IBM SG24-6320-00 Member security services

Chapter 2. WebSphere Commerce V5.6 Overview 17

Draft Document for Review July 28, 2004 7:33 pm 6320ch_sum_of_changes.fm

4. Using WebSphere Commerce Loader Package (MassLoad)

WebSphere Commerce Loader Package is used for mass database updates.

The MassLoad tool can be used for mass registration of users. This method is

especially useful in the migration from previous versions, in database

management, and in member registration exchange across WebSphere

Commerce systems.

The registered users will manage their user profile by updating the

registration information, adding, modifying or deleting address entri es in the

address book. Also, a customer service representative can update the user

profiles.

Member security services

The following security services are closely related to the Member subsystem:

Roles

The Member subsystem allows its users and organizational entity members

to be assigned roles. The roles define the activities that members are allowed

to perform. Role assignment is the responsibility of the site administrator.

Authentication

WebSphere Commerce supports two modes of authentication:

– Basic authenticati on (using user ID and password)

This mode of authentication is the default and can be used with the

WebSphere Commerce store database or an LDAP directory.

– Certifi cate-based authentication (using x.509 certificates)

The authentication mode is configured via the WebSphere Commerce

Configuration Manager within the Web server tab of the instance properties.

Access control

To facilitate database management and ensure security, access to

WebSphere Commerce must be restricted to specific individuals and

organizations. The process of restricting access is referred to as access

control. Access control can be defined as security guidelines tha t:

– Allow or deny a user of a system access to the resources managed by a

system.

– Specify what actions th e user can perform on each resource.

Access control is managed through the implementation of access co ntrol

policies and policy groups.

