Member security services | IBM SG24-6320-00 manual

Draft Document for Review July 28, 2004 7:33 pm

6320ch_sum_of_changes.fm

4.Using WebSphere Commerce Loader Package (MassLoad)

WebSphere Commerce Loader Package is used for mass database updates. The MassLoad tool can be used for mass registration of users. This method is especially useful in the migration from previous versions, in database management, and in member registration exchange across WebSphere Commerce systems.

The registered users will manage their user profile by updating the registration information, adding, modifying or deleting address entries in the address book. Also, a customer service representative can update the user profiles.

Member security services

The following security services are closely related to the Member subsystem:

Roles

The Member subsystem allows its users and organizational entity members to be assigned roles. The roles define the activities that members are allowed to perform. Role assignment is the responsibility of the site administrator.

Authentication

WebSphere Commerce supports two modes of authentication:

–Basic authentication (using user ID and password)

This mode of authentication is the default and can be used with the WebSphere Commerce store database or an LDAP directory.

–Certificate-based authentication (using x.509 certificates)

The authentication mode is configured via the WebSphere Commerce Configuration Manager within the Web server tab of the instance properties.

Access control

To facilitate database management and ensure security, access to WebSphere Commerce must be restricted to specific individuals and organizations. The process of restricting access is referred to as access control. Access control can be defined as security guidelines that:

–Allow or deny a user of a system access to the resources managed by a system.

–Specify what actions the user can perform on each resource.

Access control is managed through the implementation of access control policies and policy groups.

