Merce Version 2 0 Jul 2002 ISBN 0735618267

IT-EBOOKS.
DIRECTORY
IT-EBOOKS.DIRECTORY
Reference Architecture for Commerce

Version 2.0
Developer’s Guide
IT-EBOOKS.DIRECTORY
ISBN: 0-7356-1826-7
The information contained in this document represents the current view of
Microsoft Corporation on the issues discussed as of the date of publication.
Because Microsoft must respond to changing market conditions, it should not be
interpreted to be a commitment on the part of Microsoft, and Microsoft cannot
guarantee the accuracy of any information presented after the date of publication.
This Documentation is for informational purposes only. MICROSOFT MAKES NO
WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCU-
MENT.
Complying with all applicable copyright laws is the responsibility of the user.
Without limiting the rights under copyright, no part of this document may be
reproduced, stored in or introduced into a retrieval system, or transmitted in any
form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Microsoft
Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other
intellectual property rights covering subject matter in this document. Except as
expressly provided in any written license agreement from Microsoft, the furnishing
of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
The example companies, organizations, products, people and events depicted
herein are fictitious. No association with any real company, organization, product,
person or event is intended or should be inferred.
© 2001 Microsoft Corporation. All rights reserved.
Microsoft, FrontPage, MSDN, Outlook, PowerPoint, SideWinder, The Age of Kings,
Visual Basic, Visual C++, Visual InterDev, Visual Studio, Windows, and Windows NT
are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
The names of actual companies and products mentioned herein may be the
trademarks of their respective owners.
IT-EBOOKS.DIRECTORY
Contents
Part 1
Getting Started 1
Chapter 1
Introduction to the Reference Architecture 3
What Is the Reference Architecture? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
What’s New in this Version? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
What Is the Developer’s Guide? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Who Should Read this Guide? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Document Roadmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Support for the Reference Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 2
Installing the Software 9
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Installing the Prerequisite Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Install Microsoft Windows 2000 Server and MSMQ . . . . . . . . . . . . . . . . . . . . . . . . 10
Install Commerce Server 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Install Microsoft XML Parser 3.0 SP 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Install the Developer Tools (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
After You Install the Prerequisite Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Installing the Reference Architecture Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Download the Reference Architecture Application . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Create and Configure the Business Desk Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Create and Configure the Web Site Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Create a New Web Site to Host the Application . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Create a New Web Site to Host the Commerce Server 2000 Business Desk . . . . . . 14
Start the Application Installer Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Install and Configure the XSL ISAPI Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Unpack the Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Import the Predictor Modeling Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Configure the Business Desk Web Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Configure the Pipeline Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Configure the Queued E-mail Component . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Create the Business Desk Console for the Application . . . . . . . . . . . . . . . . . . . . . . 20
IT-EBOOKS.DIRECTORY
iv Contents
Configuring the Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Import, Modify, or Delete Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Configure Tax Rates and Shipping Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Test the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Distributed Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Testing the Application in a Distributed Environment . . . . . . . . . . . . . . . . . . . . . . . 22
Production Environment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Part 2
System Architecture 25
Chapter 3
Business Requirements and Design Model 27
Requirements That Affect Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Ease of Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Performance Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Anonymous Shopping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
User Profiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Strong Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Support for Multiple Device Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Manageability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Reference Architecture Application Business Requirements . . . . . . . . . . . . . . . . . . . . 32
Functional Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Production Environment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Documenting the Business Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
The MSF Application Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Why Use the MSF Application Model? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
MSF Application Design Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Chapter 6
Physical Design Phase 61
The Research Effort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Identifying Physical Solution Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Identifying Existing Candidate Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Analysis and Rationalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Using Existing Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Meeting the Business Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Identifying the Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Creating the Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
IT-EBOOKS.DIRECTORY
Contents v
Part 3
Solution Implementation 83
Chapter 7
Implementation Overview 85
Implementation Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Recommended Background Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Technology Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
XML in the ConsolidatedRetail.com Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
ASP Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Commerce Server Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Stored Procedures in the Data Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Client-Side Scripting for Input Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Chapter 8
Solution Roadmap 91
PASP Files and the XSL ISAPI Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
A Simple Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Web Site Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Initialization Pages and Include Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Catalog Browsing Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
User Authentication and Profile Management Pages . . . . . . . . . . . . . . . . . . . . . . . . 97
Order Management Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Commerce Server Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Utility and Configuration Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Catalog Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
User Management Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Shopping Basket Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
The Predictor Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Pipelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Pipeline Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Custom Business Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Chapter 9
ConsolidatedRetail.com Functionality 105
Presentation Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
XML Output from the PASP Files in ConsolidatedRetail.com . . . . . . . . . . . . . . . . . 106
XML Helper Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
XSL Style Sheets in the ConsolidatedRetail.com Site . . . . . . . . . . . . . . . . . . . . . . 108
Rendering Index.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Caching Commonly Used Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
IT-EBOOKS.DIRECTORY
vi Contents
User Authentication and Profiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Registering a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Authenticating a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Using Passport Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Retrieving and Updating Profile Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Product Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Catalog Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Browsing the Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Searching the Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Adding a New Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Shopping Basket Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Adding Products to the Shopping Basket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Viewing the Shopping Cart or Save for Later Basket . . . . . . . . . . . . . . . . . . . . . . . 154
Order Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Specifying a Shipping Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Specifying a Shipping Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Specifying Multiple Shipping Addresses and Methods . . . . . . . . . . . . . . . . . . . . . 171
Specifying Payment Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Confirming the Order Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Completing the Order Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Chapter 10
Debugging and Testing 185
Debugging the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Debugging XML Output from PASP Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Debugging a Custom Site Built on the Reference Architecture . . . . . . . . . . . . . . . . . . 192
Developing a Test Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Possible Test Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Possible Test Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Functional Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Testing Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Performance Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
Response Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
Throughput . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Performance Testing Tools and Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Performance Testing Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
IT-EBOOKS.DIRECTORY
Contents vii
Part 4
Appendices 209
Appendix A
XML Output from ConsolidatedRetail.com 211
Acct.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
AddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
AddtoList.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
AddtoListResp.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Basket.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
Category.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
ChangePasswd.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
CreditCards.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
DeleteAddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
EditAddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
EditCreditCard.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
ForgotPasswd.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Index.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
ListBase.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
ListSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Login.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
MultiShipping.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
OrderHistory.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
OrderHistoryDetail.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
OrderSummary.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Payment.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Product.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Registration.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
SearchResults.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Shipping.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
ShippingMethod.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
StepSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
ThankYou.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
UserProfile.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Appendix B
Data Field Validation 265
Data Fields That Require Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
How Validation Is Performed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
ListSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
StepSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Search Text Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
IT-EBOOKS.DIRECTORY
viii Contents
Appendix C
Sample Detailed Test Plan 273
Assumptions and Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Test Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Registration and Authentication Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Access Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Banner Advertisement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Appendix D
Sample Detailed Test Cases 283
Index 291
IT-EBOOKS.DIRECTORY
Part 1
Getting Started
Part 1 of the Developer’s Guide for the Microsoft® Reference Architecture for
Commerce, version 2.0, describes the Reference Architecture components and
objectives, the appropriate audience for this guide, and the document conventions
used. Most importantly, it provides a roadmap to the remainder of the guide,
segmented by audience role, as well as procedures for installing the Reference
Architecture application and other required software.
Part 1, “Getting Started,” consists of the following:
● Chapter 1, “Introduction to the Reference Architecture”
● Chapter 2, “Installing the Software”
You should review this section prior to reading other chapters in the Developer’s
Guide.
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
1
Introduction to
the Reference Architecture
Welcome to the Developer’s Guide for the Microsoft® Reference Architecture for
Commerce, version 2.0. The Microsoft Reference Architecture for Commerce con-
sists of engineered code components that allow developers to build retail Web sites
using the Microsoft® Windows® 2000 Server operating system and Microsoft®
.NET Enterprise Servers, such as Commerce Server 2000 and SQL Server™ 2000.
This guide is designed to aid your understanding of the design and implementation
decisions made by the developers of the Microsoft Reference Architecture applica-
tion, and to help you create great e-commerce solutions using Microsoft tools and
technologies.
What Is the Reference Architecture?

The Microsoft Reference Architecture for Commerce consists of code and documen-
tation designed to accelerate the development of e-commerce solutions for small to
medium businesses. It includes:
● An e-commerce application, ConsolidatedRetail.com, that contains reusable and
customizable components and is designed to address many of the general
business requirements that are common to e-commerce solutions.
● Complete documentation, including a thorough explanation of the application
components and the decisions behind the code design and development process,
instructions for using, modifying, and testing the code, and procedures for
setting up the development environment and installing the application.
The Reference Architecture e-commerce site is designed to allow a retailer to extend
its customer base using the Internet, while providing an effective, compelling online
purchasing experience for customers. It is also designed to automate as many of the
IT-EBOOKS.DIRECTORY
4 Reference Architecture for Commerce
business processes involved in selling products as possible. While there are many
sector-specific considerations in the retail industry, the design of the e-commerce
site is reasonably generic so that it can be adapted for any e-commerce solution,
regardless of the industry or products involved.
The Reference Architecture code components include Active Server Pages (ASP
pages, configuration files, Extensible Stylesheet Language (XSL) style sheets, and
COM+ components that developers can examine to learn how to implement an
effective e-commerce solution. In addition, the application provides clearly docu-
mented code and reference materials that assist developers who want to reuse or
extend the software components provided. Many of the software artifacts can be
reused with little or no adaptation.
Note: For instructions about how to install the Reference Architecture application, please read
Chapter 2, “Installing the Software.”
What’s New in this Version?

Version 2.0 of the Reference Architecture adds the following functionality:
● Support for Microsoft Passport authentication, as well as procedures for adding
other authentication methods.
● Support for the Commerce Server 2000 Basket Templates, which allows users to
create, manage, and use current Order and Save for Later shopping baskets, and
public and private shopping lists.
● Advanced Search, which provides complex search capability.
● Wizard browsing, which allows customers to go from one product detail page to
the next when browsing products.
● Personalization, which allows dynamic site content generation based on a user
profile.
● Payment Manager, which allows users to select and save a payment option.
● Order cancellation, which allows customers to cancel orders.
● Support for the Commerce Server 2000 Predictor, which facilitates discount and
directed advertising using e-mail.
● Directed e-mail support, which allows online merchants to generate e-mail
messages based on specific business rules, and provides offline processing of
bulk e-mail using COM+ queued components.
● Event capture, which extends data warehousing to capture defined events.
● Enhanced documentation, including explanations of the new functionality, an

explanation of the caching mechanisms, and examples of detailed test plans and
detailed test cases.
IT-EBOOKS.DIRECTORY
Chapter 1: Introduction to the Reference Architecture 5
What Is the Developer’s Guide?

The Developer’s Guide is intended to provide the necessary explanatory information
to help you understand how the Reference Architecture for Commerce is designed
and implemented, and to give technical and architectural justifications for the
design decisions made in the building of the application. You should use this
document as your roadmap to the Reference Architecture components, and refer to
it when examining the source code and installing and configuring the site.
Note, however, that this documentation is not intended to be a complete program-
ming reference, nor is it intended to replace documentation provided with prerequi-
site software, such as Windows 2000 Server, Commerce Server 2000, or SQL Server
2000, or the documentation that accompanies developer tools.
Developers using the code and documentation provided in this Reference Architec-
ture should adhere to standard coding and testing practices, and should test any
site thoroughly before attempting to deploy it in a production environment.
Who Should Read this Guide?

As the title indicates, the Developer’s Guide is targeted primarily at application de-
signers and developers. However, other readers involved in scoping, designing, and
implementing e-commerce applications will find that it contains relevant and useful
information. There are many roles in software development, and each person in-
volved in the project requires different types and levels of information (you can learn
more about the roles involved in a software development project by reviewing the
Microsoft Solutions Framework Team Model). Readers in the following roles will find
this document particularly useful. (Examine the descriptions in the following table to
determine your role, and then refer to the “Document Roadmap” section later in this
chapter to locate information that is relevant to your particular responsibilities.)
Table 1-1. Project Roles
Role Description
Developer Developers are responsible for the implementation of the compo-
nents, Web pages, database objects, and other software artifacts
that comprise the e-commerce application. Some are specialized
developers who take responsibility for a particular aspect of the
solution, while others have a more general role in the production
of code.
(continued)
IT-EBOOKS.DIRECTORY
Role Description
Application Architect The Application Architect’s role is to design the software solution
and oversee the development effort. To do this effectively, an
architect must have a clear understanding of the business require-
ments, as well as technical knowledge of the development tools
and techniques required to build the solution. Additionally, Applica-
tion Architects must understand the development process from
conceptual design to physical implementation.
Infrastructure Specialist Effective e-commerce solutions, more so than most other applica-
tion types, require a strong relationship between the design of the
software application and the architecture of the infrastructure on
which it will run. Infrastructure Specialists are responsible for
designing the network topology for an e-commerce site — including
firewalls, server clusters, staging servers, and administrative and
monitoring functionality.
System Administrator Any software implementation must be administered to some
degree. System Administrators (including network, Web site, and
database administrators) are responsible for the day-to-day running
of the site. This includes ensuring that appropriate security
measures are taken to prevent unauthorized access to sensitive
data, implementing a reliable backup procedure, monitoring the
site’s performance and availability, and other administrative tasks.
Business Decision Maker Business Decision Makers fulfill an overall product management
role in an e-commerce project. They are primarily responsible for
determining the project scope as well as the technological and
personnel investments required to build a solution that meets the
business needs.
Document Roadmap
The Developer’s Guide consists of four main sections, each containing topics related
to the development of the site. You are encouraged to read the topics that relate
most closely to your role in e-commerce development. The sections, together with
their relevance to specific roles and responsibilities, are described next.
Part 1: Getting Started

This section provides basic introductory information, a roadmap to the remainder
of the guide, and installation and configuration instructions for the Reference
Architecture application and other required software.
All users should review this information prior to reading other sections of the
Developer’s Guide.
IT-EBOOKS.DIRECTORY
Chapter 1: Introduction to the Reference Architecture 7
Part 2: System Architecture

Part 2 contains a high-level description of the application, as well as a summary of
the design process used to develop the site. It contains a chapter about the design
approach and application model and specific chapters on each phase of the design
process.
● Business Decision Makers should use this section when evaluating the hardware,
software, and expertise requirements for an e-commerce project.
● Application Architects will find this section useful in understanding the
conceptual use cases, logical model, and physical implementation of the
ConsolidatedRetail.com site.
● Developers can gain an understanding of the skill requirements and the tech-
nologies used in the development of the site.
● Infrastructure Specialists will find the physical design of the
ConsolidatedRetail.com application useful in determining the required network
and security design for the solution.
Part 3: Solution Implementation

Part 3 includes a series of topics that describe the implementation details of specific
aspects of the application, as well as the testing, deployment, and operational
management methodologies the application uses. It contains an implementation
overview, a roadmap to the solution, a description of the functional components,
and a chapter on debugging and testing e-commerce applications.
● Application Architects can use this section to examine the implementation of the
various components in the application. The topic about testing provides addi-
tional information about the methodology used to test the application for usabil-
ity and performance.
● Developers can use this section to gain an understanding of the code in the
ConsolidatedRetail.com application, and how it can be reused and extended.
● Infrastructure Specialists will find the topics about testing and deploying the
application useful in understanding how the application can be implemented
on specific network architecture.
● System Administrators can use the topic about operational management to
understand the management issues and tasks involved in operating and main-
taining the application.
Part 4: Appendices
Part 4 provides additional reference materials that you may find helpful when
reviewing the Reference Architecture application code or when building or testing a
solution based on the Reference Architecture. These materials include sample XML
IT-EBOOKS.DIRECTORY
output, data field validation notes, a sample test plan, and sample test cases. The
materials included in Part 4 are intended primarily for developers and testers.
In addition, the Developer’s Guide contains an appendix that shows the XML output
generated from the XSL pages, an appendix that explains data validation performed
by the reference code, and appendices that provide sample detailed test plans and
test cases.
Document Conventions
This guide uses the following style conventions and terminology.
Table 1-2. Document Conventions
Element Meaning
Bold font Characters that you type exactly as shown, including commands and
switches. User interface elements are also bold.
Italic font Variables for which you supply a specific value. For example, Filename.ext
could refer to any valid file name for the case in question. New terminol-
ogy also appears in italic on first use.
Monospace font Code samples.
%SystemRoot% The folder in which Windows 2000 is installed.
Tip Alerts you to supplementary information that is not essential to the
completion of the task at hand.
Note Alerts you to supplementary information.
Important Alerts you to supplementary information that is essential to the comple-
tion of a task.
Caution Alerts you to possible data loss, breaches of security, or other more
serious problems.
Warning Alerts you that failure to take or avoid a specific action might result in
physical harm to you or to the hardware.
Support for the Reference Architecture

Community (newsgroup) support is available for the Reference Architecture for
Commerce on the following newsgroups:
● NNTP at news://msnews.microsoft.com/microsoft.public.reference_arch.commerce
● Web-based Newsgroup Client at http://msdn.microsoft.com/newsgroups

/default.asp?newsgroup=microsoft.public.reference_arch.commerce
IT-EBOOKS.DIRECTORY
2
Installing the Software
This chapter describes the necessary steps to install the Reference Architecture
application on a single computer for testing and examination. This guide also
describes realistic deployment practices for use on production sites based on the
Reference Architecture.
Before You Begin

Before you install the Reference Architecture application, be sure that you have the
necessary hardware configuration and all required software.
Hardware Requirements
For testing and development purposes, the Reference Architecture application
should be installed on a single computer dedicated to the task, rather than on a
personal workstation with other software. The application can be safely installed
and run with other applications, but due to the possibility of software conflicts or
incompatibilities, you should use a single stand-alone computer to ensure proper
operation.
The Reference Architecture application requires the following minimum system
configuration:
● 400 MHz or faster Pentium-compatible CPU
● 256 megabytes (MB) RAM
● 3-gigabyte (GB) hard disk
● Network adapter
Note: For development and code review purposes, the Reference Architecture application runs
on a single computer without a network adapter.
IT-EBOOKS.DIRECTORY
Software Requirements
Before you install the Reference Architecture application, be sure that the required
software is installed. The next section provides installation instructions.
The Reference Architecture application requires the following software:
● Windows 2000 Server (or Advanced Server), including Microsoft Message
Queuing (MSMQ), and Windows 2000 Server, Service Pack 2.
● Microsoft Commerce Server 2000 and Commerce Server 2000, Service Pack 1.
Commerce Server 2000 requires Microsoft SQL Server™ 2000 (Standard or
Enterprise Edition).
● Microsoft XML Parser (MSXML) 3.0, Service Pack 1, available for download from
the MSDN® Web site at http://msdn.microsoft.com/downloads/
● Microsoft XSL ISAPI filter, included in the Reference Architecture download.
The Reference Architecture application code includes a custom version of the
XSL ISAPI filter (Xslisapi2.dll). This version is not available for download on
Microsoft.com; however, the documentation for the publicly available version
(Xslisapi2.dll, version 2.1) is appropriate for the custom version. This documen-
tation is available for download from the MSDN Web site. On the MSDN Down-
loads page, type XSL ISAPI 2.1 in the Search box.
● Microsoft Reference Architecture for Commerce application (available for down-
load from the MSDN Code Center). On the MSDN Code page (at http://
msdn.microsoft.com/code/), type Reference Architecture for Commerce in the
Search box.
● Microsoft Visual Studio® 6.0 (this is required only for developers who want to
examine the source code of the application) and current Service Pack level
(available for download from the MSDN Web site at http://msdn.microsoft.com
/vstudio/).
● Microsoft Passport Software Development Kit (SDK), version 1.4. The Passport
SDK is available for download from the MSDN Web site at http://
msdn.microsoft.com/downloads
Installing the Prerequisite Software

Install the required software for the Reference Architecture application as described
in the following procedures.
Install Microsoft Windows 2000 Server and MSMQ

Refer to the Windows 2000 documentation for details about how to install Win-
dows 2000 and Windows 2000 Service Pack 2. You can find information about
Windows 2000 Server at http://www.microsoft.com/windows2000/
IT-EBOOKS.DIRECTORY
Chapter 2: Installing the Software 11
Note that you must install the Microsoft Message Queuing (MSMQ) components
before you install the Reference Architecture application. (You can install MSMQ on
a computer that is already running Windows 2000.)
After you install Windows 2000, log on using the Administrator account.
Install Commerce Server 2000

Refer to the Commerce Server 2000 documentation for details about how to install
Commerce Server 2000 and Commerce Server 2000 Service Pack 1.
You can find more information about Commerce Server 2000 at http://
www.microsoft.com/commerceserver/
Install Microsoft XML Parser 3.0 SP 1

If you have not already done so, download Microsoft XML Parser 3.0 Service Pack 1
from the Web site at http://msdn.microsoft.com/downloads/
After the download completes, double-click the MSXML3SP1.exe file to unpack and
install the parser.
Install the Developer Tools (Optional)

After you install the XML Parser, install Visual Studio 6.0 and the Passport SDK,
version 1.4. Visual Studio 6.0 is necessary if you want to examine or modify the
Reference Architecture application source code, and the Passport SDK is required
if you want to incorporate Passport authentication.
Install Visual Studio 6.0

Refer to the Visual Studio 6.0 documentation for complete instructions about
installing Visual Studio.
Be sure that the following components are installed:
● Microsoft Visual C++® development system version 6.0
● Microsoft Visual InterDev® Web development system version 6.0
● ActiveX® controls
● Data access
● Enterprise tools
● Tools
In addition, you may want to install the MSDN Library to provide online Help for
Visual Studio.
After installation completes, you should apply all required Service Packs.
IT-EBOOKS.DIRECTORY
Install the Passport SDK 1.4

Refer to the Passport SDK 1.4 documentation for complete instructions about
installing the Passport SDK.
After You Install the Prerequisite Software

After you install the required software, restart the computer.
Installing the Reference Architecture Application

After you successfully install the prerequisite software, you can install the Reference
Architecture application and configure the Web site. The following steps describe
how to download, install, and configure the application.
Download the Reference Architecture Application

The latest version of the Reference Architecture for Commerce application is avail-
able on the Microsoft Developer Network (MSDN) Web site.
To download the application
1. Locate the application at http://msdn.microsoft.com/code/
2. Click Download, and then click Yes to accept the license agreement. Follow the
instructions to download the software.
Create and Configure the Business Desk Folder

Before you can install the Reference Architecture application, you need to create and
configure a folder for the Commerce Server 2000 Business Desk interface.
To create and configure the folder
1. In Microsoft Windows Explorer, navigate to the Inetpub folder on the system
partition.
2. Create a folder in Inetpub named B2CRefBizDesk. This folder will store the files
for the site’s Business Desk interface.
Create and Configure the Web Site Folder

Before you can install the Reference Architecture application, you need to create and
configure a folder to hold the Reference Architecture Web site files. This allows the
XSL ISAPI filter to write temporary files to disk.
To create and configure the Web site folder
1. In the Inetpub folder on the system partition, create a folder named B2CRef. This
folder will store the Reference Architecture Web site files.
IT-EBOOKS.DIRECTORY
2. Right-click the B2CRef folder, and then click Properties.

3. Click the Security tab, and then click the Add button.
4. In the Look In drop-down list, click your local computer name if it is not already
selected. This displays the accounts on your local computer (rather than accounts
in any domain in which the computer is a member).
5. Scroll the list of accounts until you find the account IWAM_computer-name,
where computer-name is the name of your computer. This is the account under
which the Microsoft Internet Information Services (IIS) Web server runs. Select
that account, click the Add button, and then click the OK button.
6. In the B2CRef Properties window, make sure Launch IIS Process Account is
selected in the list of names.
7. In the Permissions box, under Allow, select the Modify and Write check boxes.
8. Click OK to close the window.
Create a New Web Site to Host the Application

After you create the folders to hold the Web files, you need to create a new Web site
to host the Reference Architecture application.
To create the Web site
1. On the taskbar, click the Start button, point to Programs, point to Microsoft
Commerce Server 2000, and then click Commerce Server Manager.
2. In the left pane of the Commerce Server Manager window, expand the Internet
Information Services node by clicking the plus sign (+) next to it.
3. A node that represents your computer (with the same name as your computer)
should be visible. Click the plus sign (+) next to it to display the Web sites hosted
on your computer.
4. Under Internet Information Services, right-click the icon that represents your
computer, point to New, and then click Web Site.
5. In the first dialog box, click Next.
6. In the Description box, type B2CRef. The IIS Administration listings refer to the
Web site by this name. Click Next.
7. In the IP Address and Port Settings dialog box, leave the IP address as All
Unassigned, set the TCP port to 81 (or to any other available IP port address,
and then click Next.
8. In the Web Site Home Directory dialog box, either enter the path to the
Inetpub\B2CRef folder in the Path box or click Browse to navigate to that folder
and select it, and then click Next.
9. In the Web Site Access Permissions dialog box, leave the default settings (Read
and Run scripts), and then click Next.
10. Click Finish to create the site.
IT-EBOOKS.DIRECTORY
Create a New Web Site to Host

the Commerce Server 2000 Business Desk
The Commerce Server 2000 Business Desk console should be placed on a separate
Web site to prevent conflicts with the XSL ISAPI filter used on the main Reference
Architecture site.
To create the Web site
1. If you have not already done so, expand the Commerce Server Manager Internet
Information Services node, right-click the icon that represents your computer,
point to New, and then click Web Site.
2. In the first dialog box, click Next.
3. In the Description box, type B2CRefBizDesk. The IIS Administration listings
will refer to the Business Desk console Web site by this name. Click Next.
4. In the IP Address and Port Settings dialog box, leave the IP address as All
Unassigned, set the TCP port to 82 (or to any other available IP port address,
and then click Next.
5. In the Web Site Home Directory dialog box, either enter the path to the
Inetpub\B2CRefBizDesk folder in the Path box or click Browse to navigate to
that folder and select it, and then click Next.
6. In the Web Site Access Permissions dialog box, leave the default settings (Read
and Run scripts), and then click Next.
7. Click Finish to create the site.
Start the Application Installer Program

You are now ready to install the Reference Architecture application that you down-
loaded previously (refer to the section, “Download the Reference Architecture
Application,” earlier in this chapter).
To install the application
1. Double-click the Reference Architecture for Commerce installer program icon to
begin the installation process.
2. On the Welcome screen, click Next.
3. Read the License Agreement. If you agree to the terms of the license agreement,
click I accept the terms in the license agreement, and then click Next. Other-
wise, you will not be able to install the application.
4. In the Custom Setup dialog box, the default action is to install the entire Web
application and all source code. If you want to change particular elements from
the installation, select the check boxes next to the elements, click This feature
will not be available, and then click Next.
IT-EBOOKS.DIRECTORY
5. In the Services Account dialog box, in the Username, Password, and Domain
boxes, enter the information under which the COM+ components will run. Click
Next.
6. Click Install. The installation process will install the files and components.
7. Click Finish on the last screen.
Install and Configure the XSL ISAPI Filter

After you create the Web site for the Reference Architecture application, you need to
set up the correct XSL ISAPI filter.
To set up the filter
Information Services node, and then expand the node that represents your
computer to display the Web sites hosted on your computer.
2. Right-click B2CRef, and then click Properties.
3. Click the ISAPI Filters tab, and then click Add.
4. In the Filter Properties dialog box, type XSLISAPI2 in the Filter Name box, and
then click Browse.
5. Navigate to the B2CRef installation folder (default is “C:\Program
Files\Reference Architecture for Commerce\Binaries”), click xslisapi2.dll, and
then click Open.
6. In the Filter Properties dialog box, click OK to add XSLISAPI2 to the list of
ISAPI filters for the site.
7. Click OK to save your changes and close the Properties dialog box.
Configure the XSL ISAPI Filter to Work Correctly with Business Desk
If you configure Commerce Server 2000 Business Desk to use the same site that the
XSL ISAPI filter uses, an error is generated and Business Desk does not function
correctly. This is because the XSL ISAPI filter captures all files delivered by the site
to the client, and attempts to process them. So, for example, when Business Desk
requests an XML file, the XSL ISAPI filter captures the file first and tries to process
it, rather than passing it on to Business Desk.
To eliminate this problem, you must do either of the following:
● Configure Business Desk to use a site that does not have XSL ISAPI installed.
If you follow the recommended procedure in this chapter, this is the default
configuration.
● Remove XML from the list of file types that XSL ISAPI will process. Note that
this option requires that you modify and then recompile the source code for the
XSLISAPI.dll.
IT-EBOOKS.DIRECTORY
To remove XML from the list of file types that XSL ISAPI will process
1. Start Microsoft Visual Studio, and then open the XSL ISAPI file, Global.h.
2. Find the following section, which lists the file extensions that the filter will
process:
Const LPCSTR g_szFileTypesA[] =

{
"XML", "PASP"
};
3. Delete XML from the list, and recompile the project.

4. Replace the previous version of the XSL ISAPI filter with the one you compiled.
Unpack the Commerce Site

After you install and configure the XSL ISAPI filter, unpack the commerce site.
To unpack the site
1. Start the Commerce Site Packager: on the taskbar, click the Start button, point to
Programs, point to Reference Architecture for Commerce, and then click PUP
Package.
2. In the Unpack dialog box, click Custom unpack, and then click Next.
3. In the Unpack Method dialog box, leave Create a new site selected, and then
click Next.
4. In the Site Name dialog box, the Site name box should be preset to B2CRef. Do
not change the setting. Click Next.
5. In the Select Resources dialog box, leave all resources on the right side (Re-
sources to unpack), and then click Next.
6. In the Global Resource Pointers dialog box, keep the default settings and click
Next.
7. In the Database Connection Strings dialog box, keep the default settings and
click Next.
8. In the dialog box that requests a SQL user name and password, type sa in the
SQL user name box and whatever password you assigned for the SQL Server sa
account in the SQL password box.
9. Click Test Connection, and if successful, click OK on the confirmation message
box and the Test Connection dialog box.
10. In the Select Applications dialog box, keep the default settings and click Next.
IT-EBOOKS.DIRECTORY
11. In the Select IIS Web Sites and Virtual Directories dialog box:
a. In the left pane, click the first line of the listing (/) to highlight it.
b. Under IIS Web site, click B2CRef on the drop-down list.
c. The IIS virtual directory should contain a single forward slash (/). This
places the application at the root of the B2CRef Web site.
d. In the left pane, click BizDesk to highlight the second line of the listing.
e. Under IIS Web site, click B2CRefBizDesk on the drop-down list.
f. Under IIS virtual directory, keep the value BizDesk, and then click Next.
12. A warning message may appear indicating that you will overwrite existing
virtual directories if you continue. If this message appears, click Yes.
13. A second message may appear indicating that you will overwrite specific direc-
tories if you continue. Click Yes again.
14. In the Data Warehouse dialog box, keep the default settings, and click OK.
15. In the Profiling System dialog box, change the Profile Schema Definition (.xml)
file to point to <drive>:\Program Files\Reference Architecture for
Commerce\SupportFiles\ProfileSQLwCC.xml (where <drive> is the drive on
which the application is installed).
16. Change the Site Terms Definition (.xml) file to point to: <drive>:\Program
Files\Reference Architecture for Commerce\SupportFiles\SiteTermswCC.xml
(where <drive> is the drive on which the application is installed). Click Next.
17. Change the Schema Definition Script to point to <drive>:\Program
Files\Reference Architecture for
Commerce\SupportFiles\ProfileSQLwCC.sql (where <drive> is the drive on
which the application is installed).
18. Click Profiling System Connection String, and then click Modify. Click
Microsoft OLE DB Provider for SQL Server, and then click Next. Choose your
server name, user name, and database (B2CRef_commerce). Click OK to close
the dialog box.
19. Click OK again.
20. When the application is unpacked, an Unpacking is complete dialog box dis-
plays. Click Finish to exit.
Note: Do NOT click the View Selected Application button because some post-installation
configuration of the Web site still needs to be done.
IT-EBOOKS.DIRECTORY
Import the Predictor Modeling Data

This release of the Reference Architecture for Commerce provides support for the
Commerce Server 2000 Predictor, which facilitates discount and directed advertis-
ing using e-mail. The Predictor resource allows you to build complex analysis
models that you can use to determine the type of content, advertisements, and
additional products that might interest your users.
To import the Predictor modeling data
1. In SQL Enterprise Manager, navigate to the B2Cref_dw database. Expand the
Microsoft SQL Servers node, the SQL Server Group node, the node for your
server, and then expand the Databases node.
2. Right-click the database name, B2CRef_dw, and then click All Tasks.
3. Click Import Data, and then click Next.
4. Change the data source to Text File.
5. Select <drive>:\Program Files\Reference Architecture for
Commerce\SupportFiles\PredictorModels.csv (where <drive> is the drive on
which the application is installed), and then click Next. Click Next again.
6. An error message displays. Click Yes.
7. Click Comma, and then click Next.
8. Click Next until you reach the Finish screen.
9. Click Finish.
10. Click Done.
Configure the Business Desk Web Site

You need to configure the local path for the Business Desk Web site.
To configure the Web site
Information Services node, and then expand the node that represents your
computer to display the Web sites hosted on your computer.
2. Right-click B2CRefBizDesk, and then click Properties.
3. Click the Home Directory tab, and then click Browse.
4. Under Inetpub\B2CRefBizDesk, click BizDesk, and then click OK.
5. In the B2CRefBizDesk Properties dialog box, click OK.
IT-EBOOKS.DIRECTORY
Configure the Pipeline Components

You need to configure the local path for the pipeline components.
To configure the pipeline components
1. On the taskbar, click the Start button, point to Programs, point to Microsoft
Commerce Server 2000, and then click Pipeline Editor.
2. On the File menu, click Open.
3. Locate the pipelines folder in the B2CRef folder (the folder where you installed
the B2CRef site). For example, the path could be C:\Inetpub\B2CRef\Pipelines\.
4. Click final.pcf, and then click Open.
5. Right-click the QueueEmail Class pipeline stage, and then click Properties.
6. In the Component Properties dialog box on the PipelineQueue Properties tab,
replace yourcomputername in the Queued Component Path Name text box with
your computer name.
Note: If your computer is a member server of a domain, the installation program will create
a public queue instead of a private queue. If this is the case, omit the PRIVATE$\ part of
the path. If you plan to host your Message Queues on a separate computer, you need to
change the path accordingly.
7. Click OK, and then click the floppy disk toolbar icon in the Pipeline Editor to
save the changes and exit the Pipeline Editor application.
8. Stop and restart the B2CRef site. To do this right-click the B2CRef site in the
Commerce Server Manager console, click Stop on the pop-up menu, right-click it
again, and then click Start on the pop-up menu.
Configure the Queued E-mail Component

You need to configure the Queued E-mail component to be able to send confirma-
tion e-mail messages.
To configure the queued e-mail component
1. On the taskbar, click the Start button, point to Programs, point to Administra-
tive Tools, and then click Component Services.
2. In the left pane of the Component Services window, expand the Component
Services node by clicking the plus sign (+) next to it. Click the plus sign (+) next
to the Computers node.
3. A node that represents your computer (with the name My Computer) should be
visible. Click the plus sign (+) next to it to display the COM+ Applications node.
Click the plus sign (+) next to it.
IT-EBOOKS.DIRECTORY
4. A node that represents the queued e-mail component (with the name
B2CRef_Queued_Email) should be visible. Click the plus sign (+) sign next to it.
5. A node with the name Components should be visible. Click the plus sign (+) next
to it.
6. A node with the name QueuedEmailer.CMailer should be visible. Right-click this
node, and then click Properties.
7. In the Properties dialog box, click the Activation tab. The entry in the text box
named Constructor String needs to be changed in the following way: Between
the XML tags <SMTPServer> and </SMTPServer>, enter the name of your
SMTP e-mail server (ask your network administrator if you don’t know the
name). You also need to enter the SMTP user name and password between the
respective XML tags.
Note: The other tags are already filled out, but you might need to check with your network
administrator if you need to change them according to your actual SMTP settings (for
example, SMTP Port, SMTP Timeout, Use SSL, and the SMTP Authority Mode).
8. Click OK to return to Component Services window.

