Page Page Page Page Page 9.1 Single-node runtime overview 9.1.1 Hardware 9.1.2 Software 9.2 Installation 9.2.1 Install WebSphere Commerce V5.6 Page 9.2.2 Configuring IBM HTTP Server Enabling for SSL Enabling Cache accelerator 9.3 Verifying the installation 9.3.1 Verify installation log files WebSphere Commerce installation logs DB2 Universal Database installation logs WebSphere Application Server installation logs Page IBM HTTP Server installation logs 9.3.2 Create test instance Create a WebSphere Commerce instance Page Create a WebSphere Commerce Payments instance Page 9.3.3 Removing test instances Removing WebSphere Commerce instance Page Removing WebSphere Commerce Payments instance Page Page Page Page 10.1 Preparation overview 10.2 Instance preparation 10.2.1 Updating the product information file Page In our example the product.xml file looked like this: 10.2.2 Prepare resources 10.2.3 Disable security on WebSphere Application Server 10.3 Database preparation 10.3.1 Unsent messages 10.3.2 Copying the database from Commerce V5.1 to Commerce V5.6 Page 10.3.3 Updating database configuration values 10.3.4 Orders status 10.3.5 Catalog Master catalog Page Page Product-item relationship 10.3.6 Members Organizational structure Profile types Administrators Role changes 10.3.7 Custom message types 10.3.8 Dropping foreign key references 10.3.9 Erroneous data in encrypted fields Commerce components 11.1 Migration overview 11.2 Migrating commerce instance configuration 11.2.1 Migrating the instance Page Page Page 11.3 Migrating commerce database 11.3.1 Migrating the database Page 6320ch_migrating.fm 210 In our example: Page Error SQL0605W Error SQL0601N 11.3.2 Choosing the master catalog 11.3.3 Migrating the encrypted data Merchant key and encrypted data Users Credit cards Page Page 11.4 Migrating Payment Manager 11.4.1 Install Fixpack for WebSphere Payment Manager 11.4.2 Install WebSphere Commerce Payments remote node Page 11.4.3 Package and transfer the WCIM tool 11.4.4 Backup the WebSphere Payment Manager instance 11.4.5 Backup the WebSphere Payment Manager database 11.4.6 Transfer assets to WebSphere Commerce Payments node 11.4.7 Restore WebSphere Payment Manager database 11.4.8 Migrate the WebSphere Payment Manager instance Page Page 11.4.9 Migrate the WebSphere Payment Manager database Page Page 12.1 Post migration steps for IBM HTTP Server 12.1.1 Migrating static content 12.1.2 Updating configuration 12.2 Deploying 12.2.1 Deploying EJBs Configure and export the JAR file Applying the JAR file to the production environment 12.2.2 Deploying commands and databeans Export the JAR file Applying the JAR file to the production environment 12.2.3 Deploying store assets Exporting store assets Applying the store assets to the production environment Page Page Page A Commerce components WebSphere Commerce instance management Checking instance status Starting the instance Stopping the instance WebSphere Commerce Payments instance management Checking instance status Starting the instance Stopping the instance Start the Configuration Manager Page Restarting IBM HTTP Server Modifying trace strings for a running server Page Page Tracing with WebSphere Commerce V5.6 Toolkit Tracing for Lightweight WebSphere Test Environment Tracing for Full WebSphere Test Environment Create missing password scripts Create wcs_password script Create wcs_pmpassword script Page B File system Default directories Custom directories Database Database backup Page C WebSphere Commerce V5.6 migration scripts behavior migratedb.bat behavior migrateEncryptedInfo.bat behavior wcim.bat behavior Page Custom database migration scripts behavior Database preparation batch script Page Database preparation SQL script Database migration batch script Database post migration batch script Database post migration SQL script D multi-node environment Single-node environment Installing and configuring the database node Create a Windows user for DB2 Installing DB2 Moving the database Connecting to the remote database Verify connectivity Page E Locating the Web material Using the Web material How to use the Web material Abbreviations and acronyms Page Related publications IBM Redbooks Other publications Online resources How to get IBM Redbooks Help from IBM Index A B C 280 D E F G H J K L M N O P R S T U V W 284 the book file with the spine.fm still open and Keeping Commerce Keeping Commerce Keeping Commerce Applications Updated WebSphere the Conditional Text Settings (ONLY!) to the book files. Draft Document for Review July 28, 2004 7:33 pm 6320spine.fm 285 Page Page INTERNATIONAL TECHNICAL SUPPORT ORGANIZATION Keeping Commerce Applications Updated WebSphere Commerce Back cover