– Access control policies

Chapter 2. WebSphere Commerce V5.6 Overview 17

Image 35

IBM SG24-6320-00 manual Member security services

Contents

Keeping Commerce Applications Updated Page International Technical Support Organization First Edition July Contents 6320TOC.fm Part 2. Development environment Part 3. Production environment 6320TOC.fm Part 4. Appendixes Index Abbreviations and acronyms 6320TOC.fm 6320spec.fm IBM Trademarks Team that wrote this redbook Preface 6320pref.fm Comments welcome Become a published author Redbook@us.ibm.com Part 1 Introduction to WebSphere Commerce 6320p01.fm Introduction Part 1, Introduction to WebSphere Commerce OverviewStructure of the book Commerce Application used during the migration Part 2, Development environmentPart 3, Production environment Part 4, Appendixes 6320chintro.fm WebSphere Commerce V5.6 Overview Product overview WebSphere Commerce V5.6 Overview WebSphere Application Server WebSphere Commerce software components WebSphere Application Server Web server WebSphere Commerce Server Database Server WebSphere Commerce Payments Server Enablement softwareWebSphere Commerce enablement software WebSphere enablement software User registration methods WebSphere Commerce Server subsystemsMember subsystem User registration and update methods Member security services 6320chsumofchanges.fm Single sign-on Catalog subsystem Marketing subsystem Trading subsystemOrder subsystem Merchandising subsystem WebSphere Commerce Accelerator Configuration ManagerWebSphere Commerce Tools Messaging subsystem WebSphere Commerce Business models Organization Administration ConsoleAdministration Console Password Manager Consumer direct Direct Sales Demand chain Value ChainB2B direct Hosting Hosting Ex-SitesSupply chain Ex-Site What’s new in WebSphere CommerceWebSphere Commerce Development Environment Loader Package Configuration ManagerPassword Manager WebSphere Commerce Payments Catalog and product management Adaptor for CrossWorld Accounts Business Edition SKU generation Product Management tooling Access ControlBusiness Models Collaboration Order and inventory Management Campaigns and Promotions Security Analytics Dynacache Caching Https//hostname8002/cachemonitor Product Advisor 6320chsumofchanges.fm Migration Strategy and Planning Optimization Migration Strategy considerationsAdd or replace functionality Take advantage of DynaCache Prepare a detailed Plan External product and user managementHow does custom code impact the process? Skill requirements Migration Planning Production Environment Hardware and software prerequisites Software prerequisites Hardware prerequisites for development environment Development Environment Product versions mapping, development environment Product versions mappingMigration approach for development environment Product versions mapping, production environment Migration approaches for runtime environment Switch-Over migration scenario Firewall In-place migration scenario Co-existence migration scenario Approach used for this migration Detailed overview of development migration steps Detailed overview of production environment migration 6320chplanning.fm 6320chplanning.fm 6320chplanning.fm Commerce Application used during the migration Application Server Tier Hardware ConfigurationCommerce application Application environment Account Creation Commerce customizationShopping flow Database Server Tier Billing/Shipping Selection Payment ProcessingOffline Orders InFashion default shopping flow Customized shopping flow Commands Application 1provides a summary of the custom commands used with Database tables Catalog Database 6320chapplicationused.fm Part 2 Development environment 6320p03.fm Installing WebSphere Commerce Development Environment Development environment overview Pre-installation requirements VisualAge for Java V4.0 prerequisites Installing WebSphere Studio Application DeveloperPre-installation steps Installing WebSphere Studio Application Developer Apply fixes to the test environment Install WebSphere Application Server V5.0.2 cumulative fix Prepare for fixpack installation Click Next Select Install fixpacks and click Next CD-ROM drive\BASE\fixes Install interim fixes Installing WebSphere Commerce V5.6 Toolkit Installation verification Installing WebSphere Commerce V5.6 Toolkit Backup development databases Installing DB2 Universal Database Installation requirements Select Action New User Preparing a Windows user for DB2 Output from this command should be as follows Installing DB2 Universal Database 6320chDEVinstallation.fm 6320chDEVinstallation.fm Installing DB2 Universal Database fixpack 6320chDEVinstallation.fm Migrate databases to DB2 Universal Database V8.1 level Configuring the development environment for DB2Our example, we entered the following commands Wctoolkithome\bin Time spent installing and configuring VisualAge for Java Installing VisualAge for JavaInstalling VisualAge for Java \WebSphere\VAJ40 Select Administrator and click OK Configuring VisualAge for JavaInstall features and fixes for VisualAge for Java Install the DeployTool fix Click Finish Install IBM WebSphere Test Environment fix Packages to delete from workspace Prepare the VisualAge for Java V4.0 workspace Select Local repository Import WebSphere Commerce Studio V5.1 repository 6320chDEVinstallation.fm Pre-migration steps Preparation overview To the following directory Instance preparationUpdating