9. Right-click the B2CRef_Queued_Email node, and then click Shut Down. Right-
click it again, and then click Start.
10. Close the Component Services window.
Create the Business Desk Console for the Application

After you install and unpack the B2CRef application and configure the pipeline
components, you need to create the Business Desk console for the application. To
create the console, please refer to the complete procedures in the Commerce Server
2000 documentation.
Configuring the Commerce Site

This section describes procedures for configuring the commerce Web site by adding
a catalog, configuring tax and shipping information, and testing the site.
Import, Modify, or Delete Catalogs

Use the Catalog Editor module to work with categories and catalogs. You can
create, modify, and delete categories and catalogs. In addition, you can use the
Catalog Editor module to import a catalog from either an Extensible Markup
Language (XML) file or a comma-separated value (.csv) file.
The following procedure imports the two sample XML catalog files included with
the application and makes them available for the site to use.
IT-EBOOKS.DIRECTORY
To import the Booksfull.xml catalog file

1. In Commerce Server 2000 Business Desk, on the Catalog menu, click Catalog
Editor.
2. On the Catalog Editor screen, click the Import Catalog toolbar, and then click
Import XML on the drop-down list.
3. In the Import XML Catalog dialog box, type <drive>:\Program Files\Reference
Architecture for Commerce\SourceCode\Catalogs\Booksfull.xml (where
<drive> is the drive on which the catalog is located) in the File name box. Verify
that the Delete any existing catalog data check box is not selected.
4. Click OK.
5. In the Business Desk: Import XML Catalog dialog box, click OK. The Books
catalog will be imported and available on the Reference Architecture retail site.
Note: The catalog does not yet appear in the Name box in the Catalog Editor.
To import the Hardwarefull.xml catalog file

Editor.
2. In the Catalog Editor dialog box, click the Import Catalog toolbar, and then click
Import XML on the drop-down list.
3. In the Import XML Catalog dialog box, type <drive>:\Program Files\Reference
Architecture for Commerce\SourceCode\Catalogs \Hardwarefull.xml (where
<drive> is the drive on which the catalog is located) in the File name box. Verify
that the Delete any existing catalog data box is not selected.
4. Click OK.
5. In the Business Desk: Import XML Catalog dialog box, click OK. The Hardware
catalog will be imported and available on the Reference Architecture retail site.
Note: The catalog does not yet appear in the Name box in the Catalog Editor.
Use the Catalog Editor module to refresh and publish a catalog on your Web site.
You need to refresh and publish a catalog whenever you make any changes to
ensure that those changes are reflected on your Web site.
To refresh and publish a catalog
Editor.
2. In the Catalog Editor dialog box, click the Update Catalog toolbar. The catalog
will be updated and published on the Web site.
IT-EBOOKS.DIRECTORY
Configure Tax Rates and Shipping Information

To configure tax rates and shipping information, please refer to Commerce Server
2000 documentation about “Tax rates for orders” and to the Commerce Server 2000
tutorial documentation about “Adding a Shipping Method and a Tax Rate.”
To configure shipping methods, please refer to Commerce Server 2000 documenta-
tion about “Shipping Codes.”
Note: The sample catalog schema does not contain a weight field; therefore, the application
does not support shipping methods based on weight.
Test the Site

After you import the catalog and configure the tax and shipping information, you
are ready to test the B2CRef site. To test the site, go to http://localhost:81.
Distributed Deployment Considerations

Although you can install the Reference Architecture application on a single com-
puter for development and evaluation purposes, a more realistic deployment
environment would involve distributing the application over several servers. In a
production environment, you should give additional consideration to security,
scalability, and availability in the form of firewalls and server clusters.
Testing the Application in a Distributed Environment

You can deploy the Reference Architecture application in a distributed environment
for testing purposes. The infrastructure architecture shown in Figure 2.1 could be
used to distribute the application over three computers:
Client Web Server Database Server

Internet Explorer 5.5 Commerce Server 2000 SQL Server 2000
MSXML3 Analysis Services
XSLISAPI121
B2C Reference Site
B2CRef BizDesk Site
Figure 2.1
Simple Distributed Infrastructure Architecture
IT-EBOOKS.DIRECTORY
To install this distributed environment, use the installation instructions described

earlier with the following exceptions:
● Install Windows 2000 Server on the database server and the Web server (the
client computer can use Windows 2000 Server, Windows 2000 Professional,
Windows 98, or Windows Millennium Edition). The application supports Inter-
net Explorer 4.x and later.
● Verify network connectivity (over TCP/IP) before you attempt to install the
application.
● Install SQL Server and Analysis Services on the database server.
● Specify the name of the Database server and valid logon credentials when you
install Commerce Server 2000 on the Web server and when you unpack the
Reference Architecture application.
● You can install Business Desk on the client computer by going to http://<Web
Server name>:<IP address>/BizDesk (where <Web Server name> is the name of the
Web Server computer and <IP address> is the IP address specified for Business
Desk).
● You can access the B2CRef site from the client computer by going to http://
<Web Server name>:<IP address> (where <Web Server name> is the name of the
Web Server computer and <IP address> is the IP address specified for B2CRef.
Production Environment Considerations

The purpose of the Reference Architecture application is to demonstrate features that
would be required in a real e-commerce solution and to provide reusable components
for developers. When a business chooses to deploy a solution similar to the Reference
Architecture application in a production environment, a great deal of thought and
planning goes into designing the infrastructure on which the application will run.
Figure 2.2 shows the minimum infrastructure architecture for such a production site:
Internet Client Web Farm Database Cluster

Windows 2000 Advanced SQL Server 2000 on windows
Server & Commerce Server 2000 Data Center, clustered
2000 using Network using Microsoft Clustering
Load Balancing Services
Primary Secondary
Firewall Firewall
Figure 2.2
Minimum Production Infrastructure Architecture
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
Part 2
System Architecture
Part 2 of the Developer’s Guide for the Microsoft Reference Architecture for
Commerce provides an overview of the business requirements and phased design
process used by the architects of the sample application. In addition, each chapter
summarizes the actual deliverable produced at that phase of the design process.
Note that the process used follows the Microsoft Solutions Framework (MSF)
guidelines, which were gleaned from standard industry best practices. More infor-
mation about MSF is available from the Microsoft Web site. On the Microsoft Home
page, type MSF in the Search box.)
Part 2, “System Architecture,” consists of the following:
● Chapter 3, “Business Requirements and Design Model”
● Chapter 4, “Conceptual Design Phase”
● Chapter 5, “Logical Design Phase”
● Chapter 6, “Physical Design Phase”

IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
3
Business Requirements and
Design Model
Ask your average Web user to define an e-commerce site, and he or she will prob-
ably tell you that it is an online store where customers can use a credit card to buy
products. Although this description is accurate, it does not sufficiently describe
the variety of e-commerce sites being developed for the Internet today. In the fast-
moving world of Internet business, an effective e-commerce Web site is much more
than a Web-based shop.
Requirements That Affect Design

Users are demanding more from e-commerce sites, and if one site doesn’t meet
their expectations, they’ll go somewhere else. So, what are users demanding from
e-commerce? Which business requirements must the application designer consider
first? The following list suggests some of the major issues affecting application
design:
● Ease of use
● Performance requirements
● Anonymous shopping
● User profiling
● Strong security
● Support for multiple device types
● Manageability
At first glance it appears that some of these challenges are within the scope
of the Application Architect, while others are more the responsibility of the
IT-EBOOKS.DIRECTORY
Business Decision Maker or Infrastructure Specialist. However, if you examine these

challenges in detail, you can understand how the design of the application has an
impact on each challenge.
Ease of Use
It’s reasonable that a site should be easy to use and navigate. After all, businesses
don’t want to make it difficult for customers to buy products, and customers are
much more likely to spend money at a site if they can find their way to the check-
out page.
One way to make the site easier to use is to ensure that you use familiar analogies
for common tasks. This means storing a customer’s selections in a shopping basket
until the customer decides to complete the purchase (or check out). Using metaphors
like this make it easier for non-computer experts to understand how the site works,
and make a purchase.
Making the site easily navigable can be a much more difficult task than you might
first think. The Web works in a fairly non-linear fashion, and users often click links
in an unexpected order. You should be sure that your site presents a consistent
interface to the user regardless of which page he or she is currently viewing, and
that important pages (such as the home page, the shopping basket, and the
user’s account information) are always available by clicking a single link. On the
ConsolidatedRetail.com site, the banner across the top always includes links to the
shopping basket, customer account, and home pages, and the panel on the left side
always includes the search and catalogs links.
Another way to ensure that users can find their way around your site is to make
sure your lists of products, or catalogs, are organized in a logical manner. Custom-
ers will find it much easier to locate the product they are interested in if your
catalogs are divided into categories, and possibly sub-categories. You should also
provide users with the ability to search for a product if they are unsure of where
it is listed.
If your site is easy to use and navigate, customers will enjoy using it. Conversely, if
it is difficult to use, they will probably give up and move on to another site.
Performance Requirements
There are many factors in the design of a Web site that can affect its performance. Of
course, performance means different things to different people, and what is consid-
ered an acceptable level of performance can vary from user to user.
IT-EBOOKS.DIRECTORY
Chapter 3: Business Requirements and Design Model 29
Acceptable Response Time

What most people mean by a site that performs well is a site that provides accept-
able response times. Response time is the amount of time a user waits after request-
ing an action before seeing a result. Ideally, we’d all like each action on the site to be
performed instantaneously; however, in practice we need to accept that limited
bandwidth, database concurrency, and business processing tasks usually cause a
slight delay. When designing an e-commerce site, try to reduce the factors that
adversely affect response time, although you will never completely eliminate them.
The key to e-commerce optimization is to optimize the time in which it takes to
perform things such as checking out, so that you don’t lose orders because custom-
ers abandon their shopping baskets while standing in the virtual line.
Scalability
Another important aspect of performance is scalability. This is the ability of the site
capacity to increase when resources are added. To the user community, this means
that the site continues to provide acceptable response times when many users
access the site concurrently. Many developers are disappointed to learn that a test
site that performs brilliantly on a development computer fails to cope with the
required number of users.
So, how can the scalability of a site be maximized? Two typical approaches are
scaling up and scaling out.
The first approach, scaling up, is achieved by adding more processing power to the
servers in the form of more and/or faster CPUs, more RAM, faster disks, and so on.
This approach can be very effective, particularly on the data tier where very large
databases require respectively large processing power. However, this approach
becomes less cost-effective the closer to the top-end a server reaches, as hardware
costs rise exponentially with their power.
Scaling out, on the other hand, involves sharing the processing load across multiple
servers in a cluster, or a collection of servers, known as a Web farm. Web farms are a
much more cost-effective use of hardware, and provide a more flexible and exten-
sible solution. As the load on a site increases, servers can be easily added to the
Web farm.
Figure 3.1 on the next page illustrates the basic architecture of a Web farm.
IT-EBOOKS.DIRECTORY
Client Client Client
Internet
IIS IIS IIS
SQL
Figure 3.1
A Web Farm
Anonymous Shopping
In general, users do not want to be forced to log on to a site before they can see
what the site has available to purchase. Your site should allow anonymous users
to browse through your products and even place products in a shopping basket,
without requiring authentication.
User Profiling
When a customer revisits a site, that customer doesn’t want to have to reenter
information that was supplied during a previous visit. After a customer provides
your site with shipping and contact information, he or she expects that this data
will be remembered.
To accomplish this, many sites maintain user profile information for each user who
registers with the site. In most cases, the user is required to register by providing a
minimal amount of profile information, such as a user name and password. The
IT-EBOOKS.DIRECTORY
user is then assigned a unique identifier that can be used as the primary key for that
user’s profile data.
After a user registers at a site, the user’s profile information can be saved in a
database and recalled for use later. Users can usually add to the mandatory infor-
mation, allowing them to specify such details as an e-mail address, telephone
number, shipping address, or any other piece of personal information you allow
them to add.
Retaining user profile information is useful for the following reasons:
● It prevents users from being required to reenter data on subsequent visits.
● It can be used to analyze user activity at the site.
● It can be used as the basis of personalization, allowing you to target banner ads
or discounts at a specific class of user.
● It can be used for business analysis purposes; for example, to track buying trends
based on specific profile values.
Strong Security
Sensitive information transmitted across an unsecured network, such as the Inter-
net, can be intercepted. For this reason, any site that makes use of sensitive financial
or personal information must protect that data’s integrity by using authentication,
encryption, and secure networking protocols. Secure Sockets Layer (SSL) is a proto-
col that provides communications privacy, authentication, and message integrity for
a TCP/IP connection. By using this protocol, clients and servers can communicate
in a way that prevents eavesdropping, tampering, or message forgery.
In addition, a shopping site must ensure that stored customer information — such as
personal data, preferences, order history, and payment information — are protected
on the server. Access to customer information should be protected by user IDs and
passwords.
Support for Multiple Device Types

Web browsing devices are becoming increasingly available and varied — for ex-
ample, there are Internet-enabled cell phones, handheld devices, voice-enabled
browsers, and television- and game console-based browsers. In addition, these
devices have different capabilities and may or may not support a given markup
language or browser version. A commercial Internet site can provide support for
multiple device types by providing an interpretative layer that determines the
device type, and then formats the content for display on that specific device.
Mechanisms that facilitate this functionality include the Extensible Markup Lan-
guage (XML), Extensible Stylesheet Language (XSL), and related filtering technolo-
gies, such as the XSL ISAPI filter.
IT-EBOOKS.DIRECTORY
Manageability
Although application designers are not responsible for business decisions such as
pricing and advertising campaigns, the design of an e-commerce solution can have
a tremendous impact on the way a business responds to trends in the marketplace
and competitor activity. Business managers can work only within the constraints of
the management features of an e-commerce site. To be successful, an e-commerce so-
lution must be easy to use and yet have an all-pervasive management infrastructure.
You have two basic choices when you design the management interface for an
e-commerce site. You can create your own custom interface or you can use an ”out
of the box” solution such as the Microsoft Commerce Server 2000 Business Desk.
Building your own management interface means that you can design the manage-
ability of your site to be exactly the way you want it. However, it adds a significant
development effort to an already large software project, and it is often looked upon
as a project nearly as large as or larger than the application itself. The Commerce
Server Business Desk can be used to manage most aspects of an e-commerce site by
default, and additional functionality can be added by creating custom modules if
required.
The remainder of this chapter describes the actual business requirements identified
during the planning phase of this project, and the application model and design
process used in the design of the ConsolidatedRetail.com application.
Reference Architecture Application Business Requirements

Before the application design process can begin, it is important to gain an under-
standing of what the application must do. Analyzing business requirements is one
of the most important steps in developing an application. The aim of business
requirement identification is to create a solution that meets both retailer and con-
sumer needs. The requirements are then transformed into a business requirements
document, which will serve as the guide to develop the overall project vision.
This section outlines the actual requirements identified for the Reference Architec-
ture application, ConsolidatedRetail.com. Note that the business requirements used
here are purposefully limited to the capabilities of an easily installable reference
example.
Functional Requirements
ConsolidatedRetail.com was designed to meet the following functional requirements.
● Ease of navigation – The site should be easy to navigate. Links should be clear,
easy to understand, and functional. Users should be able to move easily between
pages and screens.
IT-EBOOKS.DIRECTORY
● Ease of use – The application should be easy to use. It should be easy to locate
and buy products and reach the checkout page.
The site should be easy to understand for non-computer experts. The site should
use easy-to-understand metaphors, such as storing products in a shopping basket
or cart until the shopper is ready to check out or shopping from a shopping list.
Customers should be able to move products in and out of the list or basket
simply and easily.
Each page on the site should display a consistent interface. Important and
commonly used pages should be available through a single click.
● Site access – Users must be able to access the site by:
● Entering the URL into a browser.
● Linking from another site or from e-mail.
● User registration/profiling – From any page on the site, a user must be able to
register so that he or she will not have to reenter the same information for each
order. A user should not be required to register to browse; however, registration
is required for checkout. Also, registration is required to sign up for e-mail
newsletters, notification of specials, public and private shopping lists, and so on.
Registration consists of:
● Profile information – User name, billing address, primary shipping address,
phone numbers, e-mail address should be associated with each unique,
authenticated user.
● Authentication information – User identification (user ID) and password
should be persisted in the application.
● Billing information – Users should have an option to enter credit card infor-
mation and have it saved. The application should be able to save multiple
credit card numbers.
● Preferences – Users should be able to specify whether or not they want e-mail
notification of shipment status (default Yes), and whether or not they want
notification of sales and specials (default No).
● Address book – Users should be able to store multiple shipping addresses.
● User registration management – After a user logs on and is authenticated, the

user should be able to modify, add, or delete registration information. All fields
except for User ID should be editable. In addition, the user should be able to
review order status and order history.
● Logon/authentication – After a user registers, if that user returns to the site, he or
she should be able to log on from any page on the site.
● Browsing – Users should be able to browse the catalogs. From the home page,
users should be presented with a list of catalogs. After a user selects a catalog, he
or she should be presented with sub-categories or actual products. Users should
be able to browse a series of product detail pages in succession by clicking a
single button, such as a Next button or an arrow icon.
IT-EBOOKS.DIRECTORY
● Anonymous browsing – Users should be able to browse catalogs anonymously;

that is, users should be able to view products without being logged on.
● Multiple catalogs – The application must support multiple catalogs. The
aggregation of products from multiple catalogs should be transparent to users.
● Products and categories – The application should permit products to be
associated with one or more catalogs.
● Product page – The application should have a product page that includes a larger
picture and/or a more detailed description of each product. Each product can be
added to the shopping basket from this page. From this page the user should be
able to:
● Add products to a shopping basket.
● Browse to the next product.
● Browse to the previous product.
● Return to the previous page.
● Product search – Users should have access to free text searches, where users enter
text characters and the search function returns a list of products.
Users should be able to search from the home page and all category and sub-
category pages. Users should be able to type multiple words in the Search field.
If a user specifies multiple words, a Boolean query using “and” as the operator
should be constructed from the words.
If a user is on the home page, Search should default to Search All Categories.
Searches performed on category and sub-category pages should default to Search
Within Category Name. Users can override these default settings by selecting a
particular area of the site or specific category to search.
If a site uses multiple catalogs, Search should work across all catalogs. An excep-
tion to this rule occurs if the site exposes the multiple catalogs (and had a hierar-
chical product listing). Each catalog would be the first level in the category/
product hierarchy. In that case, the default would be to search only the currently
active catalog. Users can override the default and choose to search another
catalog or the entire site. This is similar to the behavior specified for multiple
catalogs described earlier.
Searches should be performed against key words and titles by default.
● Product search results – The search results page should show a list of products
and their categories (or catalogs, as appropriate). They should be grouped by
category or catalog. Each search result should provide a hypertext link to the
corresponding product page.
IT-EBOOKS.DIRECTORY
● Adding products to the basket –Users should be able to access the following
types of baskets:
● Shopping Cart basket – This is the primary type of shopping basket; it holds
the products that a user selects to purchase during this visit. Both authenti-
cated and anonymous users should be able to use this type of basket; how-
ever, an anonymous user must be authenticated to complete the checkout
process.
● Save for Later basket – This is a collection of products that a user may con-
sider for purchase in the future. Only authenticated users should be able to
create and save this type of basket.
● Shopping list – This is a reusable (or saved) list of products that can be public
or private. Each user can have multiple shopping lists, each with a name and
properties indicating public or private availability. For example, a user can
have private lists entitled “My Ravioli,” or “Weekly groceries,” or “New
travel wardrobe.” A user can have public lists entitled “Human Art 101 – Mrs.
Drawer’s class” or “Wedding Gift Registry.” A user should be able to change a
shopping list from private to public and from public to private. Only authen-
ticated users should be able to create, edit, and save this type of basket.
From any product page, a user should be able to add one or more products to the
basket he or she is currently using. The baskets should not be tied to a particular
catalog; that is, a user should be able to progress from one catalog to the next,
adding products from one or more catalogs.
When a user adds a product to a basket, the basket item count increases auto-
matically. The user should be able to see the number of products in the basket
from any catalog or product page. If the basket used is the Shopping Cart, the
user also sees pricing information as the products are added. The Shopping Cart
provides per product, total product, and total order pricing information.
● Using the Save for Later basket – An authenticated user may want to purchase
products stored in a Save for Later basket. To do this, the user opens the Save for
Later basket and chooses one or more products to move into the Shopping Cart.
If the products are no longer available, the user receives an appropriate message.
The Save for Later basket does not save or store pricing information; therefore,
when products are moved, the site must process a price query and display the
price for each product (as it would for any product placed in the Shopping Cart).
● Managing the Shopping Cart and Save for Later basket –Users should be able
to perform multiple operations that manage the contents of both the Shopping
Cart and Save for Later basket. These operations include:
● Moving a product from the Save for Later basket to the Shopping Cart basket
● Moving a product from the Shopping Cart basket to the Save for Later basket
● Changing quantities (Shopping Cart basket only)
● Deleting products from the Save for Later basket or the Shopping Cart basket
IT-EBOOKS.DIRECTORY
● Using a public shopping list – A site visitor who wants to order from a public
shopping list locates the list by searching the site using some form of query. The
site displays the names of all lists that match the query, and the user selects a list
to view. The user selects products from the public shopping list, the products are
added to the user’s shopping basket, and information on pricing is displayed.
If a selected product is no longer available, the user receives an appropriate
message.
● Creating and using a private shopping list – An authenticated site user can
create a list of products that he or she orders repeatedly. The user can create a
new shopping list and add products to it or can add products to a list he or she
created during a previous visit. To create a new shopping list, the user must
supply a name for the list and must specify whether or not the list will be pub-
licly available. At any time, a user can change a list that he or she created from
public to private and from private to public.
To purchase products from a shopping list, the authenticated user locates and
opens the list, and then selects one or more products to purchase. The selected
products are added to the user’s Shopping Cart basket, and price and quantity
information is displayed. If a selected product is no longer available, the user
receives an appropriate message.
● Banner advertisement – Users can choose to view a banner advertisement, which
displays detailed information about the Shopping Cart and the Save for Later
baskets.
● Checking out – Users should be able to check out from any screen. When check-
ing out, each user is shown all ordered products (the Shopping Cart basket). At
this point, the user can edit the Shopping Cart basket contents. If the user con-
firms the contents of the basket, the shipping screen should appear. Each product
is associated with the user’s primary shipping address. The user can override
this address with one from the address book or with a new address. If the user
adds a new address, he or she chooses to save the new address in an address
book.
After the user attaches an address to each product (or accepts the default ad-
dress), the user can go to the Shipping screen and choose the delivery method for
each address. (The site owner determines the default method.) After selecting
each delivery method, the user progresses to the Payment screen. After selecting
a payment method, the user advances to the Order Summary screen. This screen
should be divided by shipping addresses. Under each address, the product
description(s), product cost, and total cost (if appropriate) are listed. The total
product cost is sub-totaled, the shipping cost listed as a line item and sub-
totaled, and then the tax is listed and the total for that address.
IT-EBOOKS.DIRECTORY
After all addresses are totaled, a grand total is listed at the end of the page. The
user has the opportunity to:
● Accept the order.
● Modify the order.
● Cancel the order.
● Continue shopping.
If the user chooses to modify the order, the Manage Basket page appears. If the
user chooses to cancel, the Shopping Cart basket clears. If the user chooses to
continue shopping, the Home page appears.
If the user chooses to accept, the Payment page appears. If the user has saved
credit card information on the Registration page, this information appears on the
Payment page. The user can choose that credit card or override the saved infor-
mation and provide new credit card information. If the user adds new credit
card information, he or she should have the option of adding the new informa-
tion to the saved Registration information. After the user selects or enters credit
card information, he or she can:
● Cancel the order.
● Modify the order.
● Continue shopping.
● Submit the order.
If the user submits the order, a confirmation page with the order number
appears.
● Shipping choices – The following shipping choices must be supported:
● Ground delivery
● Second-day delivery
● Overnight delivery
● International delivery
● Order status notification – Users can choose to receive e-mail notification of

order status.
● Shipping calculation – Shipping costs are calculated based on the shipper type
(such as UPS) or other rules determined by the site owner.
● Tax calculation – Tax must be calculated based on rules set by the site owner.
These rules should include:
● Location of sale
● Shipping address
● Type of merchandise
The tax information is displayed on the Order Summary screen during checkout.
IT-EBOOKS.DIRECTORY
● Order summary – This screen displays the address, product description(s),

product cost(s), shipping charges, taxes, and total cost (if appropriate), for each
order.
● Address book – Registered users are placed in the address book. This book can
hold unlimited shipping address information, although the site owner can set
limits.
● Order cancellation – Users must be able to cancel orders at any time before they
are submitted. When a user cancels an order, the Shopping Cart basket empties.
Saved products are not affected.
System Requirements
The site must meet the following system-wide requirements:
● Globalization – The application should have the ability to be customized for
different cultural contexts. That is, the interface colors, navigation layout, page
structure, and language should be modifiable.
● Performance – Users should experience consistent performance each time they
visit the site. The site should perform as well as other enterprise e-commerce
applications in use.
● Scalability – The site should scale both up and out. Response time should be
quicker if faster disks and CPUs are added or if more RAM is added. Response
time should also improve if more servers are added to the Web farm. Servers in
the Web farm should be able to handle requests appropriately.
● Availability – The site should be functioning and should have no single point of
failure. It should trap errors, and errors should not prevent users from accessing
authorized areas of the site. The site should accept users at all times.
● Manageability – There should be a management interface that allows for the
modification and management of company reports, catalogs, orders, shipping
costs, tax rates, and user accounts.
● Security – The site should protect confidential information such as credit card
numbers. The site should display the privacy policy and any pertinent copyright
information. User IDs and passwords should protect sensitive information from
access by unauthorized personnel.
● Accessibility – The site must function properly on multiple client devices. The
site should work on down-level browsers as well as newer browsers.
Production Environment Requirements

The site must be thoroughly tested before it is launched as a production system. The
following types of testing should be performed:
● Usability testing – The site should be evaluated by a number of users to verify
that it is easily understood and navigated.
IT-EBOOKS.DIRECTORY
● Functional testing – The site should be tested to ensure that all features function
as designed and as expected.
● Performance testing – The site should meet appropriate performance bench-
marks (as determined by the project team), even during peak load periods.
● Staging – The site should be rolled out and then fully tested on a test deployment
system that approximates the production system. Test scripts should reflect the
projected maximum number of users and transactions.
● Test report – The full test report should be completed and reviewed prior to site
rollout.
Documenting the Business Requirements

After the basic requirements are identified, they should be captured, communi-
cated, and approved in a Vision/Scope document that identifies the application
business value, requirements and limitations, and the personnel required to plan,
design, and complete the project. Thereafter, the design process can begin.
The next section describes the application design model and design process used in
the creation of ConsolidatedRetail.com.
The MSF Application Model

The ConsolidatedRetail.com application is designed to follow the three-tier model
as defined by the Microsoft Solutions Framework (MSF). This model groups the
services provided by an application into three abstract layers so that the resulting
application can be both flexible and scalable. Any one layer can be altered without
adversely affecting the other two, thus allowing the application to change and grow
as user demand and technology changes dictate.
The three tiers are:
● Presentation services – The presentation services of an application are used to
render data for display to the user and accept user input.
● Business services – Sometimes referred to as application services, the business
services of an application enforce the business rules. In a typical e-commerce
application this might include ensuring that a user is authenticated before
allowing that user to place an order, retrieving appropriate content based on a
user’s profile, and verifying that all of the steps involved in processing an order
are performed in the correct sequence.
● Data services – The data services in an application include the logic necessary
to store, retrieve, and modify data, as well as the data integrity rules that the
application must enforce. In an e-commerce application this might include
processing of catalog, user, and order data.
IT-EBOOKS.DIRECTORY
Note: You can find more information about MSF at http://www.microsoft.com/msf/
Why Use the MSF Application Model?

In addition to the flexibility and scalability benefits discussed earlier, the MSF three-
tiered application model has distinct advantages in terms of developing, deploying,
and managing the application over time. The primary advantages to using the MSF
three-tiered approach to application architecture are that it provides:
● Abstraction – Because the services are abstracted from one another, each tier of
the application can be developed, maintained, and enhanced independently
of the others. Thus, three different development teams can work on the same
application project.
● Distribution – Because logical tiers are independent, they can be deployed in a
distributed fashion across multiple servers.
● Reuse – Different client devices can use the services provided by each tier. For
example, the business services for an e-commerce site could be used by one set of
presentation services to provide a Hypertext Markup Language (HTML) inter-
face for a Web site and also by another set of presentation services for a mobile
phone that has Wireless Application Protocol (WAP) enabled. Some of the busi-
ness services can also be configured as Web services by various line-of-business
(LOB) applications or by complementary applications supplied by trading
partners.
In addition to following the three-tiered design model, the designers and develop-
ers of ConsolidatedRetail.com followed the MSF design process. The next section
describes this process.
MSF Application Design Process

The first step in building an effective application of any kind is to create an effective
design. There are many approaches to software design, each with its own strengths
and weaknesses. When deciding on the design process you want to use, you should
be sure that the process provides distinct phases that progress toward an actual
software implementation, and that the process is flexible enough to incorporate
requirement changes during these phases.
The MSF application design model not only defines the services-based architecture
for a distributed application, but it also defines an iterative design process where
software is designed in a sequence of conceptual, logical, and physical phases.
● Conceptual phase – The conceptual phase views the challenge from the perspec-
tive of the user and/or the business. The primary goal of the conceptual phase is
to define the challenge and the solution concepts.
IT-EBOOKS.DIRECTORY
The functional specification document is the end result of the conceptual phase.
● Logical phase – The logical phase views the design objectives and challenges
from the perspective of the project team. The primary goal of the logical phase is
to map the conceptual design into logical components.
The team uses the user scenarios (or use cases) identified in the conceptual phase
to build a logical model of the components in an object-oriented software solu-
tion. Object-oriented solutions encapsulate business functionality in software
representations of real-world objects, which are defined by classes in an object-
oriented design.
● Physical phase – The physical phase views the design objectives and challenges
from the perspective of the developer. The primary goal of the physical phase is
to apply the logical design to physical requirements and constraints.
Because the physical phase approaches the design problem from the perspective
of the developer and the task is to define the physical implementation, the
technical specification document is the product of the physical design phase.
Conclusion
This chapter provided a general overview of e-commerce requirements, as well as
the specific requirements outlined for the ConsolidatedRetail.com application. It
also provided an overview of the MSF application model and design process. The
next chapters discuss in greater detail the conceptual, logical, and physical design
phases and the deliverables produced at each phase along the way.
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
4
Conceptual Design Phase
During the conceptual design phase, the design team identifies and documents
the complete project vision, based on the previously identified business and user
requirements. The team prepares usage scenarios (derived from use cases) based
on these requirements and then creates a functional specification document that
explains in detail how the application will work from the viewpoint of both the
user and the business or supplier of the e-commerce application. This functional
specification document is the end deliverable of the conceptual phase.
The design team creates usage scenarios by elaborating upon use cases. A use case
is simply a textual description of an interaction between an external actor (which
can be a user or an existing system) and the application (or components) being
designed. Actors can also be services, components, and so forth, as well as users.
The two main pieces of information to determine when creating use cases are the
actor’s action and the expected result. Use cases are typically sketched out during a
whiteboard (or brainstorming) session in which they are quickly outlined and given
descriptive names. They are then worked out in more detail and ordered somewhat
linearly.
The remainder of this chapter describes each of the usage scenarios developed for
the ConsolidatedRetail.com application and provides use case diagrams of the
action(s) that each scenario portrays.
Reference Architecture Usage Scenarios

During the conceptual design phase, the designers of the Reference Architecture
application identified the usage scenarios described in the following sections.
IT-EBOOKS.DIRECTORY
Usage Scenario 1: A Customer Logs On to the Site

To log on, a customer navigates to the logon page, and then enters his or her user
name and password. The user name and password are authenticated by the system.
If the user enters a valid user name and password, a page appears containing links
that allow the user to update user profile information and view his or her order
history, as described in Usage Scenario 8.
If the customer leaves the user name field blank, the user is informed that the user
name field must be filled in.
If the customer leaves the password field blank, the user is informed that the
password field must be filled in.
If the customer enters an invalid user name, the logon page is redisplayed with an
error message indicating that the user name is invalid.
If the customer enters a valid user name but an invalid password, the logon page is
redisplayed with an error message indicating that the password is invalid.
If the customer indicates that he or she forgot the password, the customer is pre-
sented with the option of entering a user name and receiving the password in an
e-mail message.
After the customer logs on, he or she may be greeted with a personalized message
or a list of products he or she may be interested in, based on prior purchases.
Figure 4.1 is a use case diagram that illustrates the logon function:
ConsolidatedRetail.com
Login
Customer
Figure 4.1
Logon Function
Usage Scenario 2: A Customer Searches for Products

An anonymous or authenticated customer can search for products by entering the
title, text, a description of a product, or text combined with search parameters (such
as greater than [>], less than [<], or equal [=]). The system displays all products that
match the criteria or keywords entered.
In addition, the customer can navigate to the search box and search for products by
entering a partial product name. The system displays products that most closely
match the search criteria.
IT-EBOOKS.DIRECTORY
Chapter 4: Conceptual Design Phase 45
Figure 4.2 is a use case diagram that illustrates a customer initiating a search:
Login
<<include>>
Customer
View Product
Figure 4.2
Customer Initiating a Search
If the customer enters a product name and that product is not available or if the
customer enters an incorrect product name, the search results display a message
indicating that no products matched the search criteria.
If the customer enters keywords or parameters that do not match descriptions of
products, the system displays a message indicating that no products matched the
search criteria.
Usage Scenario 3: A Customer Browses for Products

The Web site contains a number of catalogs, or groups of related products. To
browse, a customer selects a catalog. The categories and products in the root of the
selected catalog are displayed. The customer can then select a category and view
the products and subcategories in the selected category or select a product to view
its details.
Figure 4.3 is a use case diagram that illustrates the browse process:
ConsolidateRetail.com
Browse Catalog
<<include>>
View Product
Figure 4.3
A Customer Browses
IT-EBOOKS.DIRECTORY
When a customer selects a product to view its details, the customer sees a picture
and a text description of the product. The customer may also see a list of related
products or a list of products that other customers bought at the same time that
they bought this product.
The customer can return to the catalog to continue browsing or go directly to the
next or previous product detail page.
Usage Scenario 4: A Customer Uses a Shopping Basket