– Access cont rol policies

Contents

Main ibm.com/redbooks Keeping Commerce ce Applications Updateddated Front cover WebSphere Commerce 5.1 to 5.6 Migration Guide Page Page Page Contents Page Page Page Page Page Page Page Notices 6320spec.fm xii Trademarks Preface The team that wrote this redbook Page Become a published author Comments welcome Page Page Page Page 1.1 Overview 1.2 Structure of the book Part 1, Introduction to WebSphere Commerce V5.6 Part 2, Development environment Part 3, Production environment Part 4, Appendixes Page Overview 2.1 Product overview Page 6320ch_sum_of_changes.fm 10 Figure 2-1 WebSphere Commerce Server runtime components 2.2 WebSphere Commerce software components WebSphere Application Server HTTP WebSphere Commerce Payments Server Configuration Tools 2.2.1 Web server 2.2.2 WebSphere Application Server 2.2.3 Database Server 2.2.4 WebSphere Commerce Server 2.2.5 WebSphere Commerce Payments Server 2.2.6 Enablement software WebSphere Commerce enablement software WebSphere enablement software 2.3 WebSphere Commerce Server subsystems 2.3.1 Member subsystem User registration methods Page Member security services Page Single sign-on 2.3.2 Catalog subsystem 2.3.3 Trading subsystem 2.3.4 Order subsystem 2.3.5 Merchandising subsystem 2.3.6 Marketing subsystem 2.3.7 Inventory subsystem 2.4 WebSphere Commerce Tools WebSphere Commerce Accelerator Configuration Manager Organization Administration Console Administration Console 2.5 WebSphere Commerce Business models 2.5.1 Direct Sales Consumer direct B2B direct 2.5.2 Value Chain Demand chain Buyers, resellers, and manufacturers Resellers, manufacturers, and distributors Supply chain 2.5.3 Hosting Ex-Sites Hosting Ex-Site 2.6 Whats new in WebSphere Commerce V5.6 2.6.1 WebSphere Commerce Development Environment 2.6.2 WebSphere Commerce Payments 2.6.3 Configuration Manager 2.6.4 Loader Package 2.6.5 Password Manager 2.6.6 Adaptor for CrossWorld 2.6.7 Catalog and product management Catalog import Catalog filtering Master and Navigational catalog SKU generation Accounts (Business Edition) The Product Management tooling 2.6.8 Business Models 2.6.9 Access Control 2.6.10 Collaboration 2.6.11 Campaigns and Promotions 2.6.12 Order and inventory Management 2.6.13 Analytics 2.6.14 Security 2.6.15 Caching Dynacache Page 2.6.16 Product Advisor Page Planning 3.1 Migration Strategy considerations 3.1.1 Add or replace functionality 3.1.2 Take advantage of DynaCache 3.1.3 Optimization 3.1.4 External product and user management 3.1.5 How does custom code impact the process? 3.1.6 Prepare a detailed Plan 3.2 Migration Planning 3.2.1 Skill requirements 3.2.2 Hardware and software prerequisites Production Environment Hardware prerequisites Software prerequisites Development Environment Hardware prerequisites Software prerequisites 3.3 Product versions mapping 3.4 Migration approach for development environment 3.5 Migration approaches for runtime environment 3.5.1 Switch-Over migration scenario FIREWALL 3.5.2 Co-existence migration scenario 3.5.3 In-place migration scenario 3.6 Approach used for this migration 3.6.1 Detailed overview of development migration steps 3.6.2 Detailed overview of production environment migration Page Page Page during the migration 4.1 Commerce application 4.1.1 Application environment Hardware Configuration Application Server Tier Database Server Tier 4.2 Commerce customization 4.2.1 Shopping flow Account Creation Dynamic Shiprates/Expected Delivery Dates Payment Processing Offline Orders Billing/Shipping Selection Chapter 4. Commerce Application used during the migration 59 Draft Document for Review July 28, 2004 7:33 pm 6320ch_application_used.fm Figure 4-1 InFashion default shopping flow 6320ch_application_used.fm 60 4.2.2 Commands Table4-1 provides a summar y of the custom commands used with the application. 4.2.3 Database tables 4.3 Catalog 4.4 Database Page Page Page Commerce Development Environment 5.1 Development environment overview 5.2 Pre-installation requirements 5.2.1 VisualAge for Java V4.0 prerequisites 5.3 Installing WebSphere Studio Application Developer 5.3.1 Pre-installation steps 5.3.2 Installing WebSphere Studio Application Developer V5.1.1 5.3.3 Apply fixes to the test environment Prepare for fixpack installation Install WebSphere Application Server V5.0.2 cumulative fix 3 Page Install interim fixes 5.4 Installing WebSphere Commerce V5.6 Toolkit 5.4.1 Installing WebSphere Commerce V5.6 Toolkit Installation verification 5.5 Installing DB2 Universal Database V8.1 5.5.1 Backup development databases 5.5.2 Installation requirements 5.5.3 Preparing a Windows user for DB2 5.5.4 Installing DB2 Universal Database V8.1 Page Page 5.5.5 Installing DB2 Universal Database fixpack 5 Page 5.5.6 Migrate databases to DB2 Universal Database V8.1 level 5.6 Configuring the development environment for DB2 Page 5.7 Installing VisualAge for Java V4.0 5.7.1 Installing VisualAge for Java V4.0 Page 5.7.2 Configuring VisualAge for Java V4.0 Install features and fixes for VisualAge for Java V4.0 Install the DeployTool fix Add features to workspace Install the Readonly fix Install IBM WebSphere Test Environment fix Install IBM EJB Tool fix Prepare the VisualAge for Java V4.0 workspace Import WebSphere Commerce Studio V5.1 repository Page Page 6.1 Preparation overview 6.2 Instance preparation 6.2.1 Updating the product information file 6320ch_DEV_before_migration.fm 98 6. Save and close the file. 7. Copy the file product.dtd from the following directory : To the following directory: For example, we copied the file product.dtd from the directory: 6.2.2 Prepare resources 6.2.3 Merge EJB groups 6.2.4 Export code from VisualAge for Java V3.5.3 Overview repository Exporting the Java code 6.3 Database preparation 6.3.1 Update database configuration values Page 6.3.2 Unsent messages 6.3.3 Order status 6.3.4 Catalog Master catalog Product-item relationship 6.3.5 Members Organizational structure Profile types Administrators Role changes 6.3.6 Custom message types 6.3.7 Dropping foreign key references 6.3.8 Erroneous data in encrypted fields Page environment 7.1 Current development environment 7.2 Development environment migrated 7.3 Migrating the development instance 7.3.1 Overview 7.3.2 Running the tool