the product information file Choosing the value for editionname Example 6-1 Example product.xml file Choosing the value for fixpack Prepare resourcesChoosing the value for mod Export code from VisualAge for Java Merge EJB groups Exporting the Java code Overview Database preparation Update database configuration values Our example we called the as follows DB2 configuration set by the updateDBConfiguration script Catalog Change the order status to X CancelledUnsent messages Order status Organizational structure MembersMaster catalog Product-item relationship Profile types Roles that are not included in WebSphere Commerce AdministratorsRole changes Refer to WebSphere Commerce Dropping foreign key references Add Store Administrator as role for our usersCustom message types Tables and fields to check for erroneous leading spaces Erroneous data in encrypted fields 6320chDEVbeforemigration.fm Migrating the development environment Development environment migrated Current development environment Overview Migrating the development instance Example 7-1 Sample output from the Wcim tool Running the toolOur example, we used the following directory Run the Wcim tool as follows File name of the log will be in the following format Run the migration script as follows Migrating the development databaseMigrating unencrypted data Run the script as follows We used the following commandMigrating encrypted data For example, we used Summary Migrating custom EJBs 119 Process for converting from EJBs from version 1.0 to Export the EJB project from VisualAge for Java Import the EJB projects into VisualAge for Java Export EJBs as EJB 1.1 JAR files Regenerate the deployed code for the EJBs Import the EJBs into WebSphere Studio Application Developer 6320chDEVmigration.fm Post-migration steps Lightweight test environment Setting up aliases Example 8-2 Excerpt from the deployment.xml file Example 8-1 Excerpt from the looseconfig.xmi file Example 8-3 Excerpt from the application.xml file Migrating custom code Command parameter validation User registration Background Logon commandCalculation usage framework Mapping between WebSphere Commerce commands Migration Example 8-5 Sample MyApplyShippingCmdImpl Example 8-4 Sample MyApplyShippingCmd 6320chDEVpostmigration.fm 137 Example 8-6 Registering calculation method Interface changes WebSphere Commerce V5.6 command interfaces Refer to Example 8-5 on page 135 for an sample of this WebSphere Commerce Suite V5.1 interfaces for the commandsApplyOrderAdjustmentsCmd contain the following methods Accessing the order items Then this could be migrated into the following line Accessing OrderItemAccessBean Accessing Item 143 Access bean string converters Configuration and code changes for migrated EJBs 145 Example 8-7 Example ibm-ejb-access-bean.xmi file Change the access isolation level 147 Add the WCSecurity role Delete this line and save your source by pressing Ctrl + S Change the container transaction typeRemove serialVersionUID constants Ensure that ejbCreate returns primary key object Remove java.rmi.RemoteException from remote methods Following method would be added to the home interface Match ejbPostCreate and ejbCreate methodsRemove FinderHelper interface Regenerating the deploy code 7 J2EE Connector Architecture New data bean methods New task commandsChanged price task commands Pricing Package name change Our example Rule server administration commandsJSP and property file changes Changes to myAccount.jsp Changes to Register.jsp Example 8-8 The content of the modified myAccount.jsp file @ include file=getResource.jsp% Example 8-9 The content of the modified register.jsp file Changes to property files Example 8-10 Error texts for file Register.jspExample 8-11 Error texts for file myAccount.jsp 159 6320chDEVpostmigration.fm Part 3 Production environment 6320p02.fm Installing WebSphere Commerce Software Single-node runtime overviewHardware Installation Install WebSphere Commerce IBM Http Server D\WebSphere\HTTPServer Enabling Cache accelerator Configuring IBM Http ServerEnabling for SSL WebSphere Commerce installation logs Verifying the installationVerify installation log files Examine the following log files DB2 Universal Database installation logsWebSphere Application Server installation logs Washome\logs\WASFixPack.log IBM Http Server installation logs Create a WebSphere Commerce instance Create test instance Web server restart prompt for commerce instance creation Commerce instance creation confirmation Create a WebSphere Commerce Payments instance 6320chinstall56.fm Removing WebSphere Commerce instance Removing test instances RmCommerceServer instancename Removing WebSphere Commerce Payments instance Example 9-1 Sample rmPaymentServer.bat script 6320chinstall56.fm Draft Document for Review July 28, 2004 733 pm 6320chbeforemigration.fm Preparation overview 185 Example 10-1 product.xml file content Example 10-2 Our product.xml file Our example the product.xml file looked like thisWebSphere Commerce Suite Choosing the value for fixpack Disable security on WebSphere Application Server 189 Copying the database from Commerce V5.1 to Commerce Migrate the database Restore the configuration values to the original values Script is invoked as follows Updating database configuration values Orders status Changes are done by executing the following SQL commands Example of a master catalog Create category catalog