A customer can use the following three basket types:
● Shopping Cart basket. This basket contains products that a customer is consid-
ering for purchase during this visit. Both anonymous and authenticated users
can use this type of basket.
● Save for Later basket. This basket contains products that a customer is consider-
ing for a future purchase. Only authenticated users can use this type of basket.
● Public or private shopping list. This basket contains products that a customer
purchases repeatedly or purchases for a specific purpose. Only authenticated
users can create, edit, or use this type of basket. (Shopping list usage is covered
in greater detail later in this chapter.)
When a customer displays a basket, the basket can be empty or it can contain
products that the customer added during the current session or didn’t purchase or
delete during a previous visit.
If the basket is empty, the application displays a message informing the customer
that the basket is empty.
If the basket contains one or more products, the application displays the following
information:
● A Shopping Cart basket shows the product name, options selected (such as size
and color), quantity, price per product, and total for each product, and the total
amount for all products selected.
● A Save for Later basket shows the product name and options selected (such as
size and color). It does not include quantity, totals, or prices.
● A shopping list shows the product name, options selected, and quantity. It does
not include pricing information or totals.
If the customer chooses to add a product to the Shopping Cart basket, the customer
locates the product on a shopping list, by browsing, or by using the search feature,
and selects the product. The product is added to the Shopping Cart basket. The user
can then move the product to the Save for Later basket or copy it to a shopping list.
If the customer chooses to save a product for purchase later, the product is moved
to the Save for Later basket and is deleted from the current shopping basket. Simi-
larly, if the customer wants to purchase a product contained in the Save for Later
IT-EBOOKS.DIRECTORY
basket, the product is moved to the Shopping Cart basket and removed from the
Save for Later basket. If the customer chooses to add the product to a shopping list,
the product is copied to the shopping list, but it is not removed from the Shopping
Cart or Save for Later basket.
If the customer chooses to delete a product, the application removes that product
from the basket or list.
If the customer chooses to delete all products, the application removes all products
from the basket or list.
If the customer changes the quantity of a single product, the application updates the
basket to reflect that product quantity (Shopping Cart basket only).
If the customer updates the basket, the application recalculates the products and
totals for each product line of the basket, and also recalculates the grand total for all
products in the basket (Shopping Cart basket only).
When the customer has finished reviewing or updating a basket, the customer can
choose to check out or continue to shop.
Figure 4.4 is a use case diagram that illustrates the use of a Shopping Cart basket:
Remove All Items
View Product
<<include>>
Customer
<<include>>
Change Quantity Update Cart
<<include>>
View Basket
Figure 4.4
A Customer Manages the ShoppingCart
Usage Scenario 5: A Customer Creates a Shopping List

An authenticated user can create a public or private shopping list that contains
products such as the contents of a favorite recipe, required materials for an activity
or class, or a list of products that the customer purchases repeatedly. The products
in a shopping list are not part of the current order, nor are they part of a save for
later basket.
The user creates and provides a name for the list, specifies whether it is a public or
private list, selects products to add to it, and then saves the list.
IT-EBOOKS.DIRECTORY
A customer can add products to a new or existing shopping list that he or she
created, purchase products from a public shopping list, purchase products from a
private shopping list that he or she created. The customer can also convert a private
shopping list that he or she created to a public list or vice versa.
To add a product to a shopping list, the customer locates and selects the product,
and then indicates that the product is to be added to the specified list.
Figure 4.5 is a use case diagram that illustrates the create list process:
Create list
Search for Products
Customer
<<include>> Save list as
Add product to list public or private
<<include>>
Specify quantity
<<include>>
Review List
Figure 4.5
A Customer Creates a Shopping List
The user who creates a shopping list is the only user who can perform management
operations on that list. Management operations include:
● Editing the list of products.
● Adding products to the list.
● Removing products from the list.
● Changing the list from public to private or from private to public.
● Deleting the list.
Usage Scenario 6: A Customer Shops from a Shopping List

A customer can shop from a public shopping list created by someone else or from a
private shopping list that he or she created. To shop from a private shopping list,
the customer must first be authenticated. To locate a public shopping list, the
customer searches by the user name of the list creator. When the customer displays
a shopping list, the list may be empty (in which case, it isn’t a list at all), or it may
contain products.
IT-EBOOKS.DIRECTORY
If the list is empty, the application displays a message informing the customer that
the list is empty.
If the list contains one or more products, the application displays the product name
and quantity for each product.
If the customer chooses to purchase a product or products from the list, the cus-
tomer selects the products to be purchased, and then specifies whether the products
are to be ordered now or saved for later.
If the customer chooses to save a product for purchase later, the product is copied
to the Save for Later basket. Similarly, if the customer wants to purchase a product
now, the product is copied to the Shopping Cart basket. In either case, the original
list remains unchanged.
When the customer finishes shopping from the list, he or she can choose to check
out or continue to shop.
Figure 4.6 is a use case diagram that illustrates the use of a shopping list:
Locate list
View list
Customer
Select products <<include>> Update
to purchase now shopping basket
Select products <<include>> Update save for

to purchase later later basket
Figure 4.6
A Customer Shops Using a Shopping List
Usage Scenario 7: A Customer Completes a Purchase

The customer indicates that he or she is ready to check out and purchase the prod-
ucts in the Shopping Cart basket.
If the customer is not currently logged on, the customer is required to enter a valid
user name and password as described in Usage Scenario 1. The application then
displays the list of shipping addresses associated with the current user. The cus-
tomer can choose one of these addresses, edit an address, or add a new address. The
customer can also specify that different products in the shopping basket be shipped
to different addresses.
IT-EBOOKS.DIRECTORY
If the customer specifies a single shipping address, the application prompts the
customer to select a shipping method from the list of available shipping methods.
If the customer specifies that multiple addresses be used, the application prompts
the customer to select an address and shipping method for each product in the
shopping basket.
If the customer chooses to add or edit an address, the application redirects the
customer to one of the shipping information pages described in Usage Scenario 8.
After the customer provides the shipping address and shipping method informa-
tion, the application prompts the customer to confirm the billing address and
provide the credit card type, account holder name, account number, expiration
month, and expiration year.
If the customer does not specify a billing address, the application displays a page
that allows the customer to specify a billing address as described in Usage Scenario 8.
Figure 4.7 is a use case diagram that illustrates the checkout functionality:
<<include>>
{if anonymous}
Checkout Login
<<include>>
Edit Shipping Address Add New Shipping Address
<<include>>
Edit Billing Address Add New Billing Address
Figure 4.7
A Customer Checks Out
Next, the application displays a page with a summary of the order, shipping, and
payment information. The customer can confirm the order or modify the information.
If the customer chooses to modify the order, the customer is returned to the Shop-
ping Cart basket page as described in Usage Scenario 4.
If the customer confirms the order, a message thanking the user and a unique order
number are displayed.
Finally, the application sends out an order confirmation e-mail message to the user
that confirms the purchase.
IT-EBOOKS.DIRECTORY
Usage Scenario 8: A Customer Provides Shipping and Payment

Information
If a customer browses the site anonymously, he or she must enter a user name and
password as described in Usage Scenario 1. The My Account page contains links
to pages that allow a customer to change account information, change shipping
address information, change billing address information, change the password, and
view order history.
If a customer chooses to change his or her account information, the application
displays a page that allows the customer to edit the first name, last name, e-mail
address, phone number, and fax number for the account.
If a customer chooses to edit address information, the application displays a page
that lists each address associated with the account. A customer can add a new
address or edit or delete an existing one.
If a customer chooses to add a new address, the application displays a page that
prompts the customer to supply a name for this address entry, a recipient name,
two lines of street address information, a city, a state, a zip code, and a phone
number.
If a customer leaves the Listed As, Recipient Name, Address Line 1, City, State, or
Zip Code field blank, the application prompts the customer to fill in the missing
data. If the customer chooses to edit an address, the application displays the ad-
dress fields and the customer can modify them. If the customer chooses to delete
an address, the application deletes the address record from the account.
If a customer chooses to change his or her billing address, the application displays a
page that prompts the customer to supply a name for a particular address entry, a
recipient name, two lines of street address information, a city, a state, a zip code,
and a phone number.
If the Recipient Name, Address Line 1, City, State, Zip, or Listed As field is left
blank, the application prompts the customer to enter the missing data.
If a customer chooses to view his or her order history, the application displays a
page that shows the details of orders that the customer placed previously.
If a customer chooses to change his or her password, the application displays a page
that prompts the customer to enter the old password, the new password, and
confirmation of the new password. When the customer submits this data, the
application checks that the old password matches the password in the account and
the new password matches the confirmation. If they all match, the system changes
the password associated with the customer. If they don’t match, an error message
appears, and the application prompts the customer to change the password again.
Figure 4.8 on the next page is a use case diagram that illustrates this scenario.
IT-EBOOKS.DIRECTORY
Edit Shipping Address Add New Shipping Address

<<include>>
Add Address
Edit Billing Address Add New Billing Address <<include>>
Edit Profile
Figure 4.8
A Customer Provides Shipping and Payment Information
Conclusion
This chapter described the process for identifying usage scenarios and developing a
conceptual design for an e-commerce application. Figure 4.9 is a use case diagram
that illustrates the cumulative usage scenarios for customer purchase activities:
Consolidated Diagram
Browse Catalog <<include>>

View Product
Search <<include>>
View Basket
<<include>>
<<include>>
Change Quantity Update Cart
<<include>>
Remove Item Remove All Items
Login
<<include>>
{if anonymous}
Checkout
Edit Billing Address Add New Biiling Address <<include>>
Add Address
Edit Shipping Address Add New Shipping Address <<include>>
Figure 4.9
Cumulative Usage Design Diagram
IT-EBOOKS.DIRECTORY
Usage scenarios and the use cases from which they are derived should describe the
expected behavior of the application in multiple business processes. Usage sce-
narios should also provide a conceptual description of what the application must
do, and provide the basis for the logical design of the components in the applica-
tion. And, because the design process is iterative, new use cases can be incorporated
into the design if a previously undiscovered interaction is identified later in the
development process.
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
5
Logical Design Phase
The goal of the logical phase is to convert the functions that were defined in the
conceptual phase into an abstract model that identifies the cooperating logical
components that support the solution.
The resulting logical design does not identify specific technologies. Instead, the
objective of this phase is to analyze and understand the functionality before making
any technology commitments. For example, when a team designs an e-commerce
solution, in the logical phase, a component called Users might be identified as a
necessary service that keeps track of the collective set of users who are accessing the
application. In the physical design phase, however, the design team could choose
to use Microsoft® Commerce Server 2000. In this case, the MSCSProfileService
component in Commerce Server provides the physical implementation of the
Users component.
If the final application design includes custom components (that is, components
that are not provided in available solutions or products), the corresponding compo-
nents identified in the logical phase can be translated directly into the physical
phase. For example, if a user object is defined in the logical phase and the team
decides that this object is to be a custom object, the logical design for the user object
would be repeated in the physical phase.
The remainder of this chapter outlines the logical design process used in the design
of ConsolidatedRetail.com and provides detailed descriptions of the logical compo-
nents required to meet the usage scenario requirements.
Creating the Logical Design

The first step in the creation of a logical application design is to identify the busi-
ness objects (the components) that will provide the required functionality. In addi-
tion to identifying the required objects, the team must identify the behaviors,
IT-EBOOKS.DIRECTORY
attributes, and relationships that each object has. The team uses the usage scenarios
created in the conceptual phase to identify these objects and their relationships,
behaviors, and attributes.
For example, the following is Usage Scenario 3:
The Web site contains a number of catalogs, or groups of related products. To
browse, a customer selects a catalog. The categories and products in the root of
the selected catalog are displayed. The customer can then select a category and
view the products and subcategories in the selected category or select a product
to view its details.
The team then analyzes this scenario to identify the aspects that support the solu-
tion. The team performs the following tasks:
1. Identify the business objects in the scenario.
2. Identify the behaviors of these objects.
3. Identify the attributes, or properties, of the objects.
4. Identify the logical relationships between the objects.
These tasks are described more fully in later sections of this chapter.
After these tasks are completed and documented for each usage scenario, the team
is finished with the logical design phase. Refer to the “Completed Logical Design”
section later in this chapter for an example of the completed design for the
ConsolidatedRetail.com application.
Unified Modeling Language

The Unified Modeling Language (UML) is a tool used to illustrate how systems
work. It can be very useful in describing a system visually in order to analyze it
more fully. Using UML is an easy way to diagram components, interactions, rela-
tionships, and more.
Often, UML is used in the logical phase to facilitate the analysis of the design.
The following sections, which describe the tasks involved in creating a logical
design, each provide examples of simple UML diagrams.
Identifying Objects
When analyzing a usage scenario, the first task is to identify the objects in it. An
object is generally a business entity or process that appears in the usage scenario.
For example, in the following paragraph, the objects are identified in bold:
The user selects a catalog to browse. The categories and products in the root of the
selected catalog are displayed. The user can then select a product to view its details
or select a category and view the products and sub-categories in the selected category.
IT-EBOOKS.DIRECTORY
Chapter 5: Logical Design Phase 57
In this scenario, the following objects are used:

● User
● Catalog
● Categories
● Product
● Products
Figure 5.1 is a UML diagram that illustrates the objects identified in this example.
User Catalog Categories Product Products
... ... ... ... ...
... ... ... ... ...
Figure 5.1
Objects
These five objects serve as the base objects for this scenario; however, there are
situations when additional objects are needed for the scenario to function, even
though these objects are not specifically listed in the scenario. You can identify these
additional objects by examining behaviors that have no apparent objects associated
with them. To identify these objects, you must first identify the behaviors.
Identifying Behaviors
After you identify the obvious set of objects, the next step is to identify their respec-
tive behaviors, also known as methods or services.
To identify object behaviors, you must first evaluate what is being done in the
scenario. For example, in the following paragraph, the actions are identified in bold:
The user selects a catalog to browse. The categories and products in the root of the
selected catalog are displayed. The user can then select a product to view its details
or select a category and view the products and sub-categories in the selected category.
The first thing that happens is that a user selects a catalog. Figure 5.2 is a UML
diagram that illustrates the User object as having the Select Catalog behavior.
User
Select Catalog
...
...
Figure 5.2
User Object Behavior
IT-EBOOKS.DIRECTORY
As mentioned previously, behaviors that have no apparent objects associated with

them must be derived from the scenario. It follows that because the user selects a
catalog, there must be some sort of mechanism that allows a catalog to be selected
from a list of catalogs. You could then logically assume that a Catalogs object, which
manages the collection of Catalog objects, is present. You should add this new object
to the list of objects that were defined.
After you define the Catalogs object, you can define the first action as Select Catalog
and this behavior belongs to the Catalogs object.
You then need to continue to evaluate each sentence of the scenario until you
identify all of the requisite objects and their associated behaviors.
Identifying Attributes
After the behaviors are identified, the next step is to identify the attributes (also
known as the properties), of the objects that have been defined. Attributes are ele-
ments that the solution needs to keep track of. They are placeholders in which data
is retained, or persisted.
You can identify attributes by analyzing the behaviors in the scenario and extract-
ing what elements have to be persisted, or tracked. For example, in the previous
section, the usage scenario specifies that the user is able to view a product. When
a product is viewed, those elements that are shown to the user are attributes of the
product. For example, if the business requires that the product description and price
be shown, those elements become attributes that are identified on the objects.
Figure 5.3 is a UML diagram that illustrates the User object as having the attribute
Name.
User
Select Catalog
...
Name
...
Figure 5.3
User Object Attribute
Identifying Relationships
After the objects, their behaviors, and attributes are defined, the next step is to
identify relationships. Relationships are logical associations between objects.
To identify relationships, it is necessary to analyze how the objects interact with
each other. For example, the Categories object has a relationship with the Category
object because the Categories object, which manages the collection, contains Cat-
egory objects.
IT-EBOOKS.DIRECTORY
Chapter 5: Logical Design Phase 59
It is important to note that there is another type of relationship known as inheritance,

which deals specifically with the situation where one object defines another. For
example, if the solution being designed was going to sell food and books but the
designers wanted to logically differentiate between them, then a relationship might
be defined where both Book and Food objects are a type of Product object. That is,
they both inherit from the Product object.
In the Reference Architecture for Commerce solution, no inheritance relationships
were defined in the logical phase. In some e-commerce solutions, however, relation-
ships may be important.
Completed Logical Design

During the logical design phase for the Reference Architecture application,
ConsolidatedRetail.com, the design team identified the following objects as an
abstract set of components needed to support the solution. (These objects are listed
in alphabetical order, rather than in order of use.)
● Authentication – The authentication object handles user registration and
authentication.
● Catalog – The catalog object persists information about a specific catalog and
manages the collection of products within that catalog.
● Catalog manager – The catalog manager object manages the collection of
catalogs.
● Category – The category object persists information about specific categories.
● Category manager – The category manager object manages the collection of

categories.
● Configuration – The configuration object persists application configuration
information and handles configuration-related tasks.
● Data functions – The data functions object performs data-specific functions, such
as opening a connection to a database.
● E-mail – The e-mail object is used to send electronic mail messages, such as order
confirmation messages, to the users.
● Error handler – The error handler object is called when an error occurs. It handles
the user-friendly error translation and log errors.
● Order – The order object persists information about specific orders.
● Product – The product object persists information about specific products.
● Search – The search object is used to search the catalogs and return the results of
product searches.
● User – The user object provides a means by which information is persisted about
specific users. In addition, it manages the collection of user orders.
● User manager – The user manager object manages the collection of users.
IT-EBOOKS.DIRECTORY
Figure 5.4 illustrates how the primary objects relate to one another and to the use
cases identified in Chapter 4.
aCustomer aCatalog aCategory aProduct
Browse()
Categories()
ViewProducts()
Products()
GetDetails()
ProductDetails()
Figure 5.4
Object Relationships
Conclusion
This chapter described the four-step process for identifying the objects, or business
components, that comprise an e-commerce application, as well as the attributes,
behaviors, and inter-relationships of these objects. The end result of this process is
the creation of a logical design that is used as the basis for the technical design and
specification.
Remember that the resulting logical design does not identify specific technologies.
These technologies are identified in the physical design phase, which is the subject
of the next chapter.
IT-EBOOKS.DIRECTORY
6
Physical Design Phase
The physical design phase is a transition in which real-world physical design
constraints are applied to the logical design. After you identify the logical compo-
nents, the next task is to analyze which pieces already exist, what can be reused or
modified, and what new pieces must be created.
As mentioned previously, the physical design processis approached from the
perspective of the developer. The product of this phase is a complete implementa-
tion design or blueprint, in the form of a technical specification document that the
development team will use to build the application.
The physical phase can be broken into three smaller tasks, as follows:
● Research – The team determines physical infrastructure constraints and solution
requirements, and manages the conflict between the two. Also, the team identi-
fies prospective implementation technologies.
● Analysis and rationalization – The team selects the implementation technologies
that will be used, and decides how to meet the defined business requirements.
● Implementation – The team chooses the programming model, specifies the
component interface, and selects the development language.
The remainder of this chapter discusses each of these tasks in detail, providing
examples where appropriate.
The Research Effort

The first part of the physical phase is to research and gather information about the
following topics:
● Physical solution requirements
● Physical constraints
● Existing technology candidates

IT-EBOOKS.DIRECTORY
Client requirements are implicit in the requirements document and are further
defined during the logical phase; however, the team may need to research and
identify the real world constraints and existing technologies.
Identifying Physical Solution Requirements

Physical solution requirements are requirements that specifically dictate the infra-
structure design. In Chapter 3, the following system requirements were defined:
● Globalization
● Performance
● Scalability
● Availability
● Manageability
● Security
● Accessibility
The following sections expand on each of these topics.
Globalization
Globalization, or internationalization, is the process of developing a program core
where the feature design and code design do not make assumptions based on a
single language or locale and where the source code simplifies the creation of
different language editions of a program.
Globalization allows you to port an application to different cultural contexts. In the
early days of programming, this simply meant supporting multiple languages (for
example, by supporting Unicode), but globalization concerns also affect interface
decisions such as color, navigation layout, page structure, and more.
The globalization process requires careful screening of an application or a Web page
for known geographic and cultural issues. Steps in the globalization process include
researching language and cultural issues, verifying known issues with language
specialists, and, when possible, verifying known issues with company representa-
tives in the specific market locales.
To support these cultural distinctions, you might define the following physical
requirements:
● Use nVarChar instead of VarChar in the database.
● Provide the ability to customize the interface.
Performance
Performance is referred to in terms of total system throughput and response time.
IT-EBOOKS.DIRECTORY
Chapter 6: Physical Design Phase 63
Total System Throughput

Total system throughput is measured in transactions per second (TPS) and is a
measure of how many specific sets of service requests (known as transactions) that
the system can perform. In the case of an e-commerce application, the transaction
might consist of the following things carried through in sequence until conclusion:
● User comes to site
● User browses catalog to item
● User adds item to Shopping Cart basket
● User registers.
● User checks out.
TPS is then the maximum number of these transactions that the system can process
per second. As stated in the business requirements, the Reference Architecture for
Commerce application is designed to handle at least 4,800 of these transactions per
hour, when the following development configuration is used:
● 4 PIII 500mhz, 1GB RAM, servers running Microsoft® Internet Information
Services (IIS) and Microsoft Commerce Server
● 1 PIII 500mhz, 1GB RAM, server running Microsoft SQL Server™
Response Time
Response time is the amount of time between a user request and the system re-
sponse; it is the most relevant measure of performance for the user. Response times
are typically expressed as a percentage and response, for example, “90 percent of all
requests should respond within 5 seconds” means that the user should have to wait
no longer than 5 seconds for 90 percent of the requests that he or she makes before
the user should assume that the application is no longer functioning properly.
The requirement of the Reference Architecture for Commerce application is 95
percent within 5 seconds.
Scalability
Scalability is the ability of the site capacity to increase when resources are added. To
the user community, this means the ability of the site to continue to provide accept-
able response times when a large volume of users accesses the site concurrently.
As explained earlier, there are two approaches to scalability, scaling up and
scaling out.
Scaling Up
Scaling up is achieved by adding more processing power to the servers in the form
of more and/or faster CPUs, more RAM, faster disks, and so on. This approach can
be very effective, particularly in the data tier, where very large databases require
IT-EBOOKS.DIRECTORY
respectively large processing power. However, this approach becomes less cost-
effective the closer to the top end a server is because hardware costs rise exponen-
tially with processing power.
Scaling Out
Scaling out involves sharing the processing load across multiple servers in a cluster,
known as a Web farm. Web farms are a much more cost-effective use of hardware
and provide a more flexible and extensible solution. As the load on a site increases,
servers can be easily added to the Web farm.
To enable scaling out, you must avoid using server-specific session memory, such as
the Session object in Active Server Pages (ASP), to persist information. This is due
to the following:
● User sessions become tied to particular servers (session affinity), which under-
mines network load balancing strategies for dynamically assigning requests to
servers. This also undermines the reliability of server farms because a user’s
session cannot be transferred to another server if the original server fails (and
loses the session state information in its memory).
● Memory resources are consumed on the front-end server for persisting the
details of users’ session state, reducing the availability of memory for processing
requests, and caching content. Given the number of users that a popular site can
attract in a short time, the memory requirements for state maintenance can be
excessive. To combat some of the memory requirements, Commerce Server
implements heavy use of caching. Profile schemas, discounts, and campaigns
are all cached.
Availability
Availability is a measure of the ability of clients to connect with and use a resource
at any point in time.
One way to understand high availability is to contrast it with fault tolerance. These
terms describe two different benchmarks measuring availability. Fault tolerance is
defined as 100 percent availability 100 percent of the time, regardless of the circum-
stances. A fault tolerant system is designed to guarantee resource availability.
A highly available resource is almost always operational and accessible to clients.
As such, it can’t have a single point of failure. Server clusters and network load
balancing are two approaches designed to keep system resources available.
Before you deploy a site, you should protect against server failure by using a
combination of the following methods:
● Geographically dispersed data centers
● Uninterruptible dual power supplies
● Data backups
IT-EBOOKS.DIRECTORY
● Clustered servers, where several computers function as a single server

● Data replication
● Network load balancing to share the load across several duplicate servers to
ensure availability, scalability, and a consistent user experience
Manageability
Manageability is the ability to perform site administration tasks. In the case of an
e-commerce application, this includes configuring catalogs, promotional specials,
shipping costs, tax rates, user accounts, and providing a reporting mechanism for
site usage, trends, and so on.
Having an all-pervasive management infrastructure allows business managers to
configure the site to respond to trends in the marketplace and competitor activity.
Security
Security in its most basic form means to ensure protection of data or devices from
unauthorized access or use. In the context of an e-commerce application, the follow-
ing are some of the data that should be secured:
● Sensitive user information
● Credit card numbers
● Non-public product data
There are three main aspects to designing application security: authentication,

authorization, and encryption.
Authentication
There are two main approaches to user authentication in a distributed solution
such as an e-commerce site. These can broadly be described as the impersonation
/delegation model and the trusted server model.
Both models assume that an n-tiered application is in place. Users make a connec-
tion to the middle-tier, in this case, the Web farm, which in turn accesses data
or services from the back-end tier, in this case the SQL Server database. The differ-
ence between the two approaches is the security account used to access the back-
end data.
● Impersonation/delegation model – In the impersonation/delegation model, a
user supplies his or her security credentials to the middle-tier application, which
then accesses the back-end database using that user’s security credentials. The
middle-tier application essentially impersonates the user to retrieve data on his or
her behalf.
Figure 6.1 on the next page illustrates the impersonation/delegation model.
IT-EBOOKS.DIRECTORY
User Jane Jane
IIS SQL
Figure 6.1
Impersonation/Delegation Model
● Trusted server model – In the trusted server model, the middle-tier application
authenticates the user, usually by validating a user name and password combi-
nation. After the middle-tier application is satisfied that the user is who he or she
identifies himself or herself as, it then uses its own security account to access the
back-end database. The user has no access permission to the back-end data other
than through the middle-tier application. In this approach, there are actually two
authentication operations. First, the Web application authenticates the user, and
then the database server authenticates the Web application.
Figure 6.2 illustrates the trusted server model:
User Jane Application
IIS SQL
Figure 6.2
Trusted Server Model
Authorization
Authorization gives access to resources to certain users or services. After a user is
authenticated, he or she must be able to request particular functionality from the
application. Users can be assigned permission, or be authorized to perform some
tasks but not others. In the context of security, it is important that access levels be
restricted to authorized users.
Security specialists often talk about the principle of least privilege. This is a rule of
thumb stating that users should have sufficient permissions to perform the tasks
they need to perform, and no more.
Encryption
Encryption means to encode data to prevent unauthorized access.
Encryption can happen on a number of levels, based on where the encryption
occurs. In general, encryption can occur on the server, the transport, or the client.
IT-EBOOKS.DIRECTORY
Server Encryption
Encryption on the server refers to the process of encrypting data that is stored and
transported within the server infrastructure. Encrypting data within the server
infrastructure ensures that in the event of a security breach, sensitive data that was
accessed would be of no use because it is encrypted.
One example of a situation in which data might be encrypted would be user credit
card data. When the business tier stores a user’s credit card information in the data
tier, it is important to encrypt that data. If a hacker breaches the system and gains
access to the table that holds encrypted credit card information, that information is
of no use to the hacker. If the credit card information is not encrypted, the data
presents a liability to the application.
Transport Encryption
Transport encryption deals specifically with the data that is passed between the
server and client. For example, when a user submits an HTML form to the server,
the data that the user entered into that form travels across a connection, such as the
Internet, using Hypertext Transfer Protocol (HTTP), and then is received by the
server.
This transport presents a potential for data theft or tampering that can be addressed
by encrypting the data during transport. Data that is transported across the Internet
can be encrypted by installing a security certificate on the Web server, configuring a
Secure Sockets Layer (SSL) port for the site, and using HTTPS, the encrypted form
of HTTP, as the transport protocol.
Server certificates can be purchased from one of the certificate authorities listed at
http://www.microsoft.com/security/
You can issue a stand-alone certificate using Microsoft Certificate Services, which
allows you to test SSL security on a single server. Certificates are installed using the
Web Server Certificate Wizard, accessible through the properties of your site in Inter-
net Services Manager.
When you build a site that implements SSL, you should be aware that any hyper-
links or redirects that direct a user from an unencrypted session to an encrypted one
must include the https:// prefix. This specifies that the user’s browser use HTTPS to
communicate to the server.
Client Encryption
Client encryption deals specifically with data that resides on the client. For ex-
ample, if a file is available publicly but it is encrypted, then only people with the
correct decryption key can use the file.
IT-EBOOKS.DIRECTORY
For a typical e-commerce application, client encryption is less important than

transport and server encryption, but some situations may call for its use.
Accessibility
Accessibility is the ability to access the site from a number of different device types
or browsers. The Internet is evolving at an incredible rate, and as such the devices
that access the Internet have grown in their diversity. Building an e-commerce
application that is accessible and functional on many different devices has become a
difficult task.
The key to supporting multiple clients is to abstract the presentation format from
the content. A number of approaches can be used to do this, including writing logic
in ASP pages to generate a different response depending on the client or redirecting
different devices to alternative sites. However, one of the most powerful ways to
abstract presentation logic from content is to use Extensible Markup Language
(XML). If the data to be presented can be expressed as XML, then an Extensible
Stylesheet Language (XSL) style sheet can be applied to render the data for a spe-
cific type of client. This way, the same content can be presented to different clients
by applying different style sheets. Figure 6.3 illustrates this concept:
<XSL> <XHTML> Client
<XML> INTERNET
IIS Client
<XSL> <WML>
Figure 6.3
Abstracting Presentation Format from Content
Identifying Existing Candidate Technologies

Candidate technologies are technologies, products, or services that can be used in a
solution. Using existing technologies is often a cost-effective solution to implement-
ing functionality that would otherwise need to be built. For example, when you
build a Web application, you need an operating system that is a foundation to the
solution; however, it certainly doesn’t make sense to create an operating system.
Just as it may not make sense to build an operating system each time you build an
application, it may not make sense to build all of the pieces of the Web solution
IT-EBOOKS.DIRECTORY
itself. Many experts agree that in the future, entire applications will be built by
using existing services that are simply combined creatively to comprise an
application.
It is important to gather information about potential technologies that you can use
in your solution. During the next portion of the physical design phase, the design
team analyzes this information and determines which technologies, if any, meet the
needs of the particular application in question.
The Operating System

The foundation of any modern application is an operating system. An operating
system not only interfaces with the hardware, but it also provides a common frame-
work on which to build applications. It is important to choose an operating system
that supports object-oriented methodologies and a common framework in which
the application can run and communicate.
Windows 2000 Server provides a rich set of features that can be used by application
developers. Many major e-commerce sites on the Internet run on Windows 2000,
including Buy.com, BarnesAndNoble.com, Dell.com, Intel.com, and others.
Internet Services
Another core piece of a Web-based application are Internet services. A Web-based
application needs an Internet services platform that handles basic Web services,
such as responding to client HTTP, HTTPS, and other requests. A good Internet
services platform should also offer site management and a dynamic content pro-
gramming model.
Microsoft IIS is a Web server built into Windows 2000. IIS offers an extensive Inter-
net services package, including Active Server Pages (ASP), Distributed Authoring
and Versioning (DAV), Web folders, Microsoft FrontPage® Extensions, File Transfer
Protocol (FTP), multi-site hosting, and other support.
Presentation Services
As mentioned in the “Accessibility” section earlier in this chapter, it is important to
separate content from presentation so that content is accessible from multiple
clients. It is also important to make this separation to simplify globalization efforts.
As stated previously, one way to abstract presentation logic from content is to use
XML and XSL together. An alternative to using XML combined with XSL is to build
complex page logic within the ASP pages themselves, relying on things such as the
Browscap.ini file, USER_AGENT strings, and more.
One candidate technology that can fulfill the presentation services role is the
Microsoft XSL ISAPI filter. ISAPI stands for Internet Services Application Program-
ming Interface and is the foundation of IIS. Filters are placed on top of ISAPI and
IT-EBOOKS.DIRECTORY
provide appropriate functionality when the Web server receives a client or service
request. For example, the ASP engine, ASP.dll, is an extension that runs on top of
ISAPI.
The XSL ISAPI filter is designed to intercept all requests for documents with XML
or pre-processed Active Server Pages (PASP) file name extensions. The PASP file
name extension is specific to applications developed in conjunction with the XSL
ISAPI filter. Files with that extension are assumed to be normal ASP files (with a few
restrictions) that generate valid XML rather than HTML output. The output from
the PASP scripts is then transformed according to the same rules that the ISAPI
filter applies to XML files that are requested directly.
After XML is retrieved, the next step in the presentation process is to transform that
data into some type of meaningful markup that clients can display. For browsers,
this might be HTML, for Wireless Application Protocol (WAP)-enabled mobile
phones, this might be Wireless Markup Language (WML). The XSL ISAPI documen-
tation is available for download from the Microsoft MSDN Web site at http://
msdn.microsoft.com/downloads/
Figure 6.4 illustrates the concept of the XSL ISAPI filter:
XSLISAPI
Filter
<XSL> <XHTML> Client
<XML> INTERNET
IIS Client
<XSL> <WML>
Figure 6.4
XSL ISAPI Filter Functionality
Data Services
Another important aspect of building an e-commerce solution is the need to store,
retrieve, and manage data. These services are encapsulated into a database server. It
is important that an enterprise database server deliver high performance, a high
number of concurrent users, and scalability.
IT-EBOOKS.DIRECTORY
Microsoft SQL Server 2000 is a SQL database server that offers enterprise perfor-
mance, scalability, and a high number of concurrent users. It also provides rich
support for XML, tight security, and powerful analysis tools.
Commerce Platform
Building an enterprise e-commerce solution from scratch is very time consuming
and resource intensive. Taking advantage of e-commerce functionality from an
existing product can be a way to significantly shorten time to market as well as cut
development costs.
One such product is Microsoft Commerce Server 2000.
Commerce Server 2000 is a comprehensive product that encapsulates much of the
functionality of an e-commerce solution into one package. Commerce Server 2000
provides advanced management capabilities, as well as a scalability and perfor-
mance. For more information, see the Microsoft Commerce Server Web site at http://
www.microsoft.com/commerceserver/
Analysis and Rationalization

The next part of the physical design phase, after research, is analysis and rational-
ization. Analysis and rationalization is taking the information gathered during the
research process and making decisions based on that information.
Using Existing Technology

When the design team considers using existing technology, it must weigh all of the
factors that could possibly affect the solution. These factors include, but are not
limited to, the following:
● Ability – Will the technology deliver the business functionality?
● Cost of ownership – Is the technology cost-effective? Consider product, develop-

ment, upgrade, license, deployment, and operation costs.
● Experience – What experience and expertise does the technology require? Will
there be training costs? Are there unknowns?
● Maturity and innovation – Is the product mature? Has it been accepted in the
market? Is the product innovative, and does it employ the latest technologies?
Does it stay current?
● Deployment – Will the technology be difficult to implement?
● Supportability – Will the technology be supportable?
● Architecture – Does the technology implement an acceptable architecture? Does

that architecture meet enterprise needs?
● Scalability – Will the technology scale to match growth?
IT-EBOOKS.DIRECTORY
● Interoperability – Will the technology work with the systems already in place
within the organization?
● Performance – Will the technology deliver the performance needed?
● Reliability – Will the technology meet the reliability requirements of the
application?
● Availability – Will the technology handle the application requirements without
causing the solution to fail?
● Manageability – Is the technology easy to manage?
● Security – Will the technology conform to the security requirements?
● Standards compliance – Is the technology in compliance with accepted
standards?
Additional factors, such as project timeline and budget constraints and other in-
house projects that they may be aware of, should also be considered.
Windows 2000 Server