Page 7.4 Migrating the development database 7.4.1 Migrating unencrypted data 7.4.2 Migrating encrypted data 7.4.3 Summary 7.5 Migrating custom EJBs 7.5.1 Overview 7.5.2 Export the EJB project from VisualAge for Java V3.5.3 7.5.3 Import the EJB projects into VisualAge for Java V4.0 7.5.4 Regenerate the deployed code for the EJBs 7.5.5 Export EJBs as EJB 1.1 JAR files 7.5.6 Import the EJBs into WebSphere Studio Application Developer Page Page 8.1 Setting up aliases Page Page 8.2 Migrating custom code 8.2.1 Access control 8.2.2 Command parameter validation 8.2.3 User registration 8.2.4 Logon command 8.2.5 Calculation usage framework Background Page Migration Page 6320ch_DEV_post_migration.fm 136 Page Page Interface changes WebSphere Commerce V5.6 command interfaces WebSphere Commerce Suite V5.1 command interfaces Accessing the order items Page Page 8.2.6 Configuration and code changes for migrated EJBs Access bean string converters Page Change the access isolation level Page Add the WCSecurity role Change the container transaction type Remove serialVersionUID constants Ensure that ejbCreate returns primary key object Remove java.rmi.RemoteException from remote methods Match ejbPostCreate and ejbCreate methods Remove FinderHelper interface Regenerating the deploy code 8.2.7 J2EE Connector Architecture 8.2.8 Pricing New task commands New data bean methods 8.2.9 Product Advisor Package name change 8.2.10 Rule server administration commands 8.2.11 JSP and property file changes Changes to myAccount.jsp Changes to Register.jsp Page Changes to property files Page Page Page Page Page 9.1 Single-node runtime overview 9.1.1 Hardware 9.1.2 Software 9.2 Installation 9.2.1 Install WebSphere Commerce V5.6 Page 9.2.2 Configuring IBM HTTP Server Enabling for SSL Enabling Cache accelerator 9.3 Verifying the installation 9.3.1 Verify installation log files WebSphere Commerce installation logs DB2 Universal Database installation logs WebSphere Application Server installation logs Page IBM HTTP Server installation logs 9.3.2 Create test instance Create a WebSphere Commerce instance Page Create a WebSphere Commerce Payments instance Page 9.3.3 Removing test instances Removing WebSphere Commerce instance Page Removing WebSphere Commerce Payments instance Page Page Page Page 10.1 Preparation overview 10.2 Instance preparation 10.2.1 Updating the product information file Page In our example the product.xml file looked like this: 10.2.2 Prepare resources 10.2.3 Disable security on WebSphere Application Server 10.3 Database preparation 10.3.1 Unsent messages 10.3.2 Copying the database from Commerce V5.1 to Commerce V5.6 Page 10.3.3 Updating database configuration values 10.3.4 Orders status 10.3.5 Catalog Master catalog Page Page Product-item relationship 10.3.6 Members Organizational structure Profile types Administrators Role changes 10.3.7 Custom message types 10.3.8 Dropping foreign key references 10.3.9 Erroneous data in encrypted fields Commerce components 11.1 Migration overview 11.2 Migrating commerce instance configuration 11.2.1 Migrating the instance Page Page Page 11.3 Migrating commerce database 11.3.1 Migrating the database Page 6320ch_migrating.fm 210 In our example: Page Error SQL0605W Error SQL0601N 11.3.2 Choosing the master catalog 11.3.3 Migrating the encrypted data Merchant key and encrypted data Users Credit cards Page Page 11.4 Migrating Payment Manager 11.4.1 Install Fixpack for WebSphere Payment Manager 11.4.2 Install WebSphere Commerce Payments remote node Page 11.4.3 Package and transfer the WCIM tool 11.4.4 Backup the WebSphere Payment Manager instance 11.4.5 Backup the WebSphere Payment Manager database 11.4.6 Transfer assets to WebSphere Commerce Payments node 11.4.7 Restore WebSphere Payment Manager database 11.4.8 Migrate the WebSphere Payment Manager instance Page Page 11.4.9 Migrate the WebSphere Payment Manager database Page Page 12.1 Post migration steps for IBM HTTP Server 12.1.1 Migrating static content 12.1.2 Updating configuration 12.2 Deploying 12.2.1 Deploying EJBs Configure and export the JAR file Applying the JAR file to the production environment 12.2.2 Deploying commands and databeans Export the JAR file Applying the JAR file to the production environment 12.2.3 Deploying store assets Exporting store assets Applying the store assets to the production environment Page Page Page A Commerce components WebSphere Commerce instance management Checking instance status Starting the instance Stopping the instance WebSphere Commerce Payments instance management Checking instance status Starting the instance Stopping the instance Start the Configuration Manager Page Restarting IBM HTTP Server Modifying trace strings for a running server Page Page Tracing with WebSphere Commerce V5.6 Toolkit Tracing for Lightweight WebSphere Test Environment Tracing for Full WebSphere Test Environment Create missing password scripts Create wcs_password script Create wcs_pmpassword script Page B File system Default directories Custom directories Database Database backup Page C WebSphere Commerce V5.6 migration scripts behavior migratedb.bat behavior migrateEncryptedInfo.bat behavior wcim.bat behavior Page Custom database migration scripts behavior Database preparation batch script Page Database preparation SQL script Database migration batch script Database post migration batch script Database post migration SQL script D multi-node environment Single-node environment Installing and configuring the database node Create a Windows user for DB2 Installing DB2 Moving the database Connecting to the remote database Verify connectivity Page E Locating the Web material Using the Web material How to use the Web material Abbreviations and acronyms Page Related publications IBM Redbooks Other publications Online resources How to get IBM Redbooks Help from IBM Index A B C 280 D E F G H J K L M N O P R S T U V W 284 the book file with the spine.fm still open and Keeping Commerce Keeping Commerce Keeping Commerce Applications Updated WebSphere the Conditional Text Settings (ONLY!) to the book files. Draft Document for Review July 28, 2004 7:33 pm 6320spine.fm 285 Page Page INTERNATIONAL TECHNICAL SUPPORT ORGANIZATION Keeping Commerce Applications Updated WebSphere Commerce Back cover