group Update keys for catalogUpdate keys for category Create catalog description Members Update the users profile type Our example this command retrieved 6 records 199 Erroneous data in encrypted fields Migrating WebSphere Commerce components Migration overview Migrating commerce instance configuration Migrating the instance This will generate the following file Unpack backupwcim.zip Enter the previous IBM Http Server home directory Running the above command will produce the following fileFrom the following directory Wc56home\temp Enter the new IBM Http Server home directory Migrating commerce database Script receives the following parameters Migrating the database Parameter name Parameter value Mandatory migration script parameters Our example Example 11-2 a small extract of the migration log file Sample of this error in the log Error SQL0605WError SQL0601N Choosing the master catalog Example 11-3 The content of the modified choosemc.sql file Merchant key and encrypted data Migrating the encrypted data Encrypted data migration script parameters Script must have the following mandatory parametersOptional parameters are Encrypted data migration script parameters and behavior Parameter Migrating Payment Manager Install Fixpack for WebSphere Payment Manager Our example, we used Install WebSphere Commerce Payments remote nodeEnsure that none of these files contain any error messages Next Package and transfer the Wcim tool Backup the WebSphere Payment Manager instance Backup the payment database Backup the WebSphere Payment Manager database Our example we typed Restore WebSphere Payment Manager databaseTransfer assets to WebSphere Commerce Payments node Migrate the WebSphere Payment Manager instance Click on OK Restart the Web server Click Apply Click OK on the following confirmation window Disconnect from the payments database Migrate the WebSphere Payment Manager databaseDelete the obsolete payment methods Disconnect from the commerce database This concludes the payments database migration 6320chpostmigration.fm Document root is added as described below Migrating static contentUpdating configuration Post migration steps for IBM Http Server Example 12-1 WebSphere Commerce section of httpd.conf DeployingDeploying EJBs Applying the JAR file to the production environment Configure and export the JAR file Export the JAR file Deploying commands and databeans To export store assets perform the following steps Deploying store assetsExporting store assets Select Create directory structure for files Applying the store assets to the production environment 6320chpostmigration.fm Part 4 Appendixes 6320p04.fm Appendix A. Managing WebSphere Commerce components Starting the instance Run the following command from the washome\bin directoryWebSphere Commerce instance management Checking instance status Stopping the instance WebSphere Commerce Payments instance management Follow these steps to start the Configuration Manager Start the Configuration Manager Db2start Example A-1 Restarting the IBM Http Server Output should be similar to what is shown in Example A-1Restarting IBM Http Server Modifying trace strings for a running server Resulting in the following messages Our example, we issued the following command Quit Tracing with WebSphere Commerce V5.6 Toolkit Tracing for Lightweight WebSphere Test Environment Example A-2 Excerpt from Logging.properties file Tracing for Full WebSphere Test Environment Create wcspmpassword script Create missing password scriptsCreate wcspassword script 6320ax04.fm Appendix B. Backup WebSphere Commerce Suite Custom directories Default directoriesFile system Database backup Db2 backup database dbname to backupdirectory Appendix C. Migration scripts Example C-1 Excerpt of DataMigrationPlan51.xml file Here is an excerpt of the configuration fileWebSphere Commerce V5.6 migration scripts behavior Migratedb.bat behavior MigrateEncryptedInfo.bat behavior Tables used by migrateEncryptedInfo script file Wcim.bat behavior 6320ax02.fm Custom database migration scripts behavior Database preparation batch script Sequence diagram of the batch files Example C-2 Content of the pre.migration.bat file Database preparation SQL script Example C-3 Content of the pre.migration.sql file Create NEW Master Catalogue Database migration batch script Database post migration batch script Example C-4 Content of the migration.bat file Database post migration SQL script Example C-5 Content of post.migration.sql file Appendix D. Moving from single to multi-node environment Create a Windows user for DB2 Installing and configuring the database nodeSingle-node environment Installing DB2 Stop all connections to the database Connecting to the remote databaseBackup the current production database Moving the database Create a local alias for the remote database Verify connectivity 6320ax01.fm Locating the Web material Using the Web material Copy of the product.xml.51.sample file How to use the Web materialZipped containing the rmPaymentsServer.bat script and a Abbreviations and acronyms 6320abrv.fm Online resources IBM RedbooksOther publications Help from IBM How to get IBM RedbooksIBM Support and downloads IBM Global Services Index EJB Migration scenario in-place 6320IX.fm 6320IX.fm Security Keeping Commerce Applications Updated Keeping Commerce Applications Updated WebSphere Commerce Page Keeping Commerce Applications Updated WebSphere Commerce