Windows 2000 Server is the operating system for the Reference Architecture for
Commerce because it offers a set of features specifically designed for enterprise
applications. Some of these features include:
● Choice of server type – The Windows 2000 Server platform runs on a variety of
servers. In the context of the Reference Architecture for Commerce solution, it
was important that the application be able to scale both up and out. Depending
on the application load requirement, an organization may choose to deploy the
solution on two or more servers running Windows 2000 Server or Windows 2000
Advanced Server. For maximum performance and load distribution across a
number of servers, you should use Microsoft Windows 2000 Datacenter Server
Network and Network Load Balancing (NLB).
● Scalability – Windows 2000 Advanced Server and Datacenter Server are capable
of scaling out by using Microsoft Windows 2000 Cluster service and Network
Load Balancing.
Cluster services assure continuous service by having two servers, which run the
same application, share a common storage mechanism. If one of these servers
fails, the other one takes over. This allows an application to have zero downtime
by building in redundancy in the system infrastructure.
Figure 6.5 illustrates the concept of clustering.
IT-EBOOKS.DIRECTORY
Client Client Client Client Client
IIS SQL IIS
Disk Subsystem
Figure 6.5
Clustered Servers
The second method that Windows 2000 Advanced Server and Datacenter Server
use to scale out is NLB, which distributes the application load across many
servers by exposing them as a single unit behind a single Internet Protocol (IP)
address. When a server fails in an NLB setup, NLB automatically detects the
failed system, transfers the load to other systems, and then restarts the computer.
Figure 6.6 on the next page illustrates the concept of NLB.
● Availability – By using the Clustering and NLB services provided in Win-
dows 2000 Advanced Server or Windows 2000 Datacenter Server, Windows 2000
Server provides a highly available solution. NLB and Cluster services together
eliminate single points of failure.
● Reliability – The Windows 2000 Server platform has achieved a reliability of
“five nines,” or 99.999 percent uptime, which equates to less than 5 minutes of
downtime a year. In an enterprise e-commerce situation, downtime can mean the
loss of millions of dollars in direct revenue, unhappy customers, and complaints.
Therefore a reliable operating system is integral to an enterprise solution.
IT-EBOOKS.DIRECTORY
IIS SQL IIS
Internet
IIS IIS IIS
SQL
Figure 6.6
Network Load Balancing
IT-EBOOKS.DIRECTORY
● Performance – Windows 2000 Advanced Server and Datacenter Server imple-

ment Symmetric Multiprocessing (SMP) support that enables servers to use
up to 8 processors for Advanced Server and 32 processors for Datacenter Server
efficiently. In addition, Advanced Server includes enhanced memory features
that allow the server to have up to 8 gigabytes (GB) of memory, Datacenter
Server allows up to 64 GB of memory.
● Manageability – Windows 2000 Server provides a diverse set of tools that allow
you to manage your Web site and plug into the Microsoft Management Console
(MMC), so server functions can be managed in a central location. Some of the
administration features of Windows 2000 include event logging, Performance
Monitor, Terminal Services, and Windows Management Instrumentation (WMI).
● Security – Windows 2000 provides a secure environment in which access to
files or services can be rigorously controlled using Active Directory, security/
authentication protocols, and encrypted communication.
● Component services – The Windows 2000 COM+ services provide application
functionality to developers and administrators. This built-in functionality allows
distributed transactional applications to be developed without developing the
underlying infrastructure to support atomic transactions or asynchronous
operations. You can find more information about Windows 2000 Server at http://
www.microsoft.com/windows2000/
Microsoft Internet Information Services (IIS)

Microsoft IIS comes with Microsoft Windows 2000 and provides a rich platform
with which to deliver content using the Internet. Because IIS is fully integrated at
the operating system level, it allows the development and deployment of solutions
that weave directly into the computing infrastructure.
IIS provides Internet services for the Reference Architecture for Commerce solution
because it is included with the operating system and because it has an extensive
feature set. Two key IIS features are ASPand ISAPI.
XSL ISAPI
The XSL ISAPI filter provides presentation services for the Reference Architecture
for Commerce solution. By using the XSL ISAPI filter, content can be completely
separated from presentation, allowing content delivery to be customized without
the need to modify ASP code.
The alternative to using XML combined with XSL is to build complex page logic
within the ASP pages themselves. However, there are two major drawbacks with
this approach; the first is the manageability of the complex display logic within the
code, and the second is the large overhead of running such logic.
IT-EBOOKS.DIRECTORY
The XSL ISAPI intercepts all requests for documents with an XML or PASP file
extension. The PASP file name extension is specific to applications developed in
conjunction with the XSL ISAPI filter. Files with the PASP extension are typical ASP
files (with a few restrictions) that generate valid XML rather than HTML output.
The XSL ISAPI filter then transforms the XML output of the PASP or XML page
using an XSL style sheet, depending on the device that requested it, and then sends
it to the client.
Another benefit of using the XSL ISAPI filter is that it makes the development cycle
more manageable by separating the workload by skill set. For example, a graphic
designer can create the XSL to his or her interface specification, and an ASP devel-
oper needs to be concerned only about delivering the correct data to the interface.
SQL Server 2000

SQL Server 2000 provides data services for the Reference Architecture for Com-
merce solution. It offers a complete enterprise database solution, and Commerce
Server 2000 relies on its data services. For many e-commerce solutions, a single
SQL Server installation clustered on a Windows 2000 Datacenter Server provides
the required level of scalability. For sites requiring an extremely high volume of
stored data, SQL Server databases can be created on multiple servers and distrib-
uted partitioned views can be used to access and update the data across the physi-
cal servers.
Commerce Server 2000

The Reference Architecture uses Commerce Server 2000 because it was built for the
Windows 2000 platform, and because it provides a rich set of development, deploy-
ment, and management tools for e-commerce applications. Commerce Server
provides approximately 80 percent of the objects that were defined in the logical
phase at a fraction of the cost that it would take to develop them. These objects are
implemented as COM objects that can be used in ASP pages.
Commerce Server 2000 provides the following:
● Integration with other services and software features – Because Commerce
Server 2000 was designed specifically for Windows 2000, its architecture inte-
grates fully with the operating system. Commerce Server takes full advantage
of the COM+ features in Windows 2000 Server and provides a solid basis for
enterprise e-commerce applications.
Commerce Server also integrates well with Microsoft BizTalk™ Server, allowing
it to offload certain process management features and external communication.
● Pipeline components – Pipeline components are configurable sets of custom
COM objects that are called in sequence to perform particular business pro-
cesses. In a Commerce Server solution, most custom business classes can be
IT-EBOOKS.DIRECTORY
implemented as pipeline components to provide a simple way to manage busi-

ness processes. (Pipeline components are simply COM components that imple-
ment a well-known interface, IpipelineComponent). This allows Commerce
Server to identify them as Commerce Server-friendly components, which are
then called by the pipeline.
In the Reference Architecture application, pipeline components handle processes
such as customer order processing and ensure that the necessary tasks to process
an order are performed in sequence.
● Management infrastructure – Designing and building a management frame-
work for an e-commerce site is not just a resource-consuming task, it is typically
viewed as a project that can be larger than the e-commerce application itself. The
management infrastructure of Commerce Server was a major selling point in the
decision to use Commerce Server.
The Commerce Server Business Desk is included with Commerce Server. The
Business Desk is an application that is based on Dynamic Hypertext Markup
Language (DHTML) and runs on Microsoft Internet Explorer 5.5 or later; it
allows an administrator to remotely manage auctions, promotional campaigns,
catalogs, orders, users, and provides a rich set of analysis tools.
Because Business Desk is completely DHTML-based, it can be used to remotely
administer e-commerce solutions built on Commerce Server. This approach
places the Business Desk application load on the client without affecting the
performance of the e-commerce site.
Passport Authentication
The Reference Architecture application provides its own authentication mechanism
as well as support for the Microsoft Passport single sign-in (SSI) service. Passport
allows members to use one sign-in name and password at all participating Web
sites. It is one of the foundation technologies for Microsoft’s future Internet direc-
tion (that is, .NET). Passport uses standard Web technologies and techniques such
as SSL, HTTP redirects, cookies, JavaScript, and strong symmetric key encryption
(Triple DES) to deliver the single sign-in service. No software download is required
for members, and Passport is compatible with Internet Explorer version 4.0 and
later, Netscape Navigator version 4.0 and later, and some of the more popular UNIX
versions.
Passport single sign-in is somewhat similar to the forms-based authentication
model that is commonly used on the Web today. The Passport network extends
this model to work across a distributed set of participating sites, while preserving
members’ privacy and security and the site’s ability to appropriately customize
and brand the sign-in experience.
For more information about Passport and to obtain the Passport software develop-
ment kit (SDK), see the Web site at http://www.passport.com/
IT-EBOOKS.DIRECTORY
To obtain the SDK, you must first obtain Passport credentials.

If you need to implement an alternative authentication method in the Reference
Architecture application, you can use the Passport implementation as a reference
example, and then make the necessary changes to support the technology you
want to use.
Meeting the Business Requirements

After determining which existing technologies can be used, the team must deter-
mine how it will meet the business requirements identified earlier. To meet these
requirements, the team must make some key decisions about tools, processes, and
approach. It’s important to view these decisions in the context of the specific busi-
ness requirement that must be met.
Globalization
As identified earlier, globalization is the ability to port an application to different
cultural contexts. To satisfy this requirement, the content and presentation delivered
to the user needs to be globalized. During globalization, the content should be
divided into two types: static content and dynamic content. Each type of content
carries with it distinct globalization challenges as follows:
● Static content — This includes both the text on the interface and the interface
itself; it must be localized for a given culture or language. The XSL ISAPI filter
facilitates this by allowing the development team to use different interface
designs for different languages and then deploy the application as different Web
sites or different virtual directories. That way a user can choose his or her lan-
guage and then be redirected to the appropriate site.
Note: The Reference Architecture application is not globalized; however, the application
does use the XSL ISAPI filter and thus includes the capability to permit globalization to
be done.
● Dynamic content — This consists of content that the application generates as it is

needed. To support dynamic content in different languages, an application must
support different character sets. The Unicode standard is a character set that
includes all of the characters of the world’s languages. Using the Unicode stan-
dard ensures that all languages can be represented in dynamic data. To support
the Unicode standard, all database fields that persist character data must use
data types such as nVarChar, nChar, and so on. The business tier must also
support the use of Unicode.
For this reason, the Reference Architecture for Commerce solution uses the
Unicode standard throughout the application.
IT-EBOOKS.DIRECTORY
Performance
To maximize performance, the design team must make several key decisions. To
maximize total system throughput (that is, the overall efficiency and performance of
the application) the design team identified the following areas of concern:
● Minimizing marshaling
● Language choice
● Asynchronous processing
Minimizing Marshaling
One way to boost system throughput is to minimize marshaling. A good way to do
this is to reduce the number of remote procedure calls made from the Web site to
components elsewhere. Many e-commerce sites are hosted on a farm of dedicated
Web servers and the business components are located on a separate cluster of
application servers. Although this is a valid architecture for security reasons, espe-
cially when the application servers are separated from the Web farm by a firewall or
packet-filtering switch, it has a detrimental effect on response time because each call
to a component must be marshaled across a network connection.
The Reference Architecture for Commerce application has components deployed on
the same server as the Web site; therefore, it avoids cross-network marshaling and
thus improves response time. (Commerce Server provides most of the business
components used by the Reference Architecture application; they are installed on
the Web server.)
Language Choice
Language choice can also impact performance. For example, although components
created for the Commerce Server pipeline can be scripted, for an enterprise applica-
tion, the components should be built in a lower-level language such as the Visual
Basic® development system or C++ for maximum performance. Although ActiveX
Data Objects (ADO), for example, runs at nearly the same speed in a Visual Basic
component as a C++ component, complex business routines can run faster in C++.
For this reason, most components in the Reference Architecture for Commerce
application were built using C++.
Asynchronous Processing
To maximize response time, many processes should be designed to run asynchro-
nously. For example, if a user checks out, the user does not need to wait for
the system to send an e-mail confirmation before the user receives an interface
response.
IT-EBOOKS.DIRECTORY
Scalability
Addressing scalability issues can be a large undertaking. The first method of scaling
an application is scaling up; it consists of adding performance-enhancing hardware
to a single server, thereby improving speed. While relatively few design consider-
ations need to be made to scale up, this can be a very expensive way of meeting
increased demand because hardware costs rise exponentially with performance.
The other method of addressing scalability consists of adding more servers and is
known as scaling out. Although scaling out can be more cost effective in terms of
hardware, it does involve a number of design considerations. As discussed previ-
ously, the biggest issue when scaling out is maintaining session information.
To scale out successfully, the Reference Architecture application does the following:
● The ASP Session object is not used to maintain session state because it introduces
server session affinity and requires IIS to maintain session state in memory.
● With the assistance of Commerce Server objects, the user session state is saved
to a database between page requests and retrieved with each new page request.
Although this approach to session maintenance entails some additional database
overhead with each page request, it serves the scalability requirements of the site
quite well. A single high-end database server (or cluster) can provide state
persistence services for an entire farm of front-end servers.
● A per-session cookie is issued to users as they log on and is used as a ”look-up
field” to retrieve the state data for the relevant user account. Per-session cookies
are not stored on the user’s hard disk, so they are more likely to be enabled on
even the most security-conscious user’s browser. If per-session cookies are
disabled in a user’s browser, the user will not be able to log on to the site.
Manageability
A strong management infrastructure is a direct product of choosing Windows 2000
Server and Microsoft Commerce Server. As noted earlier, Commerce Server pro-
vides a powerful administration and management interface in Business Desk, and
Windows 2000 provides a powerful administration and management interface
through the Microsoft Management Console and other features.
Security
The following sections describe the security requirements defined for the Reference
Architecture application.
Authentication
Of the two models identified, impersonation/delegation and trusted server, the
design team chose the trusted server model as the authentication scheme for the
Reference Architecture for Commerce application.
IT-EBOOKS.DIRECTORY
Because the impersonation model impersonates each user, the solution must man-
age accounts for each user that accesses the site. In a small intranet-based applica-
tion where there are few users and restrictions are user-based, the impersonation
model works well; however, in larger solutions, the impersonation model can
quickly get out of hand. Therefore, the design team chose the much simpler trusted
server model, which offers better performance and less management headache.
Authorization
To adhere to the principle of least privilege as outlined in the research portion of the
physical phase, the team made the following the following deployment recommen-
dations and design decisions:
● IIS virtual root permissions. When deployed, the site should be set to allow
read-only permissions to the virtual root.
● NTFS permissions. When deployed, the Windows account used for anonymous
access should be given read-only permissions to the folders containing the Web
application files.
● Anonymous customer permissions. The Reference Architecture for Commerce
solution should use a cookie to identify users who have not been authenticated
and should redirect them to the Logon page when they want to check out or
access any of the profile management pages.
● Authenticated customer permissions. Even users who are authenticated should
have some restrictions placed upon them. For example, systems administrators
could use the Commerce Server Business Desk tools to restrict access to specific
profile settings by hiding them from the user or allowing read-only access.
In the database itself, there are more authorization issues. The only direct access
users have to the database are the permissions assigned to the account used by the
middle-tier application (in this case Commerce Server) and should be restricted to
the minimum necessary to provide data services to the site. For this reason, state-
ment permissions are not assigned to this account.
Encryption
As a sample application that must be easily installed and examined, the Reference
Architecture for Commerce application does not implement encryption. However,
in a production e-commerce system, encrypted sessions should be used when
sensitive data such as passwords or credit card details are transmitted.
Although encryption is a necessity in a production e-commerce environment, SSL
should be avoided for connections where no sensitive data is transmitted. This is
due to the overhead associated with establishing an encrypted session, which
involves passing the server’s public key to the browser, and the generation and
exchange of a session key with which to encrypt the session.
IT-EBOOKS.DIRECTORY
Browser Independence
The Reference Architecture application uses the XSL ISAPI filter to satisfy the
requirement of browser independence. It provides an elegant mechanism with
which to separate content from presentation and gracefully handle the capabilities
of different browsers.
Implementation
The last step of the physical phase is to apply the decisions made about constraints,
requirements, and technology use to the logical design, and to actually define the
physical implementation. During this phase, the programming model, component
interfaces, and internal structure of each component are chosen.
Identifying the Components

The components of the Reference Architecture for Commerce are discussed exten-
sively in Part 3 of this Developer’s Guide. Part 3 includes explanations of the coding
practices and components used, as well as code fragments and their definitions. For
more information, please refer to the developer comments provided in the code
itself.
Creating the Specification

At the conclusion of the implementation phase, the team must document the deci-
sions made in a detailed technical specification. This document becomes the blue-
print for the application and is the reference that the development team uses when
building their team of experts, building the schedule, assigning the tasks, and
creating the test and deployment plans.
Conclusion
This chapter described the three-phase process for identifying the actual compo-
nents and technologies that will comprise an application; it also provides a sum-
mary of the reasoning behind the choices made during the development of the
Reference Architecture for Commerce application, ConsolidatedRetail.com. The
goal of this phase in the project lifecycle is to apply real-world physical design
constraints on the logical design and to develop a solid technical specification that
will guide the development effort.
The next portion of this document focuses on the actual code provided in the
Reference Architecture for Commerce: Business to Consumer application. As noted
previously, this application was developed as a reference example; however, the
application can be modified for production use.
IT-EBOOKS.DIRECTORY
Part 3
Solution Implementation
Part 3 of the Developer’s Guide for the Microsoft Reference Architecture for
Commerce describes how the architecture described in Part 2 was actually
used in the design and development of the Reference Architecture application,
ConsolidatedRetail.com. Part 3 is intended primarily for application developers;
however, anyone else who wants to learn about building e-commerce solutions
with Microsoft technologies will find it useful. It consists of an initial overview of
the application and its components, followed by an in-depth discussion of the
code components and technologies used to build the solution.
Part 3, “Solution Implementation,” consists of the following:
● Chapter 7, “Implementation Overview”
● Chapter 8, “Solution Roadmap”
● Chapter 9, “ConsolidatedRetail.com Functionality”
● Chapter 10, “Debugging and Testing”

IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
7
Implementation Overview
As described in Part 2 of the Developer’s Guide, the Microsoft Reference Architecture
for Commerce is designed to accelerate the development of e-commerce solutions
for small to medium businesses by providing reusable and customizable compo-
nents. The Microsoft Reference Architecture for Commerce solution consists of
engineered code components intended to allow developers to build retail Web sites
that use Windows 2000 Server and .NET Enterprise Server products, such as Com-
merce Server 2000 and SQL Server 2000.
Part 3 of this guide is designed for application developers and anyone else who
wants to learn about building e-commerce solutions with Microsoft technologies. It
consists of an initial overview of the application and its components, a component
roadmap, and an in-depth discussion about the implementation issues encountered
during its development.
Implementation Features
The ConsolidatedRetail.com site implemented in the Reference Architecture appli-
cation is designed to include many of the features commonly found in e-commerce
solutions. For a full description of the business requirements of the application,
please refer to Part 2 of the Developer’s Guide.
Recommended Background Knowledge

To understand the details of the code functionality, readers of this Part 3 of the
Developer’s Guide should have some knowledge of the following:
● ASP – The developer should know how to use Visual Basic Scripting Edition
(VBScript) to create Active Server Pages (ASP). This includes an understanding
of the core ASP objects, as well as instantiating and using Component Object
Model (COM) and COM+ components. The bulk of code produced for this
application is ASP.
IT-EBOOKS.DIRECTORY
● XML – Extensible Markup Language (XML) is used extensively in this application

as a means for passing structured data between application components. The
developer should be familiar with XML, including basic syntax, schemas, and
structure. Some of the code uses the XML Document Object Model (DOM) for
parsing XML content.
● XSL – To understand how the user interface works, the developer needs to have a
good understanding of Extensible Stylesheet Language Transformations (XSLT).
● Microsoft Commerce Server 2000 and its objects – Commerce Server is a sophis-
ticated system. Although this Developer’s Guide and the application itself attempt
to provide guidance on the workings of the system, the developer should refer to
the Commerce Server documentation to become familiar with Commerce Server
capabilities and components.
● SQL Server – Although this application uses SQL Server extensively, most of
the actual database access is hidden from view and performed using a layer of
abstraction provided by Commerce Server objects. However, to really under-
stand how data is accessed and stored, the developer should explore the tables
and stored procedures maintained behind the scenes by Commerce Server.
● Visual C++ – The custom COM components for this application were written
in Microsoft Visual C++ to maximize performance. Although understanding
the full inner workings of the components is not required for getting valuable
information from the Reference Architecture application, a full understanding
of its workings requires C++ skills.
For information on why these technologies were chosen, please refer to Part 2 of this
Developer’s Guide.
Technology Overview
The following subsections briefly describe how each of the core technologies is used
in the Reference Architecture application.
XML in the ConsolidatedRetail.com Solution

The solution is implemented as a Commerce Server 2000 site, which uses SQL
Server 2000 as a data store and Commerce Server Object Library for management.
The site itself uses XML to represent the content of the Web pages and XSL style
sheets to render the content as Hypertext Markup Language (HTML) for a Web
browser. An Internet Server Application Programming Interface (ISAPI) application
filter is used to process the XML and apply the necessary XSL transformations. This
approach allows the solution to be extended easily to other client types without
necessitating a rewrite of the business logic in the ASP pages.
IT-EBOOKS.DIRECTORY
Chapter 7: Implementation Overview 87
Microsoft has shown a commitment to using XML as a standard for passing struc-
tured content in a distributed computing environment. In accordance with this
initiative, the Reference Architecture for Commerce code uses XML throughout the
solution. Examples of the use of XML include:
● XML output from PASP scripts and XSL transformations using the XSL ISAPI
filter – The pre-processed Active Server Pages (PASP) scripts that implement the
solution site’s front end use the XSL ISAPI filter to generate output in XML
rather than HTML format. This facilitates greater separation of content from
presentation. The XML produced by these PASP pages is then rendered using an
XSL style sheet. For more information about using PASPs and the XSL ISAPI
filter, refer to the XSL ISAPI filter documentation available for download on the
Microsoft Web site.
Note: The Reference Architecture application code includes a custom version of the XSL
ISAPI filter (XSLISAPI2.dll). This version is not available for download on Microsoft.com;
however, the documentation for the publicly available version (XSLISAPI.dll, version 2.1) is
appropriate for the custom version also.
● XML output from commerce components – Many Commerce Server 2000 objects
can deliver record sets (for example, a listing of products) in either ActiveX Data
Objects (ADO) or XML format. Where possible, the ASP scripting code requests
information in XML format from commerce objects.
Refer to Appendix A for examples of XML output from the Reference Architecture
PASP pages.
ASP Use
For most Web-based application development on Microsoft platforms, the code that
drives the Web front end is implemented using ASP files written in VBScript. ASP is
used for Web programming mostly because of the flexibility and ease of develop-
ment it offers. In the rapidly evolving realm of e-commerce, it is important to be
able to quickly change the appearance or basic front-end functionality of a site.
The interpreted execution of scripting languages allows programmers and design-
ers to make rapid changes to a site’s functionality without having to go through
lengthy compilation processes: after you save the source file, the program is
changed. However, it should be noted that the major business processing tasks are
performed by components (either provided by Commerce Server or custom built)
to maximize performance and scalability.
The Reference Architecture for Commerce solution code adds a new twist to ASP
programming by using the capabilities of the XSL ISAPI filter to disassociate the
generation of content presentation from content. Rather than generating HTML
IT-EBOOKS.DIRECTORY
content directly, the PASP scripts generate XML output, and XSL style sheets trans-
form the XML output into the correct display format. This transformation can occur
on either the server or the client — provided that the client is capable — thus
offloading CPU cycles.
Commerce Server Components

Commerce Server 2000 provides a very rich set of tools for site developers, system
administrators, and business managers to develop, deploy, and manage commerce
applications for the Web. Like any large, powerful software system, the sheer
magnitude and variety of Commerce Server offerings can be overwhelming unless
you are familiar with the system. The Reference Architecture provides a proper
introduction: it is a well-designed and well-documented small e-commerce applica-
tion that demonstrates many of the Commerce Server objects in use. Although it
doesn’t exercise every Commerce Server capability, the Reference Architecture code
demonstrates how to:
● Set up boundaries between information and operations that are available to
anonymous users and those that are available only to authenticated users.
● Maintain a user’s session state without relying on methods that introduce server
session affinity and retain session information when crossing the boundary
between anonymous and authenticated access.
● Create a catalog, navigate the catalog hierarchy, and display product details from
the catalog.
● Allow shoppers to gather a collection of products for purchase (using a shopping
cart metaphor) without requiring authentication.
● Store and retrieve user profile information so that users do not need to re-enter
that information on subsequent visits.
The Commerce Server 2000 objects used in the Reference Architecture application
are listed in later chapters of this guide.
Stored Procedures in the Data Tier

No custom stored procedures were written for this application. All stored proce-
dures in the Commerce data store on SQL Server were created by Commerce Server
to provide the data access functionality for many of the Commerce objects.
Client-Side Scripting for Input Checking

The application’s user interface employs client-side JavaScript code for input
validation in several places. The functionality of the client-side scripts is not terribly
tricky, and is somewhat peripheral to the main focus of the application, so this
guide doesn’t go into detail about those scripts.
IT-EBOOKS.DIRECTORY
Chapter 7: Implementation Overview 89
Conclusion
This chapter described the background knowledge necessary to make best use of
this guide. It also provided a very brief overview of the components that make up
the Reference Architecture application, ConsolidatedRetail.com. The next chapter,
“Solution Roadmap,” describes the code components in detail, provides code
samples, and includes pointers to additional information.
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
8
Solution Roadmap
The Reference Architecture application contains many custom Active Server Pages
(ASP) files and code components. The source code for these files is examined in
some detail in the later sections of this chapter. Figure 8.1 on the next page provides
a high-level visual representation of the components of the solution and their inter-
relationships. Use this diagram as a quick reference when reading through the
remainder of this guide and when examining the source code.
As illustrated in Figure 8.1, a customer uses a browser, in this case Microsoft
Internet Explorer 5, to access the application. The ASP files in the Web site are
implemented as pre-processed ASP (PASP) scripts and use the programmable
objects provided by Microsoft Commerce Server 2000 (such as ProductCatalog,
AuthManager, ProfileObject, and OrderGroup) to send data to and retrieve data
from the Commerce Server site database in Microsoft SQL Server 2000. Business
processes, such as placing an order or viewing the contents of the Shopping Cart
basket, are implemented using Commerce Server Pipelines. A pipeline calls a
custom COM+ queued component to handle e-mail – messaging functionality. The
output for each Web page is represented as Extensible Markup Language (XML),
and is intercepted by the Extensible Stylesheet Language (XSL) Internet Server
Application Programming Interface (ISAPI) 2.1 filter, which applies the appropriate
XSL style sheet to the content to render it as HTML.
The next section of this chapter describes how the PASP files and XSL ISAPI filter
operate, with references to a simple example. Then, the chapter examines how
each major component category was implemented in the ConsolidatedRetail.com
application. The discussion takes a logical approach to the discussion, describing
the Web services first, then the Commerce Server objects, and then the pipeline
components.
IT-EBOOKS.DIRECTORY
Internet Explorer 5
HTML
XML
PASP XSLISAPI XSL

Script Filter
IIS 5.0
Custom COM+
Commerce Commerce Server Queued
Commerce Server Objects Pipelines Component
Server 2000 COM+
Commerce
Database
SQL Server 2000

Figure 8.1
Reference Architecture Application Components
IT-EBOOKS.DIRECTORY
Chapter 8: Solution Roadmap 93
PASP Files and the XSL ISAPI Filter

ASP pages are usually designed to produce the presentation logic of a Web solution.
In the ConsolidatedRetail.com site, they are used a little differently. Most of the ASP
files in the site are implemented as PASP files. The PASP files write XML to the
response object, which is intercepted by the XSL ISAPI filter and processed. The
script in the PASP files is used to call business logic in the Commerce Server 2000
objects; the XSL ISAPI filter handles the presentation.
The XSL ISAPI filter parses the XML output from a PASP file and examines the
processing instruction. If this processing instruction includes a server-config at-
tribute that references an XML configuration file, then the XSL ISAPI filter reads the
configuration file to determine the XSL style sheet that should be applied to the
XML output from the PASP file.
The XML configuration file contains information about which style sheet should be
applied for a specific type of client, as shown in the following code sample:
<?xml version="1.0" ?>
<server-styles-config>
<!— for WML 1.1 browsers —>
<device target-markup="WML1.1">
<stylesheet href="mypage-WML11.xsl"/>
</device>
<!— for IE 4.0 browsers —>
<device browser="IE" version="4.0">
<stylesheet href="mypage-IE5.xsl"/>
</device>
<stylesheet href="mypage-IE5.xsl"/>
</device>
</server-styles-config>
IIS identifies clients by examining the Hypertext Transfer Protocol (HTTP) request
header sent with the page request. IIS can identify many common browsers by
using the entries in the Browscap.ini file in the WINNT\System32\Inetsrv folder.
The XSL ISAPI application provides additional entries for devices such as WAP
phones in a file called Browscap-add.ini, which should be copied and appended
to the Browscap.ini file.
A Simple Example
The following is a simple example of how the XSL ISAPI filter can be used to render
the XML output produced by a PASP file.
Note: This example is designed to help you understand the functionality provided by the XSL
ISAPI filter. It does not describe any of the actual pages in the ConsolidatedRetail.com site.
IT-EBOOKS.DIRECTORY
Assume a user with Internet Explorer 5 requests a page called Myproducts.pasp.

The script in the file is interpreted and the following XML is returned through the
following response object:
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl"
server-config="productconfig.xml"
href="csproducts.xsl"?>
<productlist>
<product productname="Widget"/>
<product productname="Wrench"/>
</productlist>
Now, the XSL ISAPI filter parses this XML and reads the xml-stylesheet processing
instruction, which contains the following three attributes:
● type – This is the type of style sheet to be applied (in this case XSL).
● server-config – This is the XML configuration file defining the style sheets to be
used with specific clients.
● href – This is the default style sheet to be downloaded and applied by the client
if no corresponding style sheet is listed in the server-config file.
The XSL ISAPI filter then reads the specified server-config file (Productconfig.xml),
which contains the following entry:
<stylesheet href="products-ie5.xsl"/>
</device>
Because IIS identifies the client browser as Internet Explorer 5 from the request
header, the XSL ISAPI application now applies the Products-ie5.xsl style sheet to the
XML retrieved from Myproducts.pasp.
Assume that the Products-ie5.xsl style sheet contains the following XSL code:
<?xml version="1.0"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="2.0">
<xsl:template match="/">
<HTML>
<TITLE>Product Catalog</TITLE>
<BODY>
<TABLE>
<xsl:for-each select="productlist/product">
<TR><TD>
<xsl:value-of select="@productname"/>
</TD></TR>
</xsl:for-each>
</TABLE>
</BODY>
</HTML>
</xsl:template>
</xsl:stylesheet>
IT-EBOOKS.DIRECTORY
This style sheet would be applied to XML data from Myproducts.pasp, thus produc-
ing the following HTML, which would be sent to the browser:
<HTML>
<TITLE>Product Catalog</TITLE>
<BODY>
<TABLE>
<TR><TD>Widget</TD></TR>
<TR><TD>Wrench</TD></TR>
</TABLE>
</BODY>
</HTML>
Obviously, in a real e-commerce solution such as the one represented by

ConsolidatedRetail.com, the XML produced by the PASP files and the XSL style
sheets used to render it is more complex than this simple example. The principle,
however, is the same.
Web Site Files

The main ASP and PASP pages and accompanying XSL files used in the user inter-
face of the ConsolidatedRetail.com retail site are described here. As previously
mentioned, many of the ASP scripts used by the application are implemented as
PASP scripts that present XML output to the XSL ISAPI filter. A few regular ASP
scripts are also used for non-displaying scripts that accept posts from other pages.
Each PASP page has an associated <page name>-config.xml file used by the XSL
ISAPI filter to identify the appropriate style sheet to be used for specific client
types. In this implementation, only a <page name>-IE5.xsl file is provided to render
the page in HTML that is compatible with Microsoft Internet Explorer 5.5. Addi-
tional XSL files could be created to facilitate output for other browsers or devices.
Initialization Pages and Include Files

The ConsolidatedRetail.com site uses the following initialization scripts and
include files:
● Global.asa – Global.asa is a Web application initialization script that defines
actions to be taken at key events in a Web application’s lifetime.
● include\Site_Const.asp – This file defines numerous constants and is included
by all pages on the site.
● include\Common.asp – This file defines functions that are used to render data
in XML tags. It is used by all PASP pages on the site to generate the XML to be
passed to the XSL ISAPI filter.
IT-EBOOKS.DIRECTORY
● include\Profile.asp – This file includes all of the functions for authenticating

users, logging them on or off, and retrieving or updating their personal profiles.
● include\Basket.asp – This file provides the functions required for users to create
and maintain a shopping basket; that is, accumulate an order while browsing the
catalog.
● include\UI_layout-IE5.xsl – This XSL style sheet provides the presentation logic
for rendering the standard layout for pages in the site. It is included by all page-
specific XSL files to ensure a consistent look and feel to the site.
● include\Order.asp – This file retrieves and displays the status of a particular
order.
● include\Discounts.asp – This file checks each item in the shopping basket for
discounts, and then generates appropriate XML.
● include\ContentSelection.asp – This file verifies and displays advertising
content (used for targeting advertising or discounts at a specific user).
● include\Catalog.asp – This is a common file that developers can use for code
specific to catalog operations.
● include\Cache.asp – This script is used to cache and retrieve HTML fragments,
objects, and components.
Catalog Browsing Pages

The ConsolidatedRetail.com retail site uses the following catalog-related pages:
● Default.asp – This page redirects users to the home page of the site (Index.pasp).
Because Default.asp is a traditional start page name for ASP applications, it is
placed here to redirect any requests that might come in for Default.asp to the
application’s real start page.
● Index.pasp – Index.pasp is the default start page for the application. This is what
comes up when you type the site name with no additional path information;
several other pages also redirect to this page when tasks are completed or errors
are encountered.
● Category.pasp – This page generates XML for the page that provides users with
a view of the products and subcategories in a particular category of a given
catalog.
● Product.pasp – This page generates XML content for the page that shows details
about a single product and all its variants from a catalog. This page provides a
button that allows the user to display the detail page for the previous or next
product in a category or subcategory.
● ListSearch.pasp – This page allows users to locate a public shopping list.
● StepSearch.pasp – This page allows users to specify search criteria and search
the catalogs.
IT-EBOOKS.DIRECTORY
● SearchResults.pasp – This page receives the input when a user enters search
criteria into the product search box, performs the search for products matching
the keywords, and returns a list of matching products to the user.
● Bdrefresh.asp This script clears the Business Desk cache.
User Authentication and Profile Management Pages

The ConsolidatedRetail.com retail site uses the following user authentication and
profile management scripts:
● Registration.pasp – This page allows users to register with the site.
● Login.pasp. This page allows registered users to log on to the site.
● ForgotPasswd.pasp – This page allows users to request that their password be

sent to them by e-mail.
● Acct.pasp – This page displays account details of the user who is currently
logged on.
● UserProfile.pasp – This page allows a user to edit his or her profile.
● AddressBook.pasp – This page allows users to view and update the shipping
and billing addresses saved in their address books.
● CreditCards.pasp – This page allows a user to save credit card numbers and
expiration dates in his or her profile. (The user can save as many credit card
numbers as he or she wants to save; there is no limit.)
● EditCreditCard.pasp – This page allows a user to edit the credit card informa-
tion saved in his or her profile.
● RefreshApp.asp – This script clears the Profiles cache.
Order Management Pages

The ConsolidatedRetail.com retail site uses the following order management pages:
● OrderHistory.pasp – This page retrieves and displays the order history of the
current user, allowing the user to view all purchases the user has made from the
site. (Note that the order history page displays only the most recent 20 orders.)
● OrderHistorydetail.pasp – This page displays the details of a specific order from
the user’s order history.
● Basket.pasp – This page displays the contents of the current user’s shopping
basket, or more specifically, the products contained in the OrderGroup object
associated with the user’s current session.
● OrderSummary.pasp – This page provides a summary of the current order.
Although the displayed results of this page are considerably different, the
scripting behind this page and the XML content generated by the script are
similar to Basket.pasp.
IT-EBOOKS.DIRECTORY
● ListBase.pasp – This page provides a common code base for the Save for Later,
Shopping List, and Public List pages.
● AddtoList.pasp – This page allows the user to add items to a shopping list.
● AddtoListResp.pasp – This page allows the user to view the contents of a re-
vised shopping list after an item is added.
● Shipping.pasp – This page is invoked when the user clicks the Checkout link on
the shopping basket page or clicks the Checkout link at the top of any page. It
allows the user to specify an address for delivery of the order.
● ShippingMethod.pasp – This page allows the user to select a shipping method
for the order.
● MultiShipping.pasp – This page allows a user to ship items in a single order to
different addresses.
● Thankyou.pasp – This page completes the processing of an order in the Com-
merce Server portion of this application by running it through a series of
Commerce pipeline processes.
Commerce Server Objects

Another important aspect of the solution is the use of Commerce Server 2000
programmable objects for business processing. These objects can be used from any
COM-aware client (such as an ASP script) to retrieve data from the site database or
to perform a task such as authenticating a user. The use of these objects is examined
in depth in Chapter 9, but the following list introduces the key Commerce Server
objects used in the ConsolidatedRetail.com application.
Utility and Configuration Objects

An e-commerce site is a highly complex application that requires many kinds of
information and functionality. To help simplify the development of an e-commerce
solution, Commerce Server 2000 provides a number of objects that can be used to
manage site configuration information and provide general functionality that can
be used throughout the site.
Many of the objects used in Commerce Server solutions are in fact Dictionary
objects or SimpleList objects. These are general-purpose objects that can
be used to maintain a collection of name/value pairs. For example, in the
ConsolidatedRetail.com application, a Dictionary object is used to store the collec-
tion of pipelines used by the site. For more detailed information about Dictionary
and SimpleList objects, refer to the Commerce Server 2000 documentation.
The ConsolidatedRetail.com application uses the following utility and configura-
tion objects throughout the site.
IT-EBOOKS.DIRECTORY
● AppConfig – This is the Commerce Server Application Configuration object. It

provides methods that can be used to retrieve configuration settings for the site.
It contains an Options Dictionary object that is used to store various configura-
tion options for the site. In the ConsolidatedRetail.com site, the options dictio-
nary is used to store data source connection strings and other configuration
information.
● AppDefaultConfig – Commerce Server 2000 supports the ability for the site
administrator to alter site behavior through programmatic changes to properties
stored in the Commerce Server 2000 administration database. The Reference
Architecture application provides limited support for AppDefaultConfig op-
tions as follows:
● i_AddItemRedirectOptions – This specifies how the site functions after a
user adds an item to a shopping basket (a value of 1 continues displaying the
current product page; 0 redirects to the basket page).
● i_FormLoginTimeOut – This specifies the number of minutes before a logon
ticket times out.
● i_SitePrivacy – This specifies how much tracking is performed for anony-
mous users (a value of 1 profiles anonymous users; 2 profiles and tracks
anonymous user visits).
● DataFunctions – This is a data-formatting object that holds information about
the site locale, currency and other data-related issues. It also provides methods
for handling data type specific tasks such as removing white space from strings
or converting data from one type to another.
● GenID – This is a utility object used to generate Globally Unique Identifiers
(GUIDs). These can be useful for providing a unique ID to identify a specific
item.
● AppFramework – This is a utility object used to simplify HTML form processing.
● MessageManager – This object is used to store multilingual error messages for
use by pipeline components.
● CacheManager – This object is used to manage data caching for the site. Caching
data such as catalogs, shipping methods, user profiles and so on can greatly
improve performance.
● DictionaryXMLTransforms – This object is used to transform the contents of a
Dictionary object to XML (and vice-versa) using a specified XDR schema.
For more information about the AppConfig, DataFunctions, GenID, AppFramework,
MessageManager, CacheManager, and DictionaryXMLTransforms objects, refer to
the Commerce Server 2000 documentation.
IT-EBOOKS.DIRECTORY
Catalog Objects
One of the most obvious tasks that must be addressed by pages in an e-commerce
site is to retrieve product information from the catalogs associated with the site.
Commerce Server 2000 provides support for multiple catalogs in a single site. You
can structure catalogs hierarchically with nested categories and define products at
any level of the catalog, including the root. In addition, any category or product can
be related to any other category or product anywhere in the hierarchy. For example,
a product called Windows 2000 Server in the Software category could have a relation-
ship defined with a product called The Windows 2000 Server Administrators Guide in
the Books category. This makes it easy to create links to related products or catego-
ries and provide opportunities for cross selling. Figure 8.2 shows the catalog struc-
ture that Commerce Server 2000 supports:
Catalog
Product
Product
Category
Product
Category
Product
Category
Product
Figure 8.2
Commerce Server 2000 Catalog Structure
You can create catalogs from scratch or import them from an XML or CSV file
by using the Commerce Server Business Desk. For detailed information about
managing catalogs with the Business Desk, refer to the Commerce Server 2000
documentation.
IT-EBOOKS.DIRECTORY
Another feature of the catalog support in Commerce Server is that you can create
Catalog Sets. A Catalog Set is a collection of one or more catalogs that is assigned
to a particular class of user based on a property in their profile. For example, you
could create a catalog set containing catalogs with discounted prices for users
who have joined your customer loyalty scheme. For users who have no catalog set
assigned, Commerce Server sites include a default catalog set for anonymous users
and a default catalog set for authenticated users.
Programmatic access to the catalog data is provided through the following Com-
merce Server automation objects:
● CatalogManager – This object represents the entire catalog management system.
● CatalogSets – This object provides access to the catalog sets defined in the site.
● ProductCatalog – This object represents a specific catalog.
● Category – This object represents a category within a catalog.
● Product – This object represents a product.
These objects provide methods for navigating through the entire catalog hierarchy
of a site. Many of the methods and properties that these objects provide return ADO
Recordsets, which contain catalog, category, or product data.
Before any catalog data can be accessed, a connection to the data source for the site
must be initialized. Generally this is achieved by calling the Initialize method of
the CatalogManager object passing either an ADO connection string to the site
database or the site name as a parameter.
For more detailed information about the CatalogManager, CatalogSets,
ProductCatalog, Category, and Product objects, refer to the Commerce Server 2000
documentation.
User Management Objects

Commerce Server provides several objects that can be used to manage user infor-
mation and status as customers interact with the site. These objects include:
● AuthManager – This object is used to handle security related functionality,
allowing users to be authenticated and logged on and providing a means of
identifying the specific user making a request.
● ProfileService – This object is used to connect to the data source where profile
information relating to the registered users in the site is stored.
● ProfileObject – This object encapsulates the profile data for a specific user, and
can be used to set or retrieve values such as Name, Telephone Number, E-mail
Address, or any other user attribute that needs to be tracked.
For more detailed information about the AuthManager, ProfileService, and
ProfileObject objects, refer to the Commerce Server 2000 documentation.
IT-EBOOKS.DIRECTORY
Shopping Basket Objects

After a user locates a product he or she wants to purchase, it is common practice in
a Web site to allow the user to add the product to a cart or basket. In reality, the
conceptual basket is a metaphor for a software object representing the collection of
items the user has selected during the visit. Every register user is issued a virtual
shopping basket during a visit (there is a one-to-one mapping of users to baskets).
The Reference Architecture application uses the following objects provided by
Commerce Server 2000 to provide the abstract shopping basket functionality:
● OrderGroup – This object represents the shopping basket.
● OrderForm – This object represents the collection of items in the shopping

basket. The OrderForm object is implemented as a Dictionary object, containing
information about the order as a whole, and a SimpleList object containing item
Dictionary objects representing the individual items in the basket. An Addresses
SimpleList object is used to store a collection of address Dictionary objects,
representing the shipping and billing addresses associated with the order.
For more detailed information about the OrderGroup, and OrderForm objects, refer
to the Commerce Server 2000 documentation.
The Predictor Resource

Commerce Server 2000 provides the ability to send content, such as advertisements
and discount notifications, to specific users. To do this, Commerce Server 2000 uses
the Microsoft Windows 2000 Predictor resource, which is installed optionally with
Commerce Server 2000. The Predictor resource allows you to build complex analy-
sis models that you can use to determine the type of content, advertisements, and
additional products that might interest your users. After the Predictor builds the
analysis model, you can add the Predictor Client Object to your ASP pages, which
gives your site the ability to display recommended products and targeted content.
The Predictor resource uses a great deal of memory when building the analysis
models. You can prevent this from impacting your Web servers by building the
analysis model once and then copying it to each of your Web servers. Each Web
server can host multiple analysis models to enable different predictive capabilities.
After you build an analysis model, you can view its components by using the
Prediction Model Viewer in Commerce Server Manager and the Segment Viewer
module in the Commerce Server Business Desk.
For more detailed information about the Predictor and guidelines for its use, refer
to the Commerce Server 2000 documentation.
IT-EBOOKS.DIRECTORY
Pipelines
Commerce Server 2000 solutions usually use pipelines for business processing. A
pipeline consists of a sequence of COM components that operate on a business
object, such as an OrderForm. The components in the pipeline, and the order in
which they are called, is specified in a pipeline configuration file (*.pcf). You can
think of a pipeline as being a kind of production line in which each component
performs a specific task before passing the business object to the next component.
ConsolidatedRetail.com uses seven pipelines: Advertising.pcf, Discounts.pcf,
Final.pcf, Lists.pcf, Pagbasket.pcf, Recordevent.pcf, and Total.pcf. Six of these have
references that are stored in the application level MSCSPipelines dictionary variable
as Advertising, Discounts, PAGFinal, Lists, PAGBasket, and PAGTotal respec-
tively. The remaining pipeline, Recordevent.pcf, is held as a Commerce.OrderPipeline
object in Application(“CampaignsCSFEventPipe).
Pipeline Components
The components in a pipeline are COM components that implement the
IPipelineComponent interface. This interface provides an Execute method, to
which a Dictionary object can be passed. A business process is implemented by
passing a business object such as an OrderForm to the execute method of each
component in the pipeline in turn.
Commerce Server provides a number of pipeline components that can be used in
e-commerce sites. These objects are used to apply discounts to an order, charge tax,
arrange shipping, and so on. In addition, you can create your own custom pipeline
components to perform specific tasks. The ConsolidatedRetail.com site includes the
following two custom pipeline components:
● PersistUtility – This is a custom pipeline component that is used for copying
non-persisted attributes of the OrderGroup object to persisted attributes. Typi-
cally, attributes from the OrderGroup object that begin with an underscore are
temporary values and are destroyed at the end of pipeline processing. Because
this application exports an order form outside of the Commerce Server realm,
some OrderGroup values that are usually discarded need to be retained to
provide context in external processing. PersistUtility copies a few underscored
attributes to names without underscores, so the values persist after pipeline
processing is complete.
● QueueEMail Class – This is a custom pipeline component that takes data from
the order form, converts it to XML, and uses the QueuedEMailer.CMailer
component (described in the section, “Custom Business Components”) to send
an e-mail message to the customer.
IT-EBOOKS.DIRECTORY
Custom Business Components

Additional custom functionality can be added to a solution by creating custom
business components. The ConsolidatedRetail.com site includes one custom busi-
ness component: QueuedEMailer.CMailer. QueuedEMailer.CMailer is a custom
COM component used to send e-mail to a customer. This is used for order confirma-
tions and forgotten passwords. The component is implemented as a COM+ queued
component, allowing its methods to be called asynchronously through a message
queue. This improves response time by allowing a user’s session to proceed without
having to wait until the email processing is complete.
Conclusion
This chapter provided a very brief, high-level overview of the major code categories
in the Reference Architecture application, with reference to actual code snippets.
At this point, you should have a conceptual understanding of how the code is
structured.
The next chapter walks you through each tier of ConsolidatedRetail.com applica-
tion, and provides pseudo-code and actual code examples to illustrate the process-
ing flow.
IT-EBOOKS.DIRECTORY
9
Functionality
Now that you have an overview of the various parts of the solution, you are ready
to examine the specific functionality provided by the site. This chapter discusses the
following aspects of the solution and pays particular attention to the challenges
inherent in writing code for each functional area:
● Presentation services
● User authentication and profiling
● Catalogs
● Shopping basket management
● Order processing
As you review each section of this chapter, you will see how specific functionality
has been implemented and how you can reuse part or all of the ConsolidatedRetail.com
application in your own business-to-consumer solutions.
Presentation Services
The presentation services in the ConsolidatedRetail.com site are provided by the
XSL ISAPI filter. The main development challenge is to generate appropriate XML
in each of the PASP scripts and to create suitable XSL style sheets to present that
XML as HTML (or some other presentation format).
IT-EBOOKS.DIRECTORY
XML Output from the PASP Files in ConsolidatedRetail.com

Each PASP file in the ConsolidatedRetail.com site produces an XML document in a
consistent format. It does this by including an Include reference to the Common.asp
file in every page on the site and calling its PageStart procedure.
The PageStart procedure in the Common.asp file contains the following code:
Sub PageStart(strPageNameWithExtension)
'comments and code omitted for clarity
' strip off the pasp file extension
Dim strPageName
strPageName = Trim(Left(strPageNameWithExtension, _
InstrRev(strPageNameWithExtension, _
".") - 1))
if mc_blnUsePassport = True then
Call InitPassport(GetServerURL() & "/" & mc_strPassportReturnPage
Else
'???????
End if
'XML header
Response.Write _
"<?xml-stylesheet type=""text/xsl"" _
server-config=""" & _
strPageName & "-Config.xml"" href=""" & _
strPageName & "-IE5.xsl""?>" & vbcrlf
'root for the page element.

'the tag is closed in the "PageEnd" Subroutine.
Response.Write "<page pagename=""" _
& strPageNameWithExtension & """>" & vbcrlf
'This information is used by the link to passport for
'returning back to the site after passport authentication.
Call XMLTag("HTTPHost", Server.URLEncode(GetHTTPHost()))
if not LocalIsLoggedIn() then

Call GetPassportLogo(GetServerURL() & "/" & mc_strPassportReturnPage)
end if
End Sub
This procedure creates the XML header for the document that will be produced by
the PASP file. At the end of each PASP script, the PageEnd procedure is called to
close the <page> tag and complete the XML document. The following is the rel-
evant code in the PageEnd procedure:
Sub PageEnd()
'comments and code omitted for clarity
'get authentication information to be used to display the logoff button.

Call GetLogOffXML()
IT-EBOOKS.DIRECTORY
Chapter 9: ConsolidatedRetail.com Functionality 107
'display error messages

Call DisplayExceptions(m_varrExceptions)
'root for the page element. The tag is opened in the PageStart subroutine.
Call XMLEndTag("page")
End Sub
The XMLEndTag procedure is one of a number of XML helper procedures in

Common.asp. (For more information, see the “XML Helper Procedures” section
later in this chapter.) It generates an XML closing tag using the following code:
Sub XMLEndTag(strTagName)
Response.Write mc_strStartTag & mc_strForwardSlashTag & _
Lcase (Replace(strTagName, mc_strBlank,_
mc_strUnderScore)) & _
mc_strEndTag & vbCrLf
End Sub
XML documents produced using the PageStart and PageEnd procedures will look
similar to the following code sample:
server-config="filename-Config.xml"
href="filename-IE5.xsl"?>
<page pagename="filename.pasp">
<!— XML content —>
</page>
XML Helper Procedures

In addition to the XMLEndTag procedure described earlier, Common.asp contains
multiple XML-related utility routines. These procedures are used to generate tags
to be used in the XML documents produced by the PASP pages in the
ConsolidatedRetail.com site.
Although in many ways, it would be more efficient to hard-code the required XML
characters—such as “<” and “>” (without the quotation marks)—in the various
XML-generating procedures, numerous XML character constants are declared
in Common.asp. This helps make the code legible and aids debugging. The con-
stants are:
Const mc_strStartTag = "<"
Const mc_strEndTag = ">"
Const mc_strForwardSlashTag = "/"
Const mc_strUnderScore = "_"
Const mc_strBlank = " "
IT-EBOOKS.DIRECTORY
These constants are used in the following XML-generating procedures:

● XMLBegTag – This utility writes an opening XML tag (for example, <page>)
based on an strTagName parameter.
● XMLEndTag – This utility (described earlier) writes a closing tag (for example
</page>) based on an strTagName parameter.
● XMLEmptyTag – This utility writes an empty XML tag (for example, <page/>)
based on an strTagName parameter.
● XMLTag – This utility writes an XML tag containing a value (for example,
<page>myvalue</page>) based on two parameters: strTagName and strTagValue.
● GetXMLFromRS – This utility creates an XML representation of a recordset.
● GetXMLFromRSRow – This utility creates an XML representation of the current

row in a recordset.
There are also numerous procedures, generically named xxxWithDsplyNm, which
produce XML tags containing a displayname attribute, for example:
<f_name displayname=”First Name”>Joe</f_name>
The display name for the tag is based on the tag name and is retrieved from the
CatalogDefinitionProperties application-level dictionary object variable.
To gain a full understanding of the functionality provided by the XML helper
procedures, examine the source code in Common.asp.
XSL Style Sheets in the ConsolidatedRetail.com Site

As explained earlier, each page has an associated filename-Config.xml file listing the
XSL style sheet to be applied for each client browser or device type. In this imple-
mentation, only Internet Explorer 5.5 is supported, although alternative style sheets
could be created and added to the site.
In most cases, the XSL file for each PASP page is named pagename-IE5.xsl (where
pagename is the non-version specific name of the PASP page), and contains XSL code
specific to the data on that page. However, to maintain a consistent look and feel to
the site, the common user interface (UI) elements for all pages are defined in a
separate XSL file named UI_layout-IE5.xsl, which is stored in the Include directory.
Each page-specific XSL file uses the XSL Include directive to incorporate the presen-
tation logic in UI_layout-IE5.xsl into the rendering of the current page as shown by
the following code snippet:
<xsl:include href="include\UI_layout-IE5.xsl"/>
IT-EBOOKS.DIRECTORY
Templates in UI_layout-IE5.xsl
The UI_layout-IE5.xsl file contains several templates. The page template is applied
to the <page> element in the XML document generated by each PASP page. It refers
to the Stylesheet.css cascading style sheet and creates an HTML table consisting of
five rows, on which the overall page is based. Other templates in the UI_layout-
IE5.xsl file are called to populate the rows.
The first row in the table contains a call to the pageheader template defined later in
the script. This template renders the top banner of the page, including the images
linked to the basket, profile, and home pages.
The second row is used to create a space before the third row, which contains a call
to the main template. This template includes the logic necessary to render the menu
panel at the left side of the page, including the search form. The main template
in turn calls the getCatalogsForUser template, the exceptions template, and the
advertising or profilemenu or listsmenu template (depending on the presence
of an advertising, profilemenu, or listsmenu XML element).
The fourth row of the table, like the second, is a spacer before the fifth row, in which
the pagefooter template is called. This template renders the bottom panel of the
page, including the copyright statement.
The page template in UI_layout-IE5.xsl is shown in the following code. The
pageheader, main, pagefooter, and other templates used to render the pages in the
site can be examined in UI_layout-IE5.xsl.
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="2.0">
<xsl:template match="*|/">
<xsl:apply-templates/></xsl:template>
<xsl:template match="text()|@*"><xsl:value-of select="."/></xsl:template>
<xsl:template match="page">
<html>
<head>
<title>ConsolidatedRetail.com</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css"/>
</head>
IT-EBOOKS.DIRECTORY
<body bgcolor="#ceb6d5" leftmargin="0" marginwidth="0" topmargin="0"

marginheight="0">
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td>
<xsl:call-template name="pageheader"/>
</td>
</tr>
<tr>
<td height="10"/>
</tr>
<tr>
<td>
<xsl:call-template name="main"/>
</td>
</tr>
<tr>
<td height="10"/>
</tr>
<tr>
<td>
<xsl:call-template name="pagefooter"/>
</td>
</tr>
</table>
</body>
</html>
</xsl:template>
<!— Code for other templates omitted for clarity —>
</xsl:stylesheet>
Rendering Index.pasp
You can examine the Index.pasp page to see how this all fits together. The
Index.pasp page is the default page, or home page, for the site. Index.pasp contains
code to perform the following tasks:
1. Define a constant named mc_strPageName with the value Index.pasp.
2. Call the PageStart procedure in Common.asp to create the appropriate <page>
opening tag.
3. Create an empty <advertising/> tag using the XMLEmptyTag procedure.
4. Create the </page> closing tag by calling the PageEnd procedure.
The following code performs these tasks:
<!—#include file = "include/Site_Const.asp" —>
<!—#include file = "include/Common.asp"—>
<%
Const mc_strPageName = "Index.pasp"
IT-EBOOKS.DIRECTORY
Sub Main()
Call PageStart(mc_strPageName)
XMLEmptyTag(mc_strAdvertisingMenu)
Call PageEnd()
End Sub
Call Main()
%>
This code generates the following XML document:

server-config="Index-Config.xml"
href="Index-IE5.xsl"?>
<page pagename="Index.pasp">
<httphost>localhost%3A81</httphost>
<mspassport><anchor>a</anchor>
<url>http://current-login.passporttest.com/login.asp?id=1&
ru=http%3A%2F%2Flocalhost%3A81%2F%
5FProcessPassportLogin%2Easp&
tw=120&fs=0&kv=1&
ct=998426692&cb=0&ems=1&
ver=1.990.1052.1&C=1</url>
<passportimage><image>img</image>
<source>http://current-www.passportimages.org/signin.gif</source>
<width>66</width>
<height>19</height>
<border>0</border>
<class>PassportSignIn</class>
</passportimage>
</mspassport>
<advertising/>
<font face="Arial" size=2>
<p> Type mismatch: 'CachedFragmentLookup'</font>
<font face="Arial" size=2>error '800a000d'</font>
<p>
<font face="Arial" size=2>Type mismatch: 'CachedFragmentLookup'</font>
<p>
<font face="Arial" size=2>/include/Common.asp</font>
<font face="Arial" size=2>, line 115</font>
The XML is passed to the XSL ISAPI filter, which determines that the appropriate
style sheet is identified in Index-Config.xml. The XSL ISAPI filter examines the
HTTP request header information to determine the browser type and version. Then
it matches the browser information with the appropriate style sheet in Index-
Config.xml. If no matching entry is found, the default style sheet (Index-IE5.xsl)
is applied.
IT-EBOOKS.DIRECTORY
Index-Config.xml looks like the following:

<server-styles-config>
<!— for HDML 3.0 browsers —>
<device target-markup="HDML 3.0">
<stylesheet href="Index-HDML3.xsl"/>
</device>
<!— for WML 1.1 browsers —>

<device target-markup="WML1.1">
<stylesheet href="Index-WML11.xsl"/>
</device>

<stylesheet href="Index-IE5.xsl"/>
</device>

</device>

</device>
<!— for MME browsers —>

<device browser="MME">
<stylesheet href="Index-WML11.xsl"/>
</device>
</server-styles-config>
When a request is received from Internet Explorer 5 browser, the Index-IE5.xsl

style sheet is used to render the page as HTML. (The other entries in the Index-
Config.xml file are for illustration only; the corresponding style sheets are not
provided in the ConsolidatedRetail.com site.)
The Index-IE5.xsl code is similar to the following:
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="2.0">
<xsl:include href="include\UI_layout-IE5.xsl"/>
<xsl:template match="*|/"><xsl:apply-templates/></xsl:template>
<xsl:template match="text()|@*"><xsl:value-of select="."/></xsl:template>
<xsl:template name="pageleft"/>
<xsl:template name="pagecenter">
<script language="JavaScript">
IT-EBOOKS.DIRECTORY
<![CDATA[
function Focus(){
document.formSearch.txtSearchPhrase.focus()
}
]]>
</script>
<table width="100%" cellpadding="0" cellspacing="0" border="0"
bgcolor="#ffffff">
<tr>
<td width="11">
<img src="images/spacer.gif" width="1" height="1" border="0"/>
</td>
<td valign="top" class="content-text">
<tr>
<td valign="top" colspan="3" class="content-text">
<xsl:if test="name[string-length()>0]">
<p class="headline-text-purple">
Hello, <xsl:value-of select="name" />.
Welcome back to ConsolidatedRetail.com</p>
</xsl:if>
<xsl:if test="name[string-length()=0]">
<p class="headline-text-purple">Welcome to ConsolidatedRetail.com</p>
</xsl:if>
<p>Welcome to the site where you can purchase everything you need at one
convenient location.</p>
<p align="center"><a href="Registration.pasp">
<img src="images\home_freeshipping.gif" width="271" height="46" vspace="5"
border="0"/></a><br/><br/></p>
</td>
</tr>
<tr>
<td valign="top" class="content-text">
<p><xsl:apply-templates select="ads"/></p>
<p><img src="images/spacer.gif" width="200" height="1" border="0"/></p>
</td>
<td width="1" bgcolor="#ceb6d5">
</td>
<td width="125" align="right" valign="top" class="content-text">
<img src="images/giftregistries.gif" width="118" height="30"
border="0"/><br/>
<p>Look for this feature in the near future.</p>
</td>
</tr>
</table>
</td>
<td width="11">
</td>
</tr>
</table>
</xsl:template>
IT-EBOOKS.DIRECTORY
<xsl:template match="ads">
<xsl:apply-templates select="ad"/>
</xsl:template>
<xsl:template match="ad">
<xsl:element name="{anchor}">
<xsl:attribute name="href" ><xsl:value-of select="url"/></xsl:attribute>
<xsl:attribute name="target" ><xsl:value-of select="location"/></
xsl:attribute>
<xsl:apply-templates select="adimage"/>
</xsl:element>
</xsl:template>
<xsl:template match="adimage">
<xsl:element name="{image}">
<xsl:attribute name="src" ><xsl:value-of select="source"/></xsl:attribute>
<xsl:attribute name="width" ><xsl:value-of select="width"/></xsl:attribute>
<xsl:attribute name="height" ><xsl:value-of select="height"/></
xsl:attribute>
<xsl:attribute name="border" ><xsl:value-of select="border"/></
xsl:attribute>
<xsl:attribute name="alt" ><xsl:value-of select="alternative"/></
xsl:attribute>
</xsl:element>
</xsl:template>
<xsl:template match="discounts">
<p><xsl:apply-templates select="ad"/></p>
</xsl:template>
<xsl:template name="pageright">
<p><xsl:apply-templates select="/page/discounts"/></p>
</xsl:template>
</xsl:stylesheet>
This style sheet includes the UI_layout-IE5.xsl style sheet, which renders the com-
mon user interface elements for the page. In this case, the XML document contains
an <advertising/> tag. Therefore, UI_layout-IE5.xsl also uses the advertising
template to render the right panel of the page. The resulting Index page is similar
to Figure 9.1.
The ConsolidatedRetail.com site renders PASP pages as described in the preceding
sections. This method—generating XML content in the PASP files and defining
presentation in the XSL style sheets—allows you to easily change the style sheets
used to display the pages without affecting the business logic in the PASP files,
making this a flexible and easily reusable solution.
IT-EBOOKS.DIRECTORY
Figure 9.1
Index Page
Caching Commonly Used Information

Microsoft Commerce Server 2000 provides components that can be used to cache
commonly used sections of a commerce Web site.
The Reference Architecture uses these components to provide two types of caches:
● Caches that are not refreshed (emptied) automatically; for example, caches that
store the catalog and the shipping methods. These caches are loaded when the
application starts and always contain valid (static) data. They are refreshed only
when and if the Web site owner uses Commerce Server Business Desk to modify
them.
● Caches that are refreshed automatically; for example, caches that store search
results and product detail information. These caches store the XML for pages as
the user requests them. These caches are emptied at regular intervals as specified
in the Global.asa file. They are also refreshed when the catalog changes.
The Web site’s PASP pages produce XML output strings, which both cache types
store. Using a caching mechanism to store processed XML allows Web pages to be
displayed quickly without further processing, thus improving performance and
saving system resources. Caches are of the type Commerce.LRUCache because this
component automatically removes items from the cache when the cache is filled,
and allows the caches to refreshed automatically using the Commerce Server 2000
Commerce.LRUCacheFlush component.
IT-EBOOKS.DIRECTORY
Specific changes in Business Desk are immediately reflected in the caches when the
catalog is refreshed or updated (or when the transactions are published using
Business Desk). This happens because code in the BDRefresh.asp page refreshes the
relevant caches. Refer to the Commerce Server documentation for details regarding
how application caches are tied to Business Desk.
Note: Cache keys for certain caches contain compound information (for example, catalog name
and category name), which is stored in a concatenated form delimited by the greater than
(right chevron) sign (>).
Caching of Catalog Names

The Reference Architecture stores catalog names in a cache because these names are
displayed on every page, thus they must be retrieved from the Commerce Server
2000 database for every page. In addition, catalog information rarely changes in
production sites. Therefore, the catalog names cache is not refreshed automatically.
Similar functionality is implemented in the Commerce Server 2000 Retail
Solution site available for download from the MSDN Web site at http://
www.msdn.microsoft.com/
Pages Affected
Caching of catalog names affects the following pages:
● Global.asa
● include\Cache.asp
● include\Common.asp
● include\Site_const.asp
Implementation Details
The cache for catalog names, CatalogSetCache, is created in Global.asa with a
RefreshInterval of zero (0). This ensures that the cache never refreshes automati-
cally; that is, the Refresh interval is forever. The cache is also populated in
Global.asa with the XML for the catalogs for each CatalogsetId in the Commerce
Server 2000 database. The CatalogsetId also serves as the cache key.
The CatalogSetId uniquely identifies the catalogs associated with a user. Therefore,
the XML to be displayed varies as the CatalogsetId changes to correspond with
current user.
If you use Business Desk to make any changes to the catalogs, code in
BDRefresh.asp automatically propagates the changes to the cache. This design
ensures that CatalogSetCache always contains up-to-date information and that the
cache can be used directly without performing an “if… exists” check each time.
IT-EBOOKS.DIRECTORY
Caching of Categories
The Reference Architecture stores category pages in a cache because they are pages
that are commonly viewed by most users.
Similar functionality is implemented in the Commerce Server 2000 Retail Solution
site.
Pages Affected
Caching of category pages affects the following pages:
● Category.pasp
● Global.asa
The cache for category pages, CategoryCache, is created in Global.asa with a zero
RefreshInterval. This ensures that the cache does not refresh itself automatically.
The cache is populated when the user first encounters the category page. Subse-
quent access requests for the same page are fulfilled from the cache, until the cache
is refreshed or the LRUCache component removes it from the cache.
The cache key is a concatenated string consisting of the catalog name and the
category name in the form:
CatalogName + > + CategoryName
Together, the catalog name and category name provide enough information for the
Category.pasp page to obtain the listed products and subcategories.
BDRefresh.asp automatically empties the CategoryCache. This design ensures that
CategoryCache contains the most current version of a recently viewed category
page.
Caching of Product Information

The Reference Architecture stores product pages in a cache because they are pages
that are commonly viewed by most users.
site.
The Reference Architecture and Commerce Server 2000 Retail Solution Site use the
same cache name for this functionality: ProductPageCache.
IT-EBOOKS.DIRECTORY
Pages Affected
Caching of product information affects the following pages:
● Global.asa
● Product.pasp
The cache for product pages, ProductPageCache, is created in Global.asa with a
non-zero RefreshInterval. This ensures that the cache refreshes (that is, it empties
itself) automatically at regular intervals. The cache is populated when the user first
encounters the product page. Subsequent access requests for the same page are
fulfilled from the cache, until the cache is refreshed or the LRUCache component
removes it from the cache.
The cache key is a concatenated string consisting of the catalog name, the category
name, and the product ID in the form:
CatalogName + > + CategoryName + ProductId
Together, the catalog name, category name, and product ID provide enough infor-
mation for the Product.pasp page to obtain the product information.
If you use Business Desk to make any changes to the catalogs, code in BDRefresh.asp
automatically empties the ProductPageCache. This design ensures that
ProductPageCache contains the most current version of recently viewed product
information.
Caching of Shipping Methods

The Reference Architecture stores shipping methods in a cache because these
methods rarely change and are used by all users during the check out (or purchas-
ing) phase.
site.
same cache name for this functionality: StaticSectionsCache.
Pages Affected
Caching of shipping methods affects the following pages:
● Global.asa
● include\Cache.asp
IT-EBOOKS.DIRECTORY
● include/Site_const.asp
● MultiShipping.pasp
● OrderSummary.pasp
● Shipping.pasp
● ShippingMethod.pasp
The cache for shipping methods, StaticSectionsCache, is created in Global.asa with
a RefreshInterval of zero (0). This ensures that the cache never refreshes automati-
cally; that is, the Refresh interval is forever. The cache is populated in Global.asa
with the XML for the shipping methods from the Commerce Server 2000 database.
The cache key is a string constant, ShippingMethodsXML.
If you use Business Desk to make any changes to the shipping methods, code in
BDRefresh.asp automatically propagates the changes to the cache. This design
ensures that the StaticSectionsCache always contains up-to-date information and
that the cache can be used directly without performing an “if… exists” check
each time.
Caching of Search Results

The Reference Architecture stores search results in a cache because the search
facility is commonly used by all users.
site.
same cache name for this functionality: FTSearchPageCache.
Pages Affected
Caching of search results affects the following pages:
● Global.asa
● SearchResults.pasp
The cache for search results, FTSearchPageCache, is created in Global.asa with a
non-zero RefreshInterval. This ensures that the cache refreshes automatically at
regular intervals. The cache is populated when the user first encounters the product
page. Subsequent requests to the same page are fulfilled from the cache, until the
cache is refreshed or the LRUCache component removes the page from the cache.
IT-EBOOKS.DIRECTORY
The cache key is a concatenated string consisting of relevant search information, as

follows:
CatalogName + > + CatalogSetId + > + CategoryName + > + SearchPhrase + > +
ProductID + > + VariantID + > + SearchStartPosition + > +
NumberOfSearchedItemsToDisplay
This key is unique and is the only information that the SearchResults.pasp page
needs.
BDRefresh.asp automatically refreshes the FTSearchPageCache. This ensures that
FTSearchPageCache contains the most current version of the search results page.
User Authentication and Profiling

Microsoft Commerce Server 2000 provides support for an extensible profile system
that can store a great deal of user data. This user data, or customer profile, can
include shipping addresses and contact information. Customers can use these
profiles to store personal data so that they aren’t required to reenter the information
each time they visit the site. Thereafter, a company can then use the profile informa-
tion for business analysis, targeted advertising campaigns, and discount offers.
To create and maintain a profile, a customer must register with the site and log on.
This creates a unique user ID that identifies the user and retrieves the correspond-
ing profile information from the database. The customer’s user ID is stored in a
cookie on the client browser. If a user has not yet logged on, the cookie contains the
user ID associated with the anonymous user, and profile information is not avail-
able. When the user logs on, the appropriate user ID is retrieved and written to the
cookie; thereby making the profile information available for the remainder of the
session.
Note: Just as the Bdrefresh.asp script clears the Business Desk cache, the RefreshApp.asp
script clears the Profiles cache. Clearing either of these caches repeatedly could lead to a
denial of service for users.
The site requires browsers to be configured to allow cookies. If a user accesses the
site with a browser configured to allow per-session cookies (cookies that are not
stored on the user’s hard disk) but not stored cookies, the user can log on and use
the site but is not able to place products in the shopping basket. If no cookies are
allowed at all, the user is not able to access the site.
IT-EBOOKS.DIRECTORY
Registering a User
A user can register with the site by using the Registration.pasp page. When this
page is rendered using the Registration-IE5.xsl style sheet, it contains a form that
posts the data back to itself.
The Registration.pasp page contains code to perform the following tasks:
1. Examine the data in the form to determine the Mode and ProcessAction param-
eters. Mode is used to indicate the page the user should be redirected to when
registration is complete (the default is Acct.pasp). ProcessAction is used to decide
if the registration form should be displayed so that a user can register, or if the
form is being posted back for processing.
2. Pass the registration data to the PutUserObject so that a new profile can be
created. PutUserObject is defined in the Profile.asp include file.
3. Redirect the user to the Acct.pasp page (or another page determined by the Mode
parameter).
The Registration.pasp page retrieves the Mode and ProcessAction values from the
query string by using the MSCSAppFrameWork application-level variable, as shown
in the following code:
strPageMode = _
Application("MSCSAppFrameWork").RequestString( _
"Mode", Null, , , True, True, 0, Null)
strProcessingAction = _
Application("MSCSAppFrameWork").RequestString( _
"ProcessAction", Null, , , True, True, 0, Null)
Mode is usually null, meaning that when a user successfully registers, he or she
should be redirected to the account management page (Acct.pasp). In some circum-
stances, Mode contains the name of an alternate page to which the user should be
redirected. For example, if an anonymous user adds products to a shopping basket
before registering, you may want to send the user back to the checkout page after he
or she registers.
The ProcessAction parameter is used to determine whether the user accessed the
registration page from another page in the site, in which case the registration form
renders, or from the registration page itself, in which case the contents of the regis-
tration form are used to register the user. If the ProcessAction parameter is
EditUserObject, then the user can be registered using the data in the form on
the page.
Next, the script retrieves the form data and passes it to the PutUserObject function,
which is defined in the Profile.asp include file. This include file contains numerous
IT-EBOOKS.DIRECTORY
procedures for managing user profiles that are used by various pages in the site.
The PutUserObject function is used to add or update a user profile and returns a
Boolean value indicating success or failure. If the user creation is successful, the
user is logged on and redirected to another page. If not (for example, because the
specified user name already exists), the Registration.pasp page redisplays with an
error message indicating the problem.
The code calls the GetGuaranteedUserID function in Profile.asp to retrieve the user
ID. This function returns an authenticated user ID for a user who is logged on or a
profile user ID for an anonymous user.
Profile.asp uses the following code to check whether a user with the specified user
name already exists:
If Not Application("MSCSProfileService") Is Nothing Then
strUserID = GetUserID
If Not IsNull(strUserName) Then
Set objMSCSProfile = Application("MSCSProfileService").GetProfile(strUserName,
mc_strUserObject, blnReturnCode)
If Not (objMSCSProfile Is Nothing) Then
Call AddException(m_varrExceptions, 1,
"Username already exists.", mc_strPageName)
Set objMSCSProfile = Nothing
If the user name has not been used already, the code generates a globally unique
identifier (GUID) to add the user and calls the CreateProfile method of the
ProfileService object. The values passed from the registration form are assigned
to the profile:
strUserID = GenerateGUID()
Set objMSCSProfile =
Application("MSCSProfileService").CreateProfile(_
strUserName, mc_strUserObject)
objMSCSProfile.Fields(mc_strGeneralInfo).Value_
(mc_strUser_ID)= cstr(strUserID)
objMSCSProfile.Fields(mc_strAccountInfo).Value_
(mc_strAccount_Status)= CInt(1)
("user_type")= strUserType
(mc_strUser_Security_Password)= strPassword
objMSCSProfile.Fields(mc_strAccountInfo).Value_
("date_registered")= Now()
objMSCSProfile.Fields(mc_strProfileSystem).Value_
("date_created") = strCreateDate
IT-EBOOKS.DIRECTORY
Most of the code on the remainder of Profile.asp is used to update existing user
objects. Finally, the profile object is updated and the function returns True:
objMSCSProfile.Update
PutUserObject = True
When this function completes, the new user is registered in the site database.
After the user registers, Registration.pasp redirects the browser to Acct.pasp (if the
Mode parameter is NULL) or to an alternate page specified in the Mode parameter:
If blnRegistered Then
If IsNull(strPageMode) Then
Response.redirect "Acct.pasp?Mode=" & strPageMode
Else
Response.Redirect strPageMode & "?Mode=" & strPageMode
End If
End If
Authenticating a User
To access their profile information, registered users must log on and be authenti-
cated. As explained earlier, newly registered users are automatically logged on by
the code in Registration.pasp. Returning customers, however, must provide a user
name and password to be authenticated.
Note: In this sample application, the logon details are passed in plain text using HTTP. In a
production site, Hypertext Transfer Protocol, Secure (HTTPS) should be used to encrypt the
security credentials. The security of information, including credentials and confidential user
data, is the responsibility of the production site developer. Developers should take all neces-
sary precautions to ensure that authentication credentials and confidential information, such
as credit card numbers, order history, shopping lists, and so on, are adequately protected.
Users can log on by using the Login.pasp page. Like Registration.pasp, this page
posts data to itself and uses the functionality of Profile.asp to process the data.
The Login.pasp page contains code to perform the following tasks:
1. Examine the data in the form to determine the Mode and ProcessAction param-
eters. Mode indicates the page that the user should be redirected to when the
logon process is complete (the default is Acct.pasp). ProcessAction designates
whether the user credentials form should be displayed so that a user can log
on, or if the form is being posted back for processing.
2. Retrieve the user credentials from the form.
3. Pass the credentials to the Logon function in Profile.asp.
IT-EBOOKS.DIRECTORY
4. Redirect the user to the Acct.pasp page (or another page determined by the Mode
parameter).
The most important code in Login.pasp is a call to the Logon function in Profile.asp:
blnLoginSuccessful = Logon(strUserName, strPassword)
The Logon function is used to validate a user’s user name and password and send
an authentication ticket in the form of a cookie to the client browser. The Logon
function performs the following tasks:
1. Create and initialize an AuthManager object, as follows:
Set objMSCSAuthMgr = _
Server.CreateObject(mc_strAuthManager)
Call objMSCSAuthMgr.Initialize _
(Application("MSCSDictConfig").s_SiteName)
2. Remove any existing authentication ticket that the user may have from a previ-
ous session:
If objMSCSAuthMgr.IsAuthenticated Then
call objMSCSAuthMgr.SetAuthTicket _
("", blnCookieSupport, _
Application("MSCSDictConfig")._
i_FormLoginTimeOut)
End If
3. Check to ensure that a non-blank user name has been provided, and then use the
application-level MSCSProfileService object to load the profile for the user with
the specified name:
Set objMSCSProfileObject = _
Application("MSCSProfileService").GetProfile(strUserName, _
4. If a matching profile for a registered user is found, retrieve the password and
user ID, and then compare the password to the password provided by the user:
strProfilePassword = _
objMSCSProfileObject(mc_strGeneralInfo).Value _
(mc_strUser_Security_Password)
strUserID = objMSCSProfileObject(mc_strGeneralInfo). _
Value (mc_strUser_ID)
If CStr(strProfilePassword) = CStr(strPassword) Then
...
IT-EBOOKS.DIRECTORY
5. One of the design features of the ConsolidatedRetail.com site is the ability to add
products to a shopping basket while browsing anonymously. If the user adds
items to the shopping basket prior to logging on, the user will have been issued
an anonymous profile ticket. The AuthManager object now retrieves this ticket
so that the contents of the anonymous user’s shopping basket can be transferred
to the authenticated user’s shopping basket:
strProfileUserID = _
objMSCSAuthMgr.GetUserID(mc_bytProfileTicketType)
6. Issue a new (authenticated user) ticket to the user and set the anonymous cookie
to a blank value (thus deleting it):
Call objMSCSAuthMgr.SetAuthTicket _
(strUserID, blnCookieSupport, _
Application("MSCSDictConfig"). _
i_FormLoginTimeOut)
Call objMSCSAuthMgr.SetUserID(mc_bytAuthTicketType, _
strUserID)
Call objMSCSAuthMgr.SetUserID(mc_bytProfileTicketType, "")
Call objMSCSAuthMgr.SetProfileTicket("", blnCookieSupport)
7. Transfer any products in the anonymous shopping basket to the authenticated

user’s shopping basket, and then declare the logon a success:
If (Len(strProfileUserID) > 0) Then
' get the profile object from their anonymous
' session
Set objMSCSUnRegProfileObject = Application( _
"MSCSProfileService").GetProfilebykey( _
mc_strUser_ID, strProfileUserID, _
' if we get a matching anonymous profile back

If Not (objMSCSUnRegProfileObject Is Nothing) Then
' transfer basket contents from anon id to registered
' id
Call MoveBasketItems(strProfileuserid, strUserID)
' delete the anonymous profile from the profile store

Call Application("MSCSProfileService"). _
DeleteProfileByKey(mc_strUser_ID, _
strProfileUserID, mc_strUserObject)
End If
Set objMSCSUnRegProfileObject = Nothing
End if
' return successful logon value
Logon = True
IT-EBOOKS.DIRECTORY
For the remainder of the session, the authentication cookie is presented with each
request, and the code is able to retrieve the user’s profile information.
Using Passport Authentication

The Reference Architecture application provides its own authentication mechanism
as described earlier, as well as support for Microsoft Passport single sign-in (SSI)
service.
The Reference Architecture application (ConsolidatedRetail.com) displays the
Passport Sign In button immediately below the Logon button.
A user who has a Passport account can choose to click the Passport Sign In button
and use Passport’s standard authentication steps to log on to the site. After the
authentication process completes, the user is redirected to ConsolidatedRetail.com.
If the user is new to the Reference Architecture application, the application creates a
profile for that user and stores it in its Commerce Server 2000-based profile store.
After the profile is created, the user is logged on to the Reference Architecture’s
authentication system.
After logon, the Reference Architecture application manages a Passport user as it
does any other user, except that a search for the user’s public lists does not reveal
his or her user name. This is because Passport participant sites have guaranteed
access to the user’s Pairwise Unique ID (PUID) but not to any other user identifica-
tion information, such as a name. (The PUID is the 64-bit unique user ID used by
the Passport service.) The Reference Architecture application does not display a
user’s PUID.
Note that the Reference Architecture uses Passport in Test mode. Certain Passport
features behave differently in Passport Test mode than in Production mode. In the
following description, these differences are noted when relevant.
Note also that the Reference Architecture does not provide a log off feature; there-
fore, ConsolidatedRetail.com does not display a Passport Sign Out button.
Passport authentication requires modifications to the schema as well as new code to
implement the authentication process. To modify the schema, the logon_name
profile property is set to the PUID.
Support for Passport is incorporated in the following Reference Architecture files:
● include/Common.asp – This file Initializes the Passport Manager and determines
when to display the Passport Sign In button.
● _processPassportLogin.asp – This file retrieves the user’s PUID and e-mail ad-
dress and determines whether the user has a Reference Architecture application
user profile.
● include/UI_layout-ie5.xsl – The mspassport XSL template in this file displays the
Passport Sign In button.
IT-EBOOKS.DIRECTORY
Passport authentication involves the following steps:

1. The include/Common.asp file contains code that initializes the Passport Man-
ager object. It also contains code that determines when to display the Passport
Sign In button on the left side of a page and on the Logon page. The
GetPassportLogo function determines the display of the Passport Sign In
button. GetPassportLogo is called only if the user is anonymous. The operations
in GetPassportLogo performs the following tasks:
a. It obtains the session expiration time from the Commerce Server 2000 Appli-
cation Default Configuration options variable, i_FormLoginTimeOut.
b. It calls the IsAuthenticated method of the Passport Manager object.
IsAuthenticated checks whether the user is still signed in to Passport, but has
timed out of the Reference Architecture. In this case, the user is logged on
automatically to the Reference Architecture application.
2. Next, the code determines whether the user signed in using the Passport Auto-
matic Sign In facility. If the user did sign in to Passport automatically, he or she is
logged on to the Reference Architecture, using the following code:
If PassportManager.HasTicket then
If PassportManager.HasSavedPassword Then
Server.Execute(PassportReturnPage)
Exit Sub
End If
End If
When Passport runs under Test mode, certain Passport cookies are not removed
when the user’s session times out or when the user closes the browser. If not
removed, these cookies generate a Passport Sign Out button rather than a
Passport Sign In button the next time the user accesses the site. To resolve this
issue, the code removes these cookies so that the Passport Sign In button can
display. (Typically, these cookies are deleted using a log off page. However,
because the Reference Architecture does not provide a log off page, the cookies
must be deleted by the same page that contains the Passport Sign In button.)
To ensure that the cookie deletion code is not called when it isn’t needed, the
code is enclosed in an appropriate conditional statement:
If PassportManager.HasTicket then
.
.
.
End If
3. The code uses the LogoTag() method of the Passport Manager object to display
the Passport Sign In button, which is appropriately inserted into the outgoing
XML stream.
IT-EBOOKS.DIRECTORY
4. After the user successfully logs on, Passport redirects the user to
ProcessPassportLogin.asp. This page retrieves the user’s PUID and e-mail
address and determines whether the user has a Reference Architecture applica-
tion user profile. If not, it uses the PutUserObject function to create the user
profile. A Passport user’s profile is distinguished from non-Passport user profiles
because it has an empty password. After creating the profile, the user is logged
on to the Reference Architecture application, and then redirected to an appropri-
ate page.
Retrieving and Updating Profile Information

The site allows a user to access, view, and edit his or her profile information from
numerous pages. Each page uses similar code to update fields in the user’s profile;
therefore, this chapter discusses only the UserProfile.pasp page in detail. You may
want to examine the code in EditAddressBook.pasp and ChangePasswd.pasp,
which perform similar functions.
Note: The ConsolidatedRetail.com site does not make any provisions for deleting or removing
expired or stale user information. If you use the Commerce Server 2000 Business Desk to
delete a user, that user’s personal information may be persisted in the site databases. This
information includes, but is not limited to, addresses, credit card numbers, and order history.
You will need to add functionality or processes to delete that information if your business rules
so dictate.
The UserProfile.pasp page contains a form that allows a user to view and change
the profile values for first name, last name, e-mail address, phone, and fax number.
It is similar in design to the Registration.pasp page discussed earlier, and it contains
code to perform the following tasks:
1. Check the ProcessAction query string value.
● If the query string value is EditUserObject, then the page has posted the form
contents to itself and the profile must be updated. Go to Step 2.
● If the query string value is not EditUserObject, there are no changes to the
profile. Go to Step 4.
2. Retrieve the form values from the query string.
3. Pass the form values to the PutUserObject function in Profile.asp.
4. If the form values are not saved successfully or there are no changes to the
profile (that is, the query string value is not EditUserObject), format the existing
profile values as XML.
As explained earlier, the PutUserObject function is used to register a new user when
a user name is passed to it. If no user name is passed, then the function assumes that
the user already exists and attempts to update the data in the existing profile.
IT-EBOOKS.DIRECTORY
To access the profile, PutUserObject uses the GetUserID function in Common.asp

to retrieve the current user’s ID from the authentication ticket, as follows:
Function GetUserID()
Dim objMSCSAuthMgr 'Authentication Manager
Dim strUser_ID ' user id retrieved from the
' authentication manager
' Instantiate and initialize AuthManager object.

Set objMSCSAuthMgr = _
Server.CreateObject(mc_strAuthManager)
Call objMSCSAuthMgr.Initialize _
(Application("MSCSDictConfig").s_SiteName)
strUser_ID = Null
' If user has authenticated and auth ticket hasn't

' timed out
If objMSCSAuthMgr.IsAuthenticated Then
' grab the unique logon id they authenticated to.
strUser_ID = _
objMSCSAuthMgr.GetUserID(mc_bytAuthTicketType)
' otherwise, If they're browsing anonymously

Else
' get profile user id, which is a GUID.
' If the getuserid method return a empty string
' convert the string to Null
strUser_ID = _
objMSCSAuthMgr._
GetUserID(mc_bytProfileTicketType)
If not isNull(strUser_ID) Then
If len(trim(strUser_ID)) = 0 Then
strUser_ID = Null
End If
End If
End If
' return the new GUID or their current authenticated

' username
GetUserID = strUser_ID
Set objMSCSAuthMgr = Nothing
End Function
To retrieve the user profile, the code in the PutUserObject function in Profile.asp
uses the GetProfileByKey method of the ProfileService object:
Set objMSCSProfile = Application("MSCSProfileService").GetProfilebyKey( _
mc_strUser_ID, strUserID, mc_strUserObject, blnReturnCode)
IT-EBOOKS.DIRECTORY
Finally, the code updates the profile fields for the user:
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
mc_strFirst_Name) = strFirstName
mc_strLast_Name) = strLastName
mc_strEmail_Address)= strEmailAddress
mc_strTel_Number) = strTelNumber
mc_strWork_Number) = strWorkNumber
mc_strWork_Extension) = strWorkExtension
objMSCSProfile.Fields(mc_strProfileSystem).Value( _
mc_strDate_Last_Changed) = Now
objMSCSProfile.Update
If the profile was not updated (that is, the ProcessAction query string was not set to
EditUserObject) or the attempt to update the profile was unsuccessful, then the
code in UserProfile.pasp calls the GetUserObjectXML procedure to render the
entire user profile as XML (only the fields referenced in UserProfile-IE5.xsl are
actually displayed, but the style sheet could be modified to show additional profile
information without changing this code). The GetUserObjectXML procedure uses
the GetProfileByKey method of the ProfileService object to retrieve the user’s
profile. Then the XML helper routines in include/Common.asp are used to render
the data.
The GetUserObjectXML routine (located in Profile.asp) contains code similar to the
following:
Sub GetUserObjectXML()
Dim objMSCSProfile
Dim strUserID
Dim Field
Dim Group
Dim blnReturnCode
If Not IsNull(strUserID) Then
' initialize profile service & connect to profile store using specified
' schema
If Not Application("MSCSProfileService") Is Nothing Then
' use profile service to retrieve profile object for user, and assign
' that object to function's return value
Set objMSCSProfile = Application("MSCSProfileService") _
.GetProfilebyKey(mc_strUser_ID, GetUserID, _
IT-EBOOKS.DIRECTORY
If Not objMSCSProfile Is Nothing Then
Call XMLBegTag(c_strProfile)
For Each Group In objMSCSProfile.Fields
Call XMLBegTag(Group.Name)
For Each Field In Group.value
If Field.Name <> PASSPORT_DEFINATION Then
Call XMLTag(Field.Name, Field.Value)
End If
Next
Call XMLEndTag(Group.Name)
Next
Call XMLEndTag(c_strProfile)
End If
End If
End If
End Sub
UserProfile.pasp produces the following XML output:

<?xml-stylesheet type="text/xsl" server-config="UserProfile-Config.xml"
href="UserProfile-IE5.xsl"?>
<page pagename="UserProfile.pasp">
<httphost>MYCOMP%3A85</httphost>
<profilemenu/>
<pagemode/>
<validate><maxlengthname>15</maxlengthname>
<validateitem><functionname>CheckName</functionname>
<fieldname>txtFirstName</fieldname>
<errormessage>Please enter a valid first name.</errormessage>
</validateitem>
<maxlengthname>15</maxlengthname>
<validateitem><functionname>CheckName</functionname>
<fieldname>txtLastName</fieldname>
<errormessage>Please enter a valid last name.</errormessage>
</validateitem>
<maxlengthemail>40</maxlengthemail>
<validateitem><functionname>CheckEmail</functionname>
<fieldname>txtEmailAddress</fieldname>
<errormessage>Please enter a valid email address.</errormessage>
</validateitem>
<maxlengthphonefax>14</maxlengthphonefax>
<validateitem><functionname>CheckPhoneFaxNumber</functionname>
<fieldname>txtTelNumber</fieldname>
<errormessage>Please enter a valid phone number.</errormessage>
</validateitem>
<validateitem><functionname>CheckPhoneFaxNumber</functionname>
<fieldname>txtWorkNumber</fieldname>
IT-EBOOKS.DIRECTORY
<errormessage>Please enter a valid fax number.</errormessage>

</validateitem>
</validate>
<userobject><accountinfo><org_id/>
<account_status>1</account_status>
<user_catalog_set/>
<date_registered>8/28/2001 5:53:00 PM</date_registered>
</accountinfo>
<advertising><campaign_history/>
</advertising>
<businessdesk><partner_desk_role/>
</businessdesk>
<generalinfo><user_id>{AD855214-144A-432B-A03C-7F6F261B64EF}</user_id>
<logon_name>Kim</logon_name>
<email_address>KimAbercrombie@someservice.net</email_address>
<user_type>1</user_type>
<user_title/>
<last_name>Abercrombie</last_name>
<first_name>Kim</first_name>
<tel_number>555-555-5555</tel_number>
<tel_extension/>
<fax_number>555-555-5555</fax_number>
<fax_extension/>
<user_id_changed_by/>
</generalinfo>
<profilesystem><date_last_changed>8/28/2001 5:54:58 PM</date_last_changed>
<date_created>8/28/2001 5:52:23 PM</date_created>
</profilesystem>
</userobject>
<notpassportuser/>
<getcatalogsforuser><selectiontitle>Browse Catalogs:</selectiontitle>
<catalog>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
</catalog>
<catalog>
<catalogname>Hardware</catalogname>
<catalognameurl>Hardware</catalognameurl>
</catalog>
</getcatalogsforuser>
<profile auth="auth"/><exceptions></exceptions>
</page>
The ConsolidatedRetail.com site provides effective profile functionality and demon-

strates the basic techniques for creating, retrieving, and updating user profile
information. You could extend this functionality to creating custom profile proper-
ties by using the Commerce Server Manager, and you could use the profile informa-
tion to personalize the site for individual users. For more information about using
Commerce Server 2000 profiling functionality, refer to the Commerce Server 2000
documentation.
IT-EBOOKS.DIRECTORY
Product Catalogs
One of the most important aspects of implementing an e-commerce site is providing
an easy way for customers to browse the catalogs. The ConsolidatedRetail.com site
does this in four ways:
● Catalogs are always listed in the user interface.
● Users can browse through hierarchically organized categories.
● Users can search all or some of the catalogs for a particular string.
● Users can browse through the product detail pages in a single catalog or in a
search result (wizard browsing).
Catalog Access
There may be catalogs for which limited access is appropriate. To require authenti-
cation for access to a specific catalog, you can use the Business Desk to specify that
user authentication is required. Thereafter, each time a user attempts to browse,
search, or use a list to view products in a restricted catalog, the Reference Architec-
ture application checks to see that the user is authenticated and has access to that
catalog. (To prevent performance degradation, this validation process uses the
CatalogsetId and CatalogSetCache.) The Reference Architecture code performs this
validation when a user attempts to access the following pages:
● Public or private Shopping List
● Save for Later basket
● Product detail page
● Category browse page
● Search results
● Advanced search results
Code to enable this validation appears in the following files:

● Include/Basket.asp
● Include/Site_Const.asp
● Xml/rc.xml
● _additem.asp
● _additemsfromlist.asp
● _moveitemsfromsfl.asp
● Basket.asp
● Category.pasp
● Product.pasp
● StepSearch.pasp
IT-EBOOKS.DIRECTORY
The catalogs available to the current user are always listed in the left pane of the user
interface. This is achieved by including the code to determine the available catalogs
and display them in the PageEnd procedure in Common.asp, as described next:
1. Retrieve a list of catalogs based on user type by checking the constant for
CatalogSetCache, which identifies the catalog set assigned to the user:
Sub PageEnd()
Dim strOut
strOut = CachedFragmentLookup( CATALOGSET_CACHE , GetDefaultCatalogSet() )
Response.Write strOut
2. Call GetDefaultCatalogSet, which returns the registered default catalog set for
an authenticated, registered user or the anonymous default catalog set for all
other users. To confirm the user’s authentication credentials, instantiate and
initialize an AuthManager object:
GetDefaultCatalogSet()
Dim objMSCSAuthMgr
Set objMSCSAuthMgr = Server.CreateObject(mc_strAuthManager)
Call objMSCSAuthMgr.Initialize(Application("MSCSDictConfig").s_SiteName)
3. If the user is authenticated, and the authentication ticket has not timed out,
retrieve the catalog set assigned to that user.
If objMSCSAuthMgr.IsAuthenticated() Then
'DefaultRegisteredCatalogSet
GetdefaultCatalogSet = Application("MSCSDictConfig").
s_AuthenticatedUserDefaultCatalogSet
4. Otherwise, retrieve the catalog set for anonymous users, and clear the
AuthManager object.
Else
'DefaultAnonymousCatalogSet
GetDefaultCatalogSet = Application("MSCSDictConfig").s_
AnonymousUserDefaultCatalogSet
End If
Set objMSCSAuthMgr = Nothing
End Function
When the XML produced by this code is rendered using the UI_layout-IE5.xsl style
sheet, the resulting Web page displays the name of each catalog in the catalog set as
a link to Category.pasp. The XML fragment generated looks like the following:
<catalog>
</catalog>
<catalog>
IT-EBOOKS.DIRECTORY
</catalog>
Browsing the Catalogs

The catalogs in the ConsolidatedRetail.com site are implemented as hierarchical
structures. Two catalogs, called books and hardware, each contain several categories.
The books catalog also contains a layer of sub-categories. Products can be stored in
any level of the catalog.
The page used to browse the catalog data in the ConsolidatedRetail.com site is
Category.pasp. The page can be used in one of two modes: root-level mode and
category mode. In root-level mode, the page retrieves the products and categories
from the root of the specified catalog. In category mode, the page retrieves the
products, sub-categories, and parent categories from the specified category.
The page contains code to perform the following tasks:
1. Use the MSCSAppFrameWork object to retrieve the txtCatalog and txtCategory
values passed in the request string. If no txtCatalog value is found, the page
redirects the user to Index.pasp.
2. Call PageStart to generate the XML header for the page.
3. Retrieve the ProductCatalog object for the specified catalog from the
MSCSCatalogManager application variable, and write the catalog name into a
<searchscope> XML element.
4. Render the properties of the catalog as XML. This allows properties such as the
catalog name to be rendered in the user interface.
5. Determine whether or not a category name was passed in the request string. If
no category name was specified, then the page retrieves the categories and
products from the root of the catalog and formats them as XML. If a category
was provided, then the page retrieves the data from that category and formats it
as XML.
6. Call the PageEnd procedure to close the XML document.
Before using the Commerce Server Catalog objects to retrieve catalog information,
the page uses the following code to create a <searchscope> element:
Call XMLTag(c_strSearchScope, strCatalogName)
The UI_layout-IE5.xsl style sheet uses this element to pass the current catalog name
to the search functionality, thus scoping the search. (The search functionality is
described in detail later in this chapter.)
IT-EBOOKS.DIRECTORY
The actual catalog data is retrieved using a hierarchy of Commerce Server automa-
tion objects. At the top of the hierarchy is the CatalogManager object, which is used
for all programmatic access to the catalog system. The CatalogManager object
contains ProductCatalog objects, which represent the catalogs in the site. In
Category.pasp¸ the GetCatalog method of the MSCSCatalogManager application-
level variable is used to retrieve the specified catalog as shown in the following
code snippet:
Set objMSCSPrdCat = Application("MSCSCatalogManager"). _
GetCatalog(strCatalogName)
The properties of a ProductCatalog object can be retrieved as an ActiveX® Data

Objects (ADO) recordset by using the GetCatalogAttributes method. The code in
Category.pasp uses this method and passes each row in the recordset to the
GetXMLFromRSWithDsplyNm routine in Common.asp, which formats the row
as XML:
Set rsProperties = objMSCSPrdCat.GetCatalogAttributes
If Not (rsProperties.EOF And rsProperties.BOF) Then
strOut = strOut & XMLBegTagEx(c_strGetCatalogAttributes)
Do While Not rsProperties.EOF
'get xml version of recordset row
strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProperties)
rsProperties.MoveNext
Loop
If IsNull(strCategoryName) Then
strOut = strOut & XMLTagEx("currentcatagoryname", "")
Else
strOut = strOut & XMLTagEx("currentcatagoryname", strCategoryName)
End If
strOut = strOut & XMLEndTagEx(c_strGetCatalogAttributes)
End if
This results in an XML fragment with the following format:

<getcatalogattributes>
<locale>8</locale>
<localeurl>8</localeurl>
<startdate>12/8/1999</startdate>
<startdateurl>12%2F8%2F1999</startdateurl>
<enddate>12/8/2006</enddate>
<enddateurl>12%2F8%2F2006</enddateurl>
<variantid>ISBN</variantid>
<variantidurl>ISBN</variantidurl>
<productid>Title</productid>
<productidurl>Title</productidurl>
<currency>USD</currency>
IT-EBOOKS.DIRECTORY
<currencyurl>USD</currencyurl>
<weightmeasure>lbs</weightmeasure>
<weightmeasureurl>lbs</weightmeasureurl>
<catalogid>1</catalogid>
<catalogidurl>1</catalogidurl>
<customcatalog>False</customcatalog>
<customcatalogurl>False</customcatalogurl>
<freetextindexcreated>6/7/2001 11:23:01 AM</freetextindexcreated>
<freetextindexcreatedurl>6%2F7%2F2001+11%3A23%3A01+AM
</freetextindexcreatedurl>
<producttableupdated>6/7/2001 11:22:17 AM</producttableupdated>
<producttableupdatedurl>6%2F7%2F2001+11%3A22%3A17+AM
</producttableupdatedurl>
<currentcategoryname></currentcategoryname>
</getcatalogattributes>
A recordset object is also used to represent the categories in the root of a catalog.
The RootCategories method is used to retrieve this as shown in the following code
snippet from Category.pasp (note the use of the Fields collection property to re-
trieve a named data field from the recordset):
Set rsCategories = objMSCSPrdCat.RootCategories
If Not (rsCategories.EOF And rsCategories.BOF) Then
strOut = strOut & XMLBegTagEx(c_strRootCategories)
Do While Not rsCategories.EOF
strOut = strOut & XMLBegTagEx(c_strRootCategory)
strOut = strOut & XMLTagWithDsplyNmEx("catalogname",
objMSCSPrdCat.catalogname)
strOut = strOut & XMLTagWithDsplyNmEx("catalognameurl",
Server.URLEncode(objMSCSPrdCat.catalogname))
strOut = strOut & XMLTagWithDsplyNmEx("categoryname",
rsCategories.fields("CategoryName").value)
strOut = strOut & XMLTagWithDsplyNmEx("categorynameurl",
Server.URLEncode(rsCategories.fields("CategoryName").value))
strOut = strOut & XMLEndTagEx(c_strRootCategory)
rsCategories.MoveNext
Loop
This produces an XML fragment, similar to the following:

<rootcategories>
<rootcategory>
<categoryname>Business Software</categoryname>
<categorynameurl>Business+Software</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Development Tools</categoryname>
IT-EBOOKS.DIRECTORY
<categorynameurl>Development+Tools</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Featured Products</categoryname>
<categorynameurl>Featured+Products</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Games</categoryname>
<categorynameurl>Games</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Hardware</categoryname>
<categorynameurl>Hardware</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Home Productivity</categoryname>
<categorynameurl>Home+Productivity</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Internet Products</categoryname>
<categorynameurl>Internet+Products</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Operating Systems Servers</categoryname>
<categorynameurl>Operating+Systems++Servers</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Reference</categoryname>
<categorynameurl>Reference</categorynameurl>
</rootcategory>
<selectiontitle>Browse Categories:</selectiontitle>
</rootcategories>
Similarly, a recordset containing products in the root of a catalog can be retrieved

using the RootProducts method:
Set rsProducts = objMSCSPrdCat.RootProducts
IT-EBOOKS.DIRECTORY
XML similar to the following is generated for each product in the rsProducts
recordset:
<product>
<oid>64</oid>
<definitionname>SDKBook</definitionname>
<cy_list_price displayname="Price">19.99</cy_list_price>
<originalprice displayname="Your Price">19.99</originalprice>
<i_classtype>4</i_classtype>
<parentoid>-1</parentoid>
<productid>
Microsoft Age of Empires II: The Age of Kings: Inside Moves
</productid>
<variantid/>
<title displayname="Title">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</title>
<isbn displayname="ISBN">0-7356-0513-0</isbn>
<description>Master all the vital strategic gambits, tips, and tricks for
winning with this official guide to the exciting new version of Microsoft Age of
Empires! MICROSOFT AGE OF EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
survive and thrive in the thousand years from the fall of Rome to the Middle
Ages.</description>
<image_filename>boxshots/press/2388.gif</image_filename>
<image_height>120</image_height>
<image_width>120</image_width>
<author displayname="Author">Microsoft Corporation</author>
<name displayname="Name">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</name>
<pagecount displayname="No. Pages">280</pagecount>
<producturl displayname="Product Info. Url">a href=http://mspress.microsoft.com/
prod/books/2388.htm target =_a http://mspress.microsoft.com/prod/books/2388.htm
/a</producturl>
<publication_year displayname="Year published">1999</publication_year>
<publisher displayname="Publisher">Microsoft Press</publisher>
<reading_level displayname="Reading Level:">All Levels</reading_level>
</product>
If your code needs to delve deeper into the catalog and retrieve the contents of one
of the categories, you can use a Category object. The Category.pasp page uses a
Category object to access the contents of a specified category. The object is instanti-
ated using the GetCategory method of the ProductCatalog object, as shown in the
following code snippet:
Set objMSCSCategory = _
objMSCSPrdCat.GetCategory(strCategoryName)
IT-EBOOKS.DIRECTORY
You can retrieve the products in a category as a recordset by using the Products
property:
Set rsProducts = objMSCSCategory.products
The Category object also provides a ChildCategories property for retrieving a

recordset of sub-categories and a ParentCategories property for returning a record-
set of the parent level of categories.
You can use the Commerce Server Business Desk to create relationships between
categories and products in a product catalog, regardless of their location in the
hierarchy. The Category object provides RelatedCategories and RelatedProducts
properties to retrieve recordsets containing these. You can see examples of the use
of all of these objects in Category.pasp.
Viewing a Product
The style sheet used to render the catalog data generates HTML, so that when a
user clicks the Get Details link for a particular product, the Product.pasp page is
requested. This page displays data specific to the selected product.
The code in Product.pasp begins very similarly to Category.pasp. It checks the
request string to retrieve the catalog, product ID, and optional product variant
values, and then redirects the user to Index.pasp if the catalog or product ID param-
eters are missing. Then it calls PageStart to begin generating the XML for the page.
The code begins to get interesting when a Commerce Server Product object is
retrieved from the Catalog object by using the GetProduct method:
Set objMSCSPrd = objMSCSPrdCat.GetProduct(strProductID)
You can retrieve the properties of the product, such as its name and price, in a
recordset object by using the GetProductProperties method:
Set rsProduct = objMSCSPrd.GetProductProperties
Products in a Commerce Server catalog support variants (such as color or size). You
can retrieve the list of variants for a particular product as a recordset by using the
Variants property. Additionally, you can retrieve any related products or categories
by using the RelatedProducts and RelatedCategories properties, which allow links
to be created for cross-selling opportunities. These properties are all used in the
Product.pasp page to produce the XML data for the product, a fragment of which is
shown in the following code:
IT-EBOOKS.DIRECTORY
<getproduct>
<product>
<definitionnameurl>SDKBook</definitionnameurl>
<cy_list_priceurl>19%2E99</cy_list_priceurl>
<originalpriceurl.19%2E99</originalpriceurl>
<i_classtypeurl>4</i_classtypeurl>
<productid>Microsoft Age of Empires II: The Age of Kings: Inside Moves</
productid>
<productidurl>Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings:+Inside Moves</
productidurl>
<variantid/>
<authorurl>Microsoft+Corporation</authorurl>
Ages.</description>
<descriptionurl>Master+all+the+vital+strategic+gambits%2C+tips%2C+and+
tricks+for+winning+with+this+official+guide+to+the+exciting+new+version+of+
Microsoft+Age+of+Empires%21+MICROSOFT+AGE+OF+EMPIRES+II%3A+AGE+OF+KINGS%3A+INSIDE+
MOVES+shows+you+how+to+survive+and+thrive+in+the+thousand+years+from+the+fall+of+Rome+
to+the+Middle+Ages%2E</descriptionurl>
<image_filenameurl>boxshots%2Fpress%2F2388%2Egif</image_filenameurl>
<image_heighturl>120</image_heighturl>
<image_widthurl>120</image_widthurl>
<isbnurl>0%2D7356%2D0513%2D0</isbnurl>
Moves</name>
<nameurl>Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
</nameurl>
<pagecounturl>280</pagecounturl>
<producturl displayname="Product Info. Url">
a href=http://mspress.microsoft.com/prod/books/2388.htm target =_a http://
mspress.microsoft.com/prod/books/2388.htm /a</producturl>
producturlurl> a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod%2Fbooks%
2F2388%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod%
2Fbooks%2F2388%2Ehtm+%2Fa </producturlurl>
<publication_yearurl>1999</publication_yearurl>
<publisherurl>Microsoft+Press</publisherurl>
IT-EBOOKS.DIRECTORY
<reading_levelurl>All+Levels</reading_levelurl>
<title displayname="Title">Microsoft Age of Empires II: The Age of Kings:
Inside Moves</title>
<titleurl>
Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves</titleurl>
</product>
</getproduct>
Depending on the user’s request, the XML is then rendered using the appropriate
XSL style sheet.
● If the user’s request returns a category of products, the Category-IE5.xsl style
sheet is used. The category page uses the productvariant/productfamily tem-
plate to display product variants, as shown in the following code sample:
<xsl:template match="productvariant | productfamily">
<tr>
<td colspan="5" class="menu-text">
Family:
<a>
<xsl:attribute name="href">Product.pasp?txtCatalog=<xsl:value-of
select="catalogname" />&txtCategory=<xsl:value-of select="//
getcategoryproperties/category/categoryname" />&txtProductID=<xsl:value-of
select="productidurl" />&isVariant=1</xsl:attribute>
<xsl:value-of select="name" disable-output-escaping="yes"/> —
<xsl:value-of select="description" disable-output-escaping="yes"/>
</a>
</td>
</tr>
<tr>
<td colspan="5" bgcolor="#CCCCCCC"/>
</tr>
</xsl:template>
● If the user’s request returns one or more products, the Product-ie5.xsl style sheet
is used. The product page uses the productvariant/productfamily template and
the variant template to display product variants, as shown in the following code
sample:
<tr>
<xsl:value-of select="name" disable-output-escaping="yes"/>
</td>
</tr>
<tr>
<td colspan="3">
</td>
</tr>
IT-EBOOKS.DIRECTORY
<tr>
<td>
<img id="picture1" alt="{productid}" src="{image_filename}"/>
</td>
<td>
</td>
<td class="content-text">
<table border="0">
<tr>
<td align="right" class="menu-text">
price:
</td>
<td class="menu-text-orange">
$<xsl:value-of select="format-number(cy_list_price, '0.00')"/>
</td>
</tr>
<form method="post" name="frmOrder" action="_additem.asp">
<tr>
<td colspan="2">
<input type="hidden" name="txtProductID" value="{productid}"/>
<input type="hidden" name="txtCategory" value="{//categoryname}"/>
<input type="hidden" name="txtCatalog" value="{catalogname}"/>
<input type="hidden" name="isVariant" value="1"/>
</td>
</tr>
<tr>
<td align="right" class="menu-text">
qty:
</td>
<td>
<input type="text" name="txtQty" value="1" maxlength="3"
class="textbox" size="2"/>
</td>
</tr>
<tr>
<td colspan="2" align="center">
<xsl:apply-templates select="variants"/>
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="image" value="submit" src="images/addtocart.gif"
alt="add to shopping cart" border="0"/>
<xsl:if test="/page/showlists">
<br/><a href="#stayhere"><img src="images/addtolistwt.gif"
alt="add to shopping list" border="0"
onclick="javascript:open_list('{productidurl}', '{catalogname}',
'{categoryname}', document.frmOrder.txtQty.value ,
document.frmOrder.txtVariantID);"/></a>
<br/><a href="javascript:save_list('{productid}',
'{catalogname}', '{categoryname}',
document.frmOrder.txtQty.value,document.frmOrder.txtVariantID);"><img
IT-EBOOKS.DIRECTORY
src="images/saveforlater.gif" alt="save for later" border="0" /></a>

</xsl:if>
</td>
</tr>
</form>
<xsl:if test="(//a_noofitems)">
<tr>
<td class="menu-text" align="center" colspan="2">
<label class="basket-visualcue">Item added</label>
</td>
</tr>
<tr>
<td align="center" colspan="2"><label class="basket-visualcue-
msg">(<xsl:value-of select="//a_noofitems"/> items in shopping cart)</label></
td>
</tr>
</xsl:if>
</table>
</td>
</tr>
<tr>
About the <xsl:value-of select="catalogname"/>
</td>
</tr>
<tr>
<td colspan="3" height="1" bgcolor="#cccccc"/>
</tr>
<tr>
<td colspan="3" class="content-text">
<br/>
<xsl:value-of select="benefits" disable-output-escaping="yes"/>
<p><xsl:value-of select="features" disable-output-escaping="yes"/></p>
</td>
</tr>
<form method="post" action="./Product.pasp" name="frmProduct">
<xsl:if test="/page/predictioninfo">
<tr>
<input type="hidden" name="txtProductID" value=""/>
<input type="hidden" name="txtCategory" value=""/>
<input type="hidden" name="txtCatalog" value=""/>
</tr>
<tr>
<td class="content-text">
<xsl:if test="count(/page/predictioninfo/prediction) > 1">
<br/> If you are interested in this product, you may also be interested
in these <xsl:value-of select="count(/page/predictioninfo/prediction)"/> items.
</xsl:if>
<xsl:if test="count(/page/predictioninfo/prediction) = 1">
<xsl:if test="/page/predictioninfo/prediction/predictionprodid != /page/
IT-EBOOKS.DIRECTORY
productid">
<br/> If you are interested in this product, you may also be inter-
ested in this 1 item.
</xsl:if>
</xsl:if>
</td><br/>
</tr>
<tr>
<td>
<xsl:for-each select="/page/predictioninfo/prediction">
<xsl:if test="predictionprodid != /page/productid">
<a
href="javascript:document.frmProduct.txtProductID.value='{predictionprodid}';
document.frmProduct.txtCatalog.value='{predictioncategory}';document.frmProduct
.submit()">
<br/>
<xsl:value-of select="name" disable-output-escaping="yes"/>
</a>
</xsl:if>
</xsl:for-each>
</td>
</tr>
</xsl:if>
</form>
</table>
<table>
<tr align="center">
<xsl:choose>
<xsl:when test="/page/previous">
<form method="get" action="./Product.pasp" name="frmPrevious">
<td width="250">
<a href="javascript:document.frmPrevious.txtProductID.value='{/
page/previous/productid}';document.frmPrevious.txtCatalog.value='{/page/
previous/catalogname}';document.frmPrevious.txtCategory.value='{/page/
categoryname}';document.frmPrevious.submit()">
<img border="0" src="images/previous.gif"/>
</a>
</td>
</form>
</xsl:when>
<xsl:otherwise>
<td width="250">
<img src="images/spacer.gif"/>
</td>
</xsl:otherwise>
</xsl:choose>
<td width="200">
</td>
<xsl:choose>
IT-EBOOKS.DIRECTORY
<xsl:when test="/page/next">
<form method="get" action="./Product.pasp" name="frmNext">
<td width="250">
<a href="javascript:document.frmNext.txtProductID.value='{/page/next/
productid}';document.frmNext.txtCatalog.value='{/page/next/
catalogname}';document.frmNext.txtCategory.value='{/page/
categoryname}';document.frmNext.submit()">
<img border="0" src="images/next.gif"/>
</a>
</td>
</form>
</xsl:when>
<xsl:otherwise>
<td width="250">
</td>
</xsl:otherwise>
</xsl:choose>
</tr>
</table>
</xsl:template>
.
.
.
<xsl:template match="variants">
<table border='1' cellspacing='0' cellpadding='5' class="menu-text">
<th align="center">
<xsl:for-each select="displaynames/displayname">
<td>
<xsl:value-of select="."/>
</td>
</xsl:for-each>
</th>
<xsl:for-each select="v_product">
<tr align="center">
<td>
<xsl:if test="not (/page/variantid)">
<xsl:choose>
<xsl:when test="position()=1">
<input type="radio" name="txtVariantID" value="{varid}"
checked="checked"/>
</xsl:when>
<xsl:otherwise>
<input type="radio" name="txtVariantID" value="{varid}"/>
</xsl:otherwise>
</xsl:choose>
</xsl:if>
<xsl:if test="(/page/variantid)">
<xsl:choose>
IT-EBOOKS.DIRECTORY
<xsl:when test="./varid=/page/variantid">
<input type="radio" name="txtVariantID" value="{varid}"
checked="checked"/>
</xsl:when>
<xsl:otherwise>
<input type="radio" name="txtVariantID" value="{varid}" />
</xsl:otherwise>
</xsl:choose>
</xsl:if>
</td>
<xsl:for-each select="value">
<td>
<xsl:value-of select="."/>
</td>
</xsl:for-each>
</tr>
</xsl:for-each>
</table>
</xsl:template>
Navigating the Product Detail Pages

The Product.pasp pages include Next and Previous buttons, which allow the user
to move from one product detail page to the next and back again. The code imple-
ments this functionality as follows.
1. Determine if there are next and/or previous products in the category, and if so,
assign a product identifier to them:
If Not IsNull(strCategoryName) Then
Set objMSCSPrdCat =
Application("MSCSCatalogManager").GetCatalog(strCatalogName)
If Not (objMSCSPrdCat Is Nothing) Then
Set objMSCSCategory = objMSCSPrdCat.GetCategory(strCategoryName)
If Not (objMSCSCategory Is Nothing) Then
Set rsProducts = objMSCSCategory.Products
If Not (rsProducts Is Nothing) Then
rsProducts.Find "productid = #" & strProductID & "#"
2. If the user clicks the Previous button and this isn’t the first product in the record-
set, display the detail page for the product identified as the previous product:
rsProducts.MovePrevious
If Not (rsProducts.BOF) Then
strOut = strOut & XMLBegtagEx("Previous")
strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProducts)
strOut = strOut & XMLEndTagEx("Previous")
End If
IT-EBOOKS.DIRECTORY
3. If the user clicks the Next button and this isn’t the last product in the recordset,
display the detail page for the product identified as the next product:
rsProducts.MoveNext
rsProducts.MoveNext
If Not (rsProducts.EOF) Then
strOut = strOut & XMLBegtagEx("Next")
strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProducts)
strOut = strOut & XMLEndTagEx("Next")
End If
Note: The Category browse page displays products with variants at the end of the page. For
example, if the user displays the Featured Products category of the Hardware catalog, a
product with variants — such as the Microsoft IntelliMouse® with IntelliEye™ — is listed at the
end of the page. However, if a user clicks the Next or Previous button to display product
details, the product pages are displayed sequentially based on their product ID values.
For example, if a category contains five products that have product IDs of 1, 2, 3, 4, and 5, and
products 2 and 4 have variants, the Category browse page displays the products in the
following order: 1, 3, 5, 2, and 4 (products with variants are displayed at the end of the page).
If a user selects the product with product ID 1, clicks the Get Details button, and then clicks
the Next button, the next product to be displayed is product ID 2 (despite the fact that it has
variants).
Searching the Catalogs

In addition to providing pages that allow users to browse the catalogs, an effective
site also provides a search capability. In the ConsolidatedRetail.com site, users can
enter search criteria and search all catalogs or a single catalog for a specific product.
In addition, users can specify parameters, such as greater than (>), less than (<),plus
(+), and minus (-) in their search criteria.
The search functionality in Commerce Server 2000 can be used to search within the
current catalog or a catalog set based on the current user. The search functionality is
implemented in SearchResults.pasp, which contains code to perform the following
tasks:
1. Retrieve the search phrase, catalog, number of rows to return, and start position
parameters from the query string (assigning default values to the number of
rows and start position parameters as necessary and raising an exception if no
search phrase is supplied).
2. If no catalog is specified, retrieve a catalog set based on the current user’s profile.
3. Search either the specified catalog, or the list of catalogs in the user’s catalog set,
for the specified search phrase.
4. Render the search results as XML.
IT-EBOOKS.DIRECTORY
The actual code to search the catalogs uses the FreeTextSearch method of the
application-level MSCSCatalogManager object to retrieve the search results in a
recordset. This method accepts the following parameters:
● The search phrase or criteria
● A comma-delimited list of catalogs to search
● A comma-delimited list of properties that should be returned
● A list of properties on which to sort the results
● A Boolean value to indicate an ascending sort order
● A record number from which to start the search
● The number or rows to return
● An output parameter for the total number of rows actually returned
If the user doesn’t specify a catalog, the default catalog set for the current user
is retrieved as a recordset, and each catalog name is concatenated to a comma-
delimited string:
Set objCatalogSets = Server.CreateObject(mc_strCatalogSets)
Call objCatalogSets.Initialize _
(Application("MSCSDictConfig").s_CatalogConnectionString, _
Application("MSCSDictConfig").s_TransactionsConnectionString)
Set rsCatalogs = objCatalogSets.GetCatalogsForUser _
(Application("MSCSProfileService"), GetUserID & "", _
GetDefaultCatalogSet)
strCatalogsToSearch = ""
If Not (rsCatalogs.EOF And rsCatalogs.BOF) Then
Do While Not rsCatalogs.EOF
strCatalogsToSearch = strCatalogsToSearch & "," & _
rsCatalogs.Fields("CatalogName").Value & ""
rsCatalogs.MoveNext
Loop
strCatalogsToSearch = Trim(Mid(strCatalogsToSearch, 2))
End If
Alternatively, if a catalog has been specified, its name is simply assigned to the
strCatalogsToSearch variable:
strCatalogsToSearch = strCatalogName
Finally, the FreeTextSearch method is called:

Set rsProducts = Application("MSCSCatalogManager").FreeTextSearch(strSearchPhase,_
strCatalogsToSearch, iClassType, "CatalogName, CategoryName, DefinitionName,_
OriginalPrice, cy_list_price, i_ClassType, ProductID, Description,_
image_filename, image_width, image_height, Name", "i_ClassType, CatalogName",_
True, lngSearchStartPos, lngSearchRowToReturn, lngTotalRecordsInQuery)
IT-EBOOKS.DIRECTORY
The remaining code on the page simply formats the rows in the recordset returned
by FreeTextSearch as XML so that the XSL ISAPI application can render the search
results for presentation. The XML produced for the search results has the following
format:
<searchscope>Books</searchscope>
<searchstring>Age of Empires</searchstring>
<searchcount>4</searchcount>
<searchrowstoreturn>15</searchrowstoreturn>
<searchstartpos>1</searchstartpos>
<searchresults>
<book>
<productid>Microsoft Age of Empires II: The Age of Kings: Inside Moves</
productid>
Ages.</description>
Moves</name>
</book>
<!— Other results omitted for clarity —>
<selectiontitle>product(s) found for search criteria 'Age of Empires'.</
selectiontitle>
</searchresults>
Depending on the user’s request, the XML is then rendered using the appropriate
XSL style sheet.
● If the user uses the Search box to search by keywords, the SearchResults-IE5.xsl
style sheet is used. The search results page uses the productvariant/
productfamily template to display product variants, as shown in the following
code sample:
<tr>
Family:
<a>
select="catalogname" />&txtCategory=<xsl:value-of select="categorynameurl"
/>&txtProductID=<xsl:value-of select="productidurl" />&isVariant=1</
IT-EBOOKS.DIRECTORY
xsl:attribute>
</a>
</td>
</tr>
<tr>
</tr>
</xsl:template>
● If the user uses Advanced Search, the StepSearch-IE5.xsl style sheet is used. The
search results page uses the productvariant/productfamily template to display
product variants, as shown in the following code sample:
<tr>
Family:
<a>
select="catalogname" />&txtCategory=<xsl:value-of select="categorynameurl"
/>&txtProductID=<xsl:value-of select="productidurl" />&isVariant=1</
xsl:attribute>
</a>
</td>
</tr>
<tr>
</tr>
</xsl:template>
Adding a New Catalog

To add a catalog to the Reference Architecture application, follow the instructions
provided in Chapter 2 to import a catalog through Commerce Server 2000
Business Desk.
Shopping Basket Management

Like most business-to-consumer sites, ConsolidatedRetail.com uses the concept
of a shopping cart or basket to contain products that a user selects for purchase.
ConsolidatedRetail.com allows customers who log on as well as anonymous users
to add products to a shopping basket; however, anonymous users must log on
before checking out.
IT-EBOOKS.DIRECTORY
Adding Products to the Shopping Basket

When a user clicks the add to cart button on the product detail page, the product
and quantity information are posted to the _additem.asp page. Before redirecting
the user to the Basket.pasp page, where the contents of the shopping basket are
displayed, this page contains code to perform the following tasks:
1. Use the catalogset ID to confirm that the user can view and order the requested
item. (To prevent performance degradation, this validation step uses the
CatalogSetCache.)
2. Retrieve the category, product, variant, and catalog values posted in the query
string.
3. Validate the quantity value passed in the query string (if no quantity is passed,
then 1 instance of the item is added).
4. Load the user’s shopping basket into an OrderGroup object.
5. If the product is already listed in the shopping basket, add the specified quantity
to the existing entry; otherwise, create a new entry for this product.
6. Redirect the user to Basket.pasp.
The _additem.asp page calls the LoadBasket function in the Basket.asp include file
to retrieve an OrderGroup object containing the current user’s shopping basket.
The LoadBasket function looks like the following:
Function LoadBasket(strUserID)
Dim objMSCSOrderGroup
Set objMSCSOrderGroup = Server.CreateObject( _
mc_strOrderGroup)
Call objMSCSOrderGroup.Initialize(Application( _
"MSCSDictConfig").s_TransactionsConnectionString, _
strUserID)
Call objMSCSOrderGroup.LoadBasket()
Set LoadBasket = objMSCSOrderGroup
Set objMSCSOrderGroup = Nothing
End Function
Notice that an OrderGroup object is created and initialized by passing the transac-
tion connection string defined in the MSCSDictConfig application variable and the
current user’s user ID. (The user ID is obtained from the GetGuaranteedUserID
function in the Profile.asp include file, which returns an authenticated user ID for a
user who is logged on or a profile user ID for an anonymous user.)
Next the LoadBasket method of the OrderGroup object is called to retrieve the
contents of the shopping basket associated with the current user.
After loading the shopping basket, the code in _additem.asp searches the line items
in the shopping basket to find out if the requested product is already listed. If it is
IT-EBOOKS.DIRECTORY
already in the shopping basket, the specified quantity is added to the order, as
follows:
blnSkuMatched = False
'If there are line items
If objMSCSOrderGroup.Value("total_lineitems") > 0 Then
'loop through each one to look for a matching sku
For Each colItem in objMSCSOrderGroup.Value _
("OrderForms").Value("default").Items
If IsNull(strVariantID) Then
If (Trim(Cstr(colItem.product_id)) = _
Trim(Cstr(strProductID))) And _
IsNull(colItem.product_variant_id) Then
blnSkuMatched = True
Exit For
End If
Else
If (Trim(Cstr(colItem.product_id)) = Trim(Cstr(strProductID))) Then
If Not IsNull(colItem.product_variant_id) Then
If (Trim(Cstr(colItem.product_variant_id)) = Trim(Cstr(strVariantID)))_
Then blnSkuMatched = True
Exit For
End If
End If
End If
End If
Next
If blnSkuMatched Then
' item exist in basket, add new item quantity to existing item quantity
Dim intItemtotal
intItemtotal = colItem.Quantity + intProductQty
If intItemtotal > MAX_ITEM_QUANTITY Then
intItemtotal = MAX_ITEM_QUANTITY
End If
colItem.Quantity = intItemtotal
'Save the new basket

Call objMSCSOrderGroup.SaveAsBasket()
If the product is not already listed in the shopping basket, the code calls the
AddItemToBasket local function to add it. The AddItemToBasket function creates
a Dictionary object to represent the item, and then adds it to the shopping basket by
using the AddItem method of the OrderGroup object. Then the shopping basket is
saved by the SaveAsBasket method. The code for the AddItemToBasket function
resembles the following:
Function AddItemToBasket(objMSCSOrderGroup, strProductID, _
strCatalogName, intProductQty, strVariantID, strCategoryName)
Dim objMSCSProductDictionary
Dim strVariantIdName
Dim strVariantName
Dim strVariantValue
IT-EBOOKS.DIRECTORY
'create the product dictionary

Set objMSCSProductDictionary = Server.CreateObject(mc_strDictionary)
objMSCSProductDictionary.lineitem_uid = GenerateGUID()
objMSCSProductDictionary.product_id = strProductID
objMSCSProductDictionary.product_catalog = strCatalogName
objMSCSProductDictionary.Quantity = intProductQty
If Not IsNull(strVariantID) Then
Call GetProductVariantInfo(strCatalogName,strProductID,strVariantID,_
strVariantIdName,strVariantName,strVariantValue)
objMSCSProductDictionary.product_variant_id_name = strVariantIdName
objMSCSProductDictionary.product_variant_name = strVariantName
objMSCSProductDictionary.product_variant_value = strVariantValue
objMSCSProductDictionary.product_variant_id = strVariantID
End If
If Not IsNull(strCategoryName) Then
objMSCSProductDictionary.product_category = strCategoryName
End If
Call objMSCSOrderGroup.AddItem(objMSCSProductDictionary)
Set objMSCSProductDictionary = Nothing
End Function
Note that the item is added by creating a Dictionary object to represent it and
passing it to the AddItem method of the OrderGroup object representing the
shopping basket.
After the shopping basket is updated, the code in _additem.asp redirects the user to
Basket.pasp.
Viewing the Shopping Cart or Save for Later Basket

The user can view and edit the contents of the Shopping Cart or Save for Later
basket by using the Basket.pasp page. Basket.pasp contains code to perform the
following tasks:
1. Check for shopping basket integrity.
2. Retrieve the user’s user ID (from an authenticated ticket or an anonymous
profile ticket).
3. If the user’s shopping basket is not empty, use the PAGBasket pipeline to
retrieve the shopping basket information to be displayed.
4. Write the total line item count in an <totallineitems> XML tag.
5. Convert the shopping basket contents to XML using a Commerce Server
DictionaryXMLTransforms object and write it to the response.
The page loads the user’s shopping basket and checks to see if there are any prod-
ucts in it by using the following code:
Set objMSCSOrderGroup = LoadBasket(strUserID)
'Check to see if the basket has items
If Not IsBasketEmpty(objMSCSOrderGroup) Then
blnBasketIsEmpty = False
End If
IT-EBOOKS.DIRECTORY
The code that calls the IsBasketEmpty function, which is in Basket.asp, checks to
see if there are items in the OrderGroup object. If the shopping basket contains
products, then the basket is passed to the PAGBasket pipeline to prepare it for
display:
Set objMSCSPipelines = Application("MSCSPipelines")
intErrorLevel = _
RunMtsPipeline(objMSCSPipelines.PAGBasket, _
objMSCSPipelines.LogFolder & strUserID & _
".log", _
objMSCSOrderGroup)
PAGBasket Pipeline
Pipelines are used to configure a series of components that operate on a business
object in a set sequence. The operations of the pipeline are divided into stages. In
this case, the PAGBasket pipeline contains components that operate on the
OrderGroup object that represents the user’s shopping basket. You can use the
Commerce Server Pipeline Editor to view the configuration of the PAGBasket
pipeline by opening the PAGBasket.pcf file in the Pipelines folder of the site. The
PagBasket pipeline is illustrated in Figure 9.2:
Figure 9.2
PAGBasket Pipeline
IT-EBOOKS.DIRECTORY
Each time the shopping basket is displayed, the PAGBasket pipeline gathers all
data and performs the calculations required to show the shopping basket. Besides
running prior to displaying the shopping basket, this pipeline is also executed
during the final stages of the checkout process to calculate final order totals.
The PAGBasket pipeline includes the following stages:
● The pipeline starts with the Product Info stage. This stage, which is used to
manage the product information, consists of the following two components:
● QueryCatalogInfo – The QueryCatalogInfo component retrieves product
information from the Catalog System for every product in the order. It adds
the retrieved information to each Item dictionary in the order form.
● RequiredProdInfo – The RequiredProdInfo component checks all items in
the items collection in the OrderForm, and deletes any products that have the
delete key set to 1.
● The Order Initialization stage is then used to initialize the proper values in the
OrderGroup object. This stage consists of a single component:
RequiredOrderInitCy. First, RequiredOrderInitCy ensures that the order_id key
has a value. If it does not, RequiredOrderInitCy generates a unique order ID
and assigns it to this key. Next, to ensure order integrity, the component initial-
izes the various total keys by assigning NULL to them. Finally, for each item in
the items collection, RequiredOrderInitCy copies the value stored in quantity to
the _n_unadjusted key to initialize the undiscounted quantity of the item and
initialize the _oadjust_adjustedprice (the total cost of the item) to zero (0).
● The Order Check stage verifies that the order being presented is valid and has all
entries necessary for subsequent processing. This stage consists of one compo-
nent: RequiredOrderCheck. The RequiredOrderCheck component ensures that
the items list of the OrderForm is not empty.
● The Item Price stage sets the _iadjust_regularprice on each item in the OrderForm.
This stage consists of the following two components:
● DefaultItemPriceCy – For each item in the order form (each item in the items
collection), DefaultItemPriceCy assigns the _iadjust_regularprice key to the
value stored in the product_cy_list_price. Stages that follow the Item Price stage
in the pipeline contain components that depend upon the _iadjust_regularprice
key being set. If this key does not have a value, these components fail.
● RequiredItemPriceCy – The RequiredItemPriceCy component verifies that
the _cy_iadjust_regularprice has been set for each item in the items list. Before
the RequiredItemPrice component runs, the items list should have been
initialized by the DefaultItemPriceCy component to contain the most current
pricing information for the item. If _cy_iadjust_regularprice does not contain a
value, an error is generated.
IT-EBOOKS.DIRECTORY
● The Item Adjust Price stage sets the _iadjust_currentprice on each item in the
order form. This stage consists of one component: RequiredItemAdjustPriceCy.
RequiredItemAdjustPriceCy verifies that the current price
(_cy_iadjust_currentprice) exists for each item in the items list. If this value does
not exist, the component creates it and initializes it to the regular price
(_cy_iadjust_regularprice). In addition, the component checks the placed price
(cy_placed_price) against the current price (cy_iadjust_currentprice) to see if the
current price has changed since the user placed the product in the shopping
basket. If the placed price does not exist, the component creates it and sets it to
the current price (cy_iadjust_currentprice). If the placed price exists, but is not
equal to the current price, RequiredItemAdjustPriceCy retrieves the warning
message text for a bad placed price from the MessageManager, and writes the
message text to the _Basket_Errors collection of the order form.
● The Order Adjust Price stage sets the _oadjust_adjustedprice on each item in
the order form to account for price discounts. This stage consists of the
RequiredOrderAdjustPriceCy and OrderDiscount components. For each item,
RequiredOrderAdjustPriceCy first calculates the cost of the non-discounted
quantity. It multiplies the current price of the item (_cy_iadjust_currentprice) by
the undiscounted quantity of the item (n_unadjusted) and adds it to the total cost
of the item (_cy_oadjust_adjustedprice). Next, it calculates the discount for the item
(cy_oadjust_discount) by calculating the total cost for the item (multiplying the
current price of the item (_cy_iadjust_currentprice) by the total quantity (quantity)
and subtracting the previously calculated cost of the undiscounted items.
OrderDiscount calculates the total of all discounts for the order and displays
it on the Basket, Payment, OrderSummary, and ThankYou pages.
● The Order Subtotal stage sets the _oadjust_subtotal on the order form. This stage
consists of the following three components:
● DefaultOrderSubTotalCy – The subtotal (_cy_oadjust_subtotal) is calculated by
summing the total cost for each item (_cy_oadjust_adjustedprice) in the items
SimpleList in the OrderForm.
● PersistUtility – PersistUtility is a custom component used to copy values
within the OrderForm. This is mainly used to persist values. Otherwise,
OrderForm values with names that begin with an underscore (_) are not
persisted. The source code for the PersistUtility component (written in
Visual C++) is provided with the Reference Architecture for Commerce.
● RequiredOrderSubTotalCy – RequiredOrderSubtotalCy checks the
_oadjust_subtotal key in the OrderForm to ensure that the value assigned
to it is not NULL.
IT-EBOOKS.DIRECTORY
Note: The PAGBasket pipeline contains two additional stages: Merchant Information and
Shopper Information. ConsolidatedRetail.com does not use these stages, and they contain no
components.
Converting the Basket Contents to XML

After the pipeline runs, the code in Basket.pasp checks the OrderGroup object
again to ensure that it still contains some products because some may have been
removed in the pipeline). If the shopping basket contains products, the contents are
converted to XML using a Commerce Server DictionaryXMLTransforms object and
written to the Response object. The XML produced by the
DictionaryXMLTransforms object is similar to the following:
<orderform>
orderform_id="{0F111D4C-E79F-4615-B1AD-9193C811DE86}"
saved_cy_oadjust_subtotal="24.99">
<Items quantity="1"
product_id="Quick Course in Microsoft Office 2000"
product_catalog="Books" product_category=""
description="QUICK COURSE IN MICROSOFT OFFICE 2000 offers fast-paced
tutorials to help you quickly grasp application basics and build proficiency using
Microsoft Excel, Microsoft Word, Microsoft PowerPoint, Microsoft Outlook,
Microsoft Access, Microsoft Internet Explorer 5, Microsoft FrontPage, and
Microsoft Publisher."
d_DateCreated="16/02/2001 18:36:06"
cy_lineitem_total="24.99" cy_unit_price="24.99"
lineitem_uid="{FC57A7EA-1420-40A8-8F55-569FE9B2BEDE}"
_product_Name="Quick Course in Microsoft Office 2000"
_cy_oadjust_adjustedprice="24.99"/>
</orderform>
The Basket-IE5.xsl style sheet is then used to render the shopping basket page as
HTML.
The Lists Pipeline

The Lists pipeline is similar to the PAGBasket pipeline, except that it doesn’t verify
quantity and price. The Lists pipeline contains components that operate on the
OrderGroup object to create a public or private shopping list. You can use the
Commerce Server Pipeline Editor to view the configuration of the Lists pipeline
by opening the List.pcf file in the Pipelines folder of the site. The Lists pipeline is
illustrated in Figure 9.3.
IT-EBOOKS.DIRECTORY
Figure 9.3
Lists Pipeline
The Lists pipeline includes the following stages:

● The pipeline starts with the Product Info stage. This stage, which is used to
manage the product information, consists of the following two components:
● QueryCatalogInfo – The QueryCatalogInfo component retrieves product
information from the Catalog System for every item in the order. It adds the
retrieved information to each Item dictionary in the order form.
● RequiredProdInfo – The RequiredProdInfo component checks all items in the
items collection in the OrderForm and deletes any items that have the delete
key set to 1.
● The Order Initialization stage initializes the proper values in the OrderGroup
object. This stage consists of a single component: RequiredOrderInitCy. First,
RequiredOrderInitCy ensures that the order_id key has a value. If it does not,
RequiredOrderInitCy generates a unique order ID and assigns it to this key.
Next, to ensure order integrity, the component initializes the various total keys
by assigning NULL to them. Finally, for each item in the items collection,
RequiredOrderInitCy copies the value stored in quantity to the _n_unadjusted
key to initialize the undiscounted quantity of the item and initializes the
_oadjust_adjustedprice (the total cost of the item) to zero (0).
● The Order Check stage verifies that the order being presented is valid and has all
entries necessary for subsequent processing. This stage consists of one compo-
nent: RequiredOrderCheck. The RequiredOrderCheck component ensures that
the items list of the OrderForm is not empty.
IT-EBOOKS.DIRECTORY
The RecordEvent Pipeline

The RecordEvent pipeline contains components that record the occurrence of
particular events that occur during the shopping process — such as a user clicking a
particular ad or discount. You can use the Commerce Server Pipeline Editor to view
the configuration of the RecordEvent pipeline by opening the RecordEvent.pcf file
in the Pipelines folder of the site. The RecordEvent pipeline is illustrated in
Figure 9.4:
Figure 9.4
RecordEvent Pipeline
The RecordEvent pipeline includes the following stages:

● The pipeline starts with the Load Context stage. Microsoft Commerce Server 2000
includes no components for this stage. This stage is provided for custom exten-
sions or for future enhancements to Commerce Server 2000.
● The Record stage contains components that record the selection made to a data-
base, the server log file, or a history string. This stage consists of the following
two components:
● RecordEvent – This component records event delta counts for the selected
content items in the Performance dictionary. The values are used to calculate
the need of delivery of an item.
● IISAppendToLog – This component appends information about the result of
the content selection process in the QueryString key of the IIS log file. This log
file can be imported into the Data Warehouse for use with reporting and
analysis.
IT-EBOOKS.DIRECTORY
Advertising Pipeline
Targeted advertising allows a site to display promotional information to users
based on products that the user has already selected. The Advertising pipeline is
used to generate these targeted advertisements. It is a content selection pipeline that
contains components which gather, filter, score, and select advertisements. You can
use the Commerce Server Pipeline Editor to view the configuration of the Advertis-
ing pipeline by opening the Advertising.pcf file in the Pipelines folder of the site.
The Advertising pipeline is illustrated in Figure 9.5:
Figure 9.5
Advertising Pipeline
IT-EBOOKS.DIRECTORY
The Advertising pipeline includes the following stages:

● The pipeline starts with the Load Context stage, which contains components that
prepare for the execution of the rest of the pipeline. This stage includes the
following components:
● InitCSFPipeline – This component is used at the beginning of the pipeline to
initialize the values needed in the rest of the pipeline. The InitCSFPipeline
component is responsible for setting up numerous values in the Order and
Context dictionaries for efficient access by subsequent components in the
pipeline.
● LoadHistory – This component retrieves a history string from a HTTP cookie,
CampaignHistory. This component makes the history string easily accessible
to other pipeline components by hiding its source.
● The Filter stage contains a component that filters or trims the content list. This
stage consists of a single component: FilterContent. This component is used to
apply provided filters to a content list in the pipeline. The filters to apply are
retrieved from FilterRequire and FilterExclude dictionaries in the Order dictio-
nary. The list of content is contained in the ContentList object identified by the
_content entry in the Order dictionary.
● The Initial Score stage sets an initial score for each content item. This stage con-
sists of a single component: AdvertisingNeedOfDelivery. This component
scores ads so that they are selected often enough to meet business commitments.
This component calculates the Need of Delivery (NOD) for ad items in the
ContentList object and assigns these as the initial scores for the items.
● The Scoring stage contains components that adjust the scores of each content
item. This stage consists of the following two components:
● HistoryPenalty – This component applies penalties to content items based on
how recently they have been selected, as well as on exposure limits the items
may have. Penalties are values between zero (0) and one (1), which are multi-
plied by the current score of an item. This tends to reduce a score and thus
reduces the possibility that the item is selected.
● EvalTargetGroups – This component targets particular groups for advertising,
by evaluating a list of expressions for each item in a list and adjusting item
selection.
● The Select stage selects one or more content items for return. This stage consists
of a single component: SelectWinners. This component chooses items based on
their final scores. To communicate the winners, the SelectWinners component
builds a new SimpleList object that contains the ContentList object indexes up
to the requested number of winning content items.
IT-EBOOKS.DIRECTORY
base, the server log file, or a history string. This stage consists of the following
components:
content items (the winners) in the Performance dictionary. The values are
used to calculate the need of delivery of an item.
● IISAppendToLog – This component appends information about the result of
analysis.
● RecordHistory – The RecordHistory component is responsible for managing
the size of the history list and truncates it when necessary. The component
removes the oldest entries from the string when it exceeds the maximum
length. The property page for the RecordHistory component allows the
maximum number of entries in the history to be configured. This component
trims the least recent history list entries, as necessary, to assure that this limit
is not exceeded.
● SaveHistory – This component is used to save the history string in the HTTP
cookie, CampaignHistory.
● The Format stage contains components that format selected items as HTML or
XML for return to the page that ran the pipeline. This stage consists of a single
component: FormatTemplate. This component merges data from selected items
and their associated templates to form formatted strings.
Discounts Pipeline
Discounts are another form of targeted advertising. Discounts allow a site to dis-
play promotional information about specific discounted items to users based on
products that the user has already selected. The Discounts pipeline is a content
selection pipeline that contains components to gather, filter, score, and select dis-
counts. You can use the Commerce Server Pipeline Editor to view the configuration
of the Discounts pipeline by opening the Discounts.pcf file in the Pipelines folder of
the site. The Discounts pipeline is illustrated in Figure 9.6 on the next page.
IT-EBOOKS.DIRECTORY
Figure 9.6
Discounts Pipeline
The Discounts pipeline includes the following stages:

● The pipeline starts with the Load Context stage, which contains components that
prepare for the execution of the rest of the pipeline. This stage contains the
following two components:
● InitCSFPipeline – This component is used at the beginning of the pipeline to
initialize the values needed in the rest of the pipeline. The InitCSFPipeline
component is responsible for setting up numerous values in the Order and
Context dictionaries for efficient access by subsequent components in the
pipeline.
IT-EBOOKS.DIRECTORY
● LoadHistory – This component retrieves a history string from the HTTP

cookie, CampaignHistory. This component makes the history string easily
accessible to other pipeline components by hiding its source.
● The Filter stage contains components that filter or trim the content list. This stage
consists of a single component: FilterContent. This component is used to apply
provided filters to a content list in the pipeline. The filters to apply are retrieved
from FilterRequire and FilterExclude dictionaries in the Order dictionary. The
list of content is contained in the ContentList object identified by the _content
entry in the Order dictionary.
● The Scoring stage contains components that adjust the scores of each content
item. This stage contains the following components:
● ScoringDiscounts – This component adjusts the score of discount content
items with the goal of promoting discounts most relevant to the current user.
The OrderDiscount component applies the discounts whose scores are ad-
justed by the ScoreDiscounts component. The ScoreDiscounts component
saves the scores in the ContentList object held by the CacheManager object.
That ContentList object is then used by the OrderDiscount component in
PAGBasket pipeline.
● HistoryPenalty – This component applies penalties to discounts based on how
recently they have been selected, as well as on exposure limits the items may
have. Penalties are values between zero (0) and one (1), which are multiplied
by the current score of an item. This tends to reduce a score and thus reduces
the possibility that the item is selected.
● EvalTargetGroups – This component targets particular groups for discounts,
by evaluating a list of expressions for each item in a list and adjusting item
selection.
● The Select stage selects one or more content items for return. This stage consists
of a single component: SelectWinners. This component chooses items based on
their final scores. To communicate the winners, the SelectWinners component
builds a new SimpleList object that contains the ContentList object indexes up
to the requested number of winning content items.
base, the server log file, or a history string. This stage contains the following
components:
● RecordHistory – The RecordHistory component is responsible for managing
the size of the history list and truncates it when necessary. The component
removes the oldest entries from the string when it exceeds the maximum
length. The property page for the RecordHistory component allows the
maximum number of entries in the history to be configured. This component
trims the least recent history list entries, as necessary, to assure that this limit
is not exceeded.
IT-EBOOKS.DIRECTORY
● SaveHistory – This component is used to save the history string in the HTTP
cookie, CampaignHistory.
content items (the winners) in the Performance dictionary. The values are
used to calculate the need of delivery of an item.
● ISAppendToLog – This component appends information about the result of
analysis.
● The Format stage contains components that format selected items as HTML or
XML for return to the page that ran the pipeline. This stage consists of a single
component: FormatTemplate. This component merges data from selected items
and their associated templates to form formatted strings.
Order Processing
When a user decides to check out, the user must perform the following steps:
1. Specify a shipping address for the order (or choose to have different products
delivered to different addresses).
2. Choose a shipping method.
3. Provide payment information for the order.
4. Confirm the order details.
5. Complete the order process.
The ConsolidatedRetail.com site uses Commerce Server objects and pipeline com-
ponents to handle these processes.
Specifying a Shipping Address

In general, the user specifies a shipping address by using Shipping.pasp. This page
contains a form listing all shipping addresses in the user’s profile (and the option to
create a new address or edit existing ones). The user simply specifies the address to
which he or she wants the items shipped. The page then posts the form back to itself
and updates the OrderGroup object that represent the shopping basket contents
with the specified address.
When the user specifies a shipping address, the code in Shipping.pasp begins by
using the GetUserID function in the Common.asp include file to retrieve the cur-
rent user’s ID. Shipping.pasp then calls the LoadBasket routine in the Basket.asp
include file to populate an OrderGroup object, as follows:
Set objMSCSOrderGrp = LoadBasket(strUserID)
IT-EBOOKS.DIRECTORY
Next, the code retrieves the supplied address ID from the query string, and updates
each item in the shopping basket with the specified address ID:
For Each strOrderFormName In objMSCSOrderGrp.Value.OrderForms
Set objMSCSOrderForm = objMSCSOrderGrp.Value.OrderForms _
(strOrderFormName)
For each colItem in objMSCSOrderForm.Items
colItem.value("shipping_address_id") = strAddressID
Next
Next
Finally, the shipping address for the overall OrderGroup object is set, any
unreferenced addresses that had been previously set are removed and the shopping
basket is saved. The user is then redirected to ShippingMethod.pasp to specify a
shipping method for the order:
Call objMSCSOrderGrp.SetShippingAddress(strAddressID)
Call objMSCSOrderGrp.SaveAsBasket()
Set objMSCSOrderGrp = Nothing
Response.Redirect "ShippingMethod.pasp"
However, if this is the customer’s first visit to the Shipping.pasp page, the list of
possible addresses must be retrieved from the user’s profile to be displayed in the
form. The code in Shipping.pasp does this using an ADO query to the addresses
table in the site database, as shown in the following:
strUserID = GetUserID()
Set cnBizDesk = server.CreateObject(mc_stradodb_connection)
Set rsAddress = server.CreateObject(mc_stradodb_recordset)
cnBizDesk.Open _
Application("MSCSDictConfig").s_BizDataStoreConnectionString
rsAddress.Open "select g_address_id as 'address_id', i_address_type as
'address_type', u_description as 'description', u_address_name as 'address_name',
u_address_line1 as 'address_line1', u_address_line2 as 'address_line2', u_city as
'city', u_region_name as 'region_code', u_region_name as 'region_name',
u_postal_code as 'postal_code' from addresses where g_id = '" & strUserID & "' and
i_address_type=" & mc_lngShippingAddress & "ORDER BY u_address_name", cnBizDesk
If the user has no addresses listed in his or her profile, the user is redirected to the
EditAddressBook.pasp page with a Mode parameter. This parameter returns the
user to this page after the address is added:
If rsAddress.EOF Then 'no address have been entered for the user ID
rsAddress.Close
Set rsAddress = Nothing
cnBizDesk.Close
Set cnBizDesk = Nothing
Response.Redirect "EditAddressBook.pasp?Mode=" & mc_strPageName
End If
IT-EBOOKS.DIRECTORY
If the user profile has one or more addresses, the address information is added to
the shopping basket (the last address specified is the default shipping address), and
rendered as XML:
Call XMLBegTag(mc_strAddresses)
Do While Not rsAddress.EOF
strAddressID = rsAddress.Fields("address_id").value
strDescription = rsAddress.Fields("description").value
strAddressName = rsAddress.Fields("address_name").value
strAddressLine1 = rsAddress.Fields("address_line1").value
strCity = rsAddress.Fields("city").value
strRegionCode = rsAddress.Fields("region_code").value
strRegionName = rsAddress.Fields("region_name").value
strPostalCode = rsAddress.Fields("postal_code").value
blnSaveSuccessful = PutOrderAddress(objMSCSOrderGrp, _
mc_lngShippingAddress, strAddressID, strAddressName, _
strAddressLine1, strAddressLine2, strCity, strRegionName, _
strPostalCode, strDescription)
If blnSaveSuccessful Then
Call XMLBegTag(mc_strAddress)
Call XMLTag(mc_strAddress_ID, strAddressID)
Call XMLTag(mc_strDescription, strDescription)
Call XMLTag(mc_strAddress_Name, strAddressName)
Call XMLTag(mc_strAddress_Line1, strAddressLine1)
Call XMLTag(mc_strCity, strCity)
Call XMLTag(mc_strRegion_Code, strRegionName)
Call XMLTag(mc_strRegion_Name, strRegionName)
Call XMLTag(mc_strPostal_Code, strPostalCode)
Call XMLEndTag(mc_strAddress)
'Set the billing address
If rsAddress.Fields("address_type").value = 2 Then
objMSCSOrderGrp.Value("OrderForms").Value _
("default").Value("billing_address_id") = strAddressID
End If
End If
rsAddress.MoveNext
Loop
Call XMLEndTag(mc_strAddresses)
End If
The format of the XML produced by this code is shown in the following code:
<addresses>
<address>
<address_id>{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}</address_id>
<description>Home Address</description>
<address_name>Kim Abercrombie</address_name>
<address_line1>My House</address_line1>
<address_line2>My Street</address_line2>
IT-EBOOKS.DIRECTORY
<city>Redmond</city>
<region_code>Washington</region_code>
<region_name>Washington</region_name>
<postal_code>12345</postal_code>
</address>
<address>
<address_id>{B87EDB27-8FBE-4BDA-83BE-ED037A0B7E4C}</address_id>
<description>Work Address</description>
<address_line1>Microsoft Corp.</address_line1>
<address_line2>1 Microsoft Way</address_line2>
</address>
</addresses>
Specifying a Shipping Method

After the user specifies an address for the order, he or she must choose a shipping
method. Commerce Server 2000 supports the configuration of multiple shipping
methods, each with different price bands depending on the weight, item quantity,
or total cost of the order. (For more information about defining shipping methods,
refer to the Commerce Server 2000 documentation.)
The ShippingMethod.pasp page allows the user to select one of the shipping meth-
ods defined in the site database. The page contains a form listing each shipping
method as an option. After the user chooses an option, the choice is posted back to
the page for processing. The shipping methods are retrieved for display from the
application-level ShippingMethodsXML variable.
The list of available shipping methods is retrieved from the application-level
ShippingMethodsXML variable, which is initialized using the
GetShippingMethodsXML function in Common.asp, as shown in the following
code:
Function GetShippingMethodsXML(MSCSDictConfig)
Dim MSCSShipMgr
Dim rsShippingMethods
Dim strXMLStream
strXMLStream = ""
Set MSCSShipMgr = Server.CreateObject("Commerce.ShippingMethodManager")_

MSCSShipMgr.Initialize(MSCSDictConfig.s_TransactionConfigConnectionString)
Set rsShippingMethods = MSCSShipMgr.GetInstalledMethodList("",_
"shipping_method_name", Array("shipping_method_id", "shipping_method_name"))
IT-EBOOKS.DIRECTORY
If Not (rsShippingMethods.EOF And rsShippingMethods.BOF) Then

Do While Not rsShippingMethods.EOF
strXMLStream = strXMLStream & vbCrLf & "<shipping_method>"
strXMLStream = strXMLStream & vbCrLf & "<shipping_method_id>" & _
rsShippingMethods.Fields("shipping_method_id").Value & _
"</shipping_method_id>"
strXMLStream = strXMLStream & vbCrLf & _
"<shipping_method_name>" & _
rsShippingMethods.Fields("shipping_method_name").Value & _
"</shipping_method_name>"
strXMLStream = strXMLStream & vbCrLf & "</shipping_method>"
rsShippingMethods.MoveNext
Loop
End If
Set MSCSShipMgr = Nothing
GetShippingMethodsXML = strXMLStream
End Function
The ShippingMethod.pasp page includes the list of available shipping methods in

the following XML format:
<shipping_method>
<shipping_method_id>
{00000000-0000-0000-0000-003688009465}
</shipping_method_id>
<shipping_method_name>Express</shipping_method_name>
</shipping_method>
<shipping_method>
{00000000-0000-0000-0000-001140002642}
<shipping_method_name>Standard</shipping_method_name>
</shipping_method>
After a user chooses a shipping method, its ID and name must be stored in the
OrderGroup object. Because only the ID is passed from the form, the name
must be retrieved from the database by using the Commerce Server
ShippingMethodManager object. This object provides a GetInstalledMethodList
method that can be used to retrieve methods that match a specified criterion as a
recordset. The code to retrieve the relevant method name for the supplied ID is
similar to the following:
Set objMSCSShpMthMgr = _
Server.CreateObject(mc_strShippingMethodManager)
objMSCSShpMthMgr.Initialize(Application("MSCSDictConfig"). _
s_BizDataStoreConnectionString)
set rsShpMthName = objMSCSShpMthMgr.GetInstalledMethodList _
("shipping_method_id = '" &
strShippingMethodID & "'", "", _
Array(mc_strshipping_method_name))
IT-EBOOKS.DIRECTORY
set objMSCSShpMthMgr = nothing

If Not (rsShpMthName.EOF and rsShpMthName.BOF) then
strShippingMethodName = rsShpMthName.Fields(0).Value
End If
rsShpMthName.Close
Set rsShpMthName = Nothing
After the shipping method name is retrieved, the products in the shopping cart are
updated with the shipping method data and the user is redirected to Payment.pasp
to specify the payment information:
For Each strOrderFormName In objMSCSOrderGroup.Value.OrderForms
Set objMSCSOrderForm = objMSCSOrderGroup.Value. _
OrderForms(strOrderFormName)
For each colItem in objMSCSOrderForm.Items
colItem.value(mc_strshipping_method_id) = strShippingMethodID
colItem.value(mc_strshipping_method_name) = strShippingMethodName
Next
Next
Response.Redirect "Payment.pasp"
Specifying Multiple Shipping Addresses and Methods

The user can specify a different shipping address and method for each item in the
shopping cart. The code to support this functionality is in the MultiShipping.pasp
page.
Note: If a user chooses to specify multiple addresses for an order, the Reference Architecture
application requires that the user specify an address for each individual item in the order. This
approach works for small orders, but users who place large orders will not find this accept-
able. Users who include large amounts of a single item or a great number of items in an order
should be advised that sending multiple orders, each to a single address, is a better option.
When the user requests a shipping method and address for each item, the form is
posted back to MultiShipping.pasp, and the OrderGroup object representing the
shopping basket is updated. The following code is used to update the shipping
method and address data for each item:
' populate each item with shipping method id
objMSCSOrderGroup("split_shipment") = True
Set objMSCSOrderForm = objMSCSOrderGroup.Value.OrderForms(strOrderFormName)
For Each colItem In objMSCSOrderForm.Items
intQuantity = colItem.value("Quantity")
strOriginalUID = colItem.value("lineitem_uid")
colItem.value("Quantity") = 1
IT-EBOOKS.DIRECTORY
If intQuantity > 1 Then

For intIndex = 1 To (intQuantity - 1)
'create the product dictionary
Set objMSCSProductDictionary = Server.CreateObject(mc_strDictionary)
objMSCSProductDictionary.lineitem_uid = GenerateGUID()
objMSCSProductDictionary.product_id = colItem.value("product_id")
objMSCSProductDictionary.orig_lineitem_uid = strOriginalUID
objMSCSProductDictionary.product_catalog = colItem.value("product_catalog")
objMSCSProductDictionary.Quantity = 1
If Not IsNull(colItem.value("product_variant_id")) Then
objMSCSProductDictionary.product_variant_id =_
colItem.value("product_variant_id")
objMSCSProductDictionary.product_variant_id_name =_
colItem.value("product_variant_id_name")
objMSCSProductDictionary.product_variant_name =
colItem.value("product_variant_name")
objMSCSProductDictionary.product_variant_value =
colItem.value("product_variant_value")
End If
If Not IsNull(colItem.value("product_category")) Then
objMSCSProductDictionary.product_category =
colItem.value("product_category")
End If
Call objMSCSOrderGroup.AddItem(objMSCSProductDictionary)
Set objMSCSProductDictionary = Nothing

Next
Else
'store the original lineitem_uid for reconstituting the basket
If IsNull(colItem("orig_lineitem_uid")) Then
colItem("orig_lineitem_uid") = strOriginalUID
End If
End If
'populate the original item

If IsNull(colItem("orig_lineitem_uid")) Then
colItem("orig_lineitem_uid") = strOriginalUID
End If
Next
Next
Call objMSCSOrderGroup.PurgeUnreferencedAddresses()
' routine to retreive common xml structures required for every page
Call PageStart(mc_strPageName)
Call XMLTag("pagemode", mc_strPageName)
' display advertising information in right hand frame

'XMLEmptyTag(mc_strAdvertisingMenu)
strUserID = GetUserID()
Set cnBizDesk = server.CreateObject(mc_stradodb_connection)
IT-EBOOKS.DIRECTORY
Set rsAddress = server.CreateObject(mc_stradodb_recordset)
cnBizDesk.Open Application("MSCSDictConfig").s_BizDataStoreConnectionString
rsAddress.Open "select g_address_id as 'address_id',

i_address_type as_ 'address_type', u_address_name as 'address_name',
u_Description as_ 'description', u_address_line1 as 'address_line1',
u_address_line2 as 'address_line2', u_city as 'city',
u_region_name as 'region_code', u_region_name as 'region_name',
u_postal_code as 'postal_code' from addresses where
g_id = '" & strUserID & "' and i_address_type = " & mc_lngShippingAddress &
" ORDER BY u_address_name", cnBizDesk
If Not (rsAddress.EOF And rsAddress.BOF) Then
Call XMLBegTag(mc_strAddresses)
Do While Not rsAddress.EOF
strAddressID = rsAddress.Fields("address_id").value
strAddressName = rsAddress.Fields("address_name").value
strCity = rsAddress.Fields("city").value
strRegionCode = rsAddress.Fields("region_code").value
strRegionName = rsAddress.Fields("region_name").value
strPostalCode = rsAddress.Fields("postal_code").value
strDescription = rsAddress.Fields("description").value
blnSaveSuccessful = PutOrderAddress(objMSCSOrderGroup, mc_lngShippingAddress,

strAddressID, strAddressName, strAddressLine1, strAddressLine2, strCity,
strRegionName, strPostalCode, strDescription)
If blnSaveSuccessful Then
Call XMLBegTag(mc_strAddress)
Call XMLTag(mc_strAddress_ID, strAddressID)
Call XMLTag(mc_strAddress_Name, strAddressName)
Call XMLTag(mc_strCity, strCity)
Call XMLTag(mc_strRegion_Code, strRegionName)
Call XMLTag(mc_strRegion_Name, strRegionName)
Call XMLTag(mc_strPostal_Code, strPostalCode)
Call XMLEndTag(mc_strAddress)
End If
rsAddress.MoveNext
Loop
Call XMLEndTag(mc_strAddresses)
End If
Specifying Payment Information

As part of the checkout process, the user must provide payment details for the
order. The Payment.pasp page handles this portion of the order processing
sequence.
IT-EBOOKS.DIRECTORY
Note: In this sample application, the payment details are passed in plain text using HTTP. In a
production site, HTTPS should be used to encrypt the payment data.
The Payment.pasp page contains a form that allows a user to specify credit card and
billing address details from his or her profile.
When a user enters credit card information, he or she will be asked to specify a
Listed As value for each credit card added to the user profile. The user cannot use
the same Listed As value for multiple cards; the Listed As value must be unique per
card, per user. The Reference Architecture for Commerce performs a system-wide
check to ensure that each credit card number is unique and checks to ensure that the
combination of User Name/Listed As values are unique.
Billing addresses also require Listed As values; however, these are not unique
because a billing address can also be a shipping address. The AddressBook page
displays all shipping addresses that the user has entered. If any of these addresses
has the same Listed As value as the billing address, then the message, “Also the
billing address” is displayed below the Listed As designation. Note that the mes-
sage appears if the Listed As values match, even if the underlying address details
are different.
A user can modify a billing address so that its Listed As value is the same as an
existing shipping address. Similarly, a user can modify a shipping address so that
its Listed As value matches the billing address. However, any changes made to one
address record are not reflected in the other. Developers who use the Reference
Architecture code as the basis for a production retail Web site may want to consider
changing this functionality to ensure that a shipping address and billing address
with the same Listed As value remain synchronized.
If the user has no billing address defined, he or she is redirected to the
EditAddressBook.pasp page to add it. The EditAddressBook page displays an
existing address or shows a blank form for entering a new address. If the new
address form is displayed and no billing address exists, the Make this my billing
address also check box is selected by default. If an existing shipping address has the
same Listed As value as that of the billing address, the contents of the selected
shipping address is displayed and the Make this my billing address also check box
is selected by default.
If a user has already designated an address as a billing address, the check box is
cleared by default. If the user has other existing shipping addresses, those addresses
are also displayed with the check box cleared by default.
The Payment.pasp page simply reads the payment details from the form, and then
writes them to the OrderGroup object that represents the user’s shopping basket.
IT-EBOOKS.DIRECTORY
If Not IsNull(GetUserID) Then
Set objMSCSOrderGroup = LoadBasket(strUserID)
If isnull(objMSCSOrderGroup("split_shipment")) then
response.redirect "shipping.pasp"
End if
' Check to see if the basket has items
If objMSCSOrderGroup.Value("total_lineitems") > 0 Then
blnBasketIsEmpty = False
Else
Response.Redirect "basket.pasp"
End If
' If there is no billing address in the OrderForm, then
' check if the user has specified a default address. If so,
' insert that into the OrderForm. If not, redirect to EditAddressBook.pasp
' so that the user can enter one.
If IsNull(strBillAddress) or (Not IsNull(strBillAddress) And_
Len(strBillAddress) = 0 ) then
strBillAddress = GetUserBillingAddressId()
End if
If IsNull(strBillAddress) then
Response.Redirect "EditAddressBook.Pasp?Mode=" & mc_strPageName &
"&txtAddressType=billing"
End If
' If we are coming back here from the EditShippingAddress.pasp page,
' we need to populate the billing address id that was just entered
If Not IsNull(strBillAddress) Then
objMSCSOrderGroup.Value("OrderForms").Value("default").Value("billing_address_id")
= strBillAddress
Call SetBillingAddressToOG(objMSCSOrderGroup)
End If
' determine whether or not there is a billing address
Call XMLTag("billingaddressstatus",_
objMSCSOrderGroup.Value("OrderForms").Value("default").Value_
("billing_address_id"))
End If
' Retrieve the credit cards that are stored for the user
Call XMLBegTag(mc_strCreditCards)
intCardTotal = GetUserCreditCardsXMLEx()
Call XMLEndTag(mc_strCreditCards)
' If there are no credit cards, return to add one
If intCardTotal < 1 Then
Response.Redirect "EditCreditCard.Pasp?Mode=" & mc_strPageName &
"&txtbilladdressid=" & strBillAddress
End If
Set objMSCSOrderForm = objMSCSOrderGroup.Value.OrderForms(strOrderFormName)
For Each colItem In objMSCSOrderForm.Items
if Isnull(colItem.value(mc_strshipping_method_id) )then
Response.Redirect "shipping.pasp"
End If
Next
Next
IT-EBOOKS.DIRECTORY
Set objMSCSPipelines = Application("MSCSPipelines")

intErrorLevel = RunMtsPipeline(objMSCSPipelines.PAGBasket,
objMSCSPipelines.LogFolder & strUserID & ".log", objMSCSOrderGroup)
Call AddPipeErrors(objMSCSOrderForm, intErrorLevel)
intErrorLevel = RunMtsPipeline(objMSCSPipelines.PAGTotal,
objMSCSPipelines.LogFolder & strUserID & ".log", objMSCSOrderGroup)
Call AddPipeErrors(objMSCSOrderForm, intErrorLevel)
Set objMSCSPipelines = Nothing
' Grab the default orderform
Set objMSCSOrderForm = objMSCSOrderGroup.Value("OrderForms").Value("default")
Set objXMLTransforms = Server.CreateObject(mc_strXMLTransforms)
Set objXMLSchema = GetTransformSchema()
Set objXMLOrderForm =
objXMLTransforms.GenerateXMLForDictionaryUsingSchema(objMSCSOrderForm,
objXMLSchema)
Set objXMLSchema = Nothing
Set objMSCSOrderForm = Nothing
Set objXMLTransforms = Nothing
If not isEmpty(objXMLOrderForm) Then
Response.Write objXMLOrderForm.xml
Else
Call AddException(m_varrExceptions, "1222", "Error converting orderform to
XML.", "basket.asp")
End if
Set objXMLOrderForm = Nothing
After the payment information is complete, the user is redirected to the

OrderSummary.pasp page.
Confirming the Order Details

The user is given a chance to confirm or change the order details before the final
part of the ordering process is completed. The order details are displayed on the
OrderSummary.pasp page.
The code uses two pipelines to retrieve the order details for display. First, the
PAGBasket pipeline retrieves the shopping basket contents. Then, the PAGTotal
pipeline calculates shipping costs and subtotals. For a description of the PAGBasket
pipeline, refer to the “Viewing the Shopping Cart or Save for Later Basket” section
earlier in this chapter. The PAGTotal pipeline is described in the following section.
The PAGTotal Pipeline

The PAGTotal pipeline, which you can view by opening Total.pcf in the Commerce
Server Pipeline Editor, is illustrated in Figure 9.7.
IT-EBOOKS.DIRECTORY
Figure 9.7
PAGTotal Pipeline
The PAGTotal pipeline includes the following stages:

● The Shipment Splitter stage prepares a shipping dictionary. This stage contains
two components:
● Commerce.Splitter – The splitter component generates a dictionary of ship-
ments (shipments) that is placed on the OrderForm. This dictionary contains
the individual shipments that are created based upon the shipping_address_id
and shipping_method_id values in the order.
● Commerce.ShippingMethodRouter – The ShippingMethodRouter compo-
nent reads the ShippingManagerCache by using the CacheManager object to
map shipping methods to particular shipping components. The component
steps through the list of shipping methods and, if there are shipments using a
given method, it collects the dictionaries for those shipments, passes the
shipments to the shipping component, and then runs the relevant shipping
component. The individual shipping components calculate the total shipping
charges for the shipments passed to it. After all of the shipments are pro-
cessed, the total of all of the shipping charges is calculated.
IT-EBOOKS.DIRECTORY
● The Shipping stage applies shipping discounts to an order. There is one compo-
nent in this stage: ShippingDiscountAdjust. This component examines the
_shipping_discount_type and adjusts the total shipping for the order. If the dis-
count is blank, the component does nothing. If the discount type is 1 or 2, the
component applies the discount. If the discount is none of these, the component
returns an error. The _shipping_discount_type value is determined using the
OrderDiscount object.
● The Handling stage sets the _handling_total on the order form. This stage consists
of the following two components:
● DefaultHandlingCy – This component assigns zero (0) to the total handling
cost in the Order dictionary. It is a placeholder component that would be
replaced by another handling component in actual use.
● RequiredHandlingCy – The RequiredHandlingCy component verifies that
the order._handling_total key is present.
● The Tax stage sets the _tax_total and _tax_included values on the order form. This
stage consists of the following two components:
● SampleRegionalTax – This component sets the tax fields (_cy_tax_total,
shipments._cy_tax_total and _cy_tax_included) to an appropriate tax value based
on the tax information in the RegionalTaxCache.
● RequiredTaxCy – This component verifies that the _cy_tax_total and
_cy_tax_included keys exist in the order form. If either value does not exist,
RequiredTaxCy uses the pur_badtax constant to retrieve error message text
from the MessageManager, and stores this message in the _Purchase_Errors
collection of the OrderForm.
● The Order Total stage sets the _total_total value on the order form. This stage
consists of the following three components:
● DefaultTotalCy – This component verifies that all four totals on the order are
set. If all four values exist, they are added together and assigned to the com-
plete total in the Order dictionary. If any value is missing, the component
stops and returns an error.
● PersistUtility – This is a custom component used to copy values within the
OrderForm. This is mainly used to make values persistent. Otherwise,
OrderForm values with names that begin with an underscore (_) do not
persist. The source code for the PersistUtility component (written in Visual
C++) is provided with the Reference Architecture for Commerce.
● RequiredTotalCy – This component goes through the keys and values in the
_Verify_With dictionary and makes sure that each key exists in the order form
and has the same value.
IT-EBOOKS.DIRECTORY
● The last stage, Fixes, contains a single component: Truncate Description. This
component, written in VBScript, provides a workaround for a known issue in
Commerce Server 2000 where any field longer than 255 characters is assumed to
be of type Text.
Obtaining the User’s E-mail Address

After the pipelines execute, the code in OrderSummary.pasp retrieves a
ProfileObject for the current user, and extracts the e-mail address to be used for the
order confirmation message. This is then added to the default OrderForm for the
OrderGroup object, and the OrderGroup object is saved:
'Grab the default orderform
Set objMSCSOrderForm = objMSCSOrderGroup.Value("OrderForms").Value("default")
'Set the email address for the order confirmation email.
Set objMSCSProfileObject = GetUserObject()
objMSCSOrderForm.user_email_address = objMSCSProfileObject_
(mc_strGeneralInfo).Value(mc_strEmail_Address)
Set objMSCSProfileObject = Nothing
The code then verifies the total amount and displays an error if the order total and
the total in the OrderSummary and ThankYou page don’t match:
'Add new hidden HTML field to verify the total amt
Call XMLTag("verify_with_total" ,_
objMSCSOrderGroup.Value("saved_cy_total_total"))
'If this request is from the ThankYou page

'(i.e. if there was an order total mismatch),
'display the appropriate error
Dim sErr : sErr = Application("MSCSAppFrameWork").RequestString_
("err" , "", , , true, true, 0, Null)
if sErr = C_BAD_VERIFY_ERRCODE then
Call AddException( m_varrExceptions, "1222",_
Application("MSCSMessageManager").GetMessage("pur_badverify",_
Application("MSCSMessageManager").DefaultLanguage) , mc_strPageName)
End If
For security purposes, the code then truncates the credit card information before
displaying the summary or sending the confirmation and ensures that the truncated
credit card number is not persisted:
'Truncate credit card number before display.
'Ensure that the orderform is not saved again, so that the
'truncated CC number is not persisted.
Dim ccNumber : ccNumber = objMSCSOrderForm.value("cc_number")
objMSCSOrderForm.value("cc_number") = TruncateCC(ccNumber)
IT-EBOOKS.DIRECTORY
The contents of the OrderGroup object are converted to XML, using a Commerce
Server DictionaryXMLTransforms object, and written to the Response object as
shown in the following code:
Set objXMLTransforms = Server.CreateObject(mc_strXMLTransforms)
Set objXMLSchema = GetTransformSchema()
Set objXMLOrderForm =_
objXMLTransforms.GenerateXMLForDictionaryUsingSchema_
(objMSCSOrderForm, objXMLSchema)
Set objXMLSchema = Nothing

Set objMSCSOrderForm = Nothing
Set objXMLTransforms = Nothing
If not isEmpty(objXMLOrderForm) Then

Response.Write objXMLOrderForm.xml
Else
Call AddException(m_varrExceptions, "1222", _
"Error converting orderform to XML.", "basket.asp")
End if
Set objXMLOrderForm = Nothing
Finally, the shipping methods are retrieved and displayed:

Call XMLBegTag("shipping_methods")
' retrieve the shipping methods
Response.Write ( CachedFragmentLookup( STATIC_SECTIONS_CACHE ,_
SHIPPING_METHODS_XML ) )
Call XMLEndTag("shipping_methods")
This produces the following XML representation of the OrderGroup object:

<orderform orderform_id="{CD9EABBE-B0BF-48FE-9DB9-58A35A8FEE9F}"
payment_method="credit_card"
billing_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
saved_cy_oadjust_subtotal="44.98" saved_cy_total_total="49.98"
cc_name="American Express" cc_expyear="2001" cc_expmonth="08"
cc_number="1234" _cy_shipping_total="5" _cy_tax_total="0"
user_email_address="kim@somecompany.com"
cc_Account_Holder="Kim" cy_tax_total="0"
cy_shipping_total="5">
<Addresses address_name="Kim Abercrombie" address_line1="My House"
address_line2="My Street" city="My City" region_code="WA"
postal_code="12345" country_code="US" description="Home Address"
AddressesDictKey="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"/>
<Items quantity="1"
product_id="Quick Course in Microsoft Office 2000"
product_Name="Quick Course in Microsoft Office 2000"
IT-EBOOKS.DIRECTORY
description="QUICK COURSE IN MICROSOFT OFFICE 2000 offers fast-paced tutori-

als to help you quickly grasp application basics and build proficiency using
Microsoft Excel, Microsoft Word, Microsoft PowerPoint, Microsoft Outlook,
Microsoft Access, Microsoft Internet Exp"
shipping_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
shipping_method_id="{00000000-0000-0000-0000-003688009465}"
shipping_method_name="Express"
d_DateCreated="16/02/2001 18:36:06" cy_lineitem_total="24.99"
cy_unit_price="24.99"
lineitem_uid="{FC57A7EA-1420-40A8-8F55-569FE9B2BEDE}"
_product_Name="Quick Course in Microsoft Office 2000"
_cy_oadjust_adjustedprice="24.99"/>
<shipments
shipping_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
_cy_shipping_total="5"/>
</orderform>
Completing the Order Process

After the user confirms the order details, the order process can be completed. The
code to handle the final part of the order process is implemented in the
Thankyou.pasp page.
The Thankyou.pasp page begins by running the PAGBasket and PAGTotal pipe-
lines as described previously. Then, the PAGFinal pipeline is executed to complete
the order.
The PAGFinal Pipeline

You can view the PAGFinal pipeline by opening Final.pcf in the Commerce Server
Pipeline Editor. The PAGFinal pipeline is illustrated in Figure 9.8:
Figure 9.8
PAGFinal Pipeline
IT-EBOOKS.DIRECTORY
The only stage in the ordering process is called Order Transfer. This stage contains
one component: QueueEmail Class. This is a custom pipeline component that is
used to send order confirmation in e-mail to the user_e-mail_address field in the
default OrderForm.
Sending an Order Confirmation E-mail

QueueEmail Class is a pipeline component (COM object) that implements the
IPipelineComponent interface. The QueueEmail Class component takes informa-
tion from the OrderForm, converts it to XML, and then sends it as an e-mail mes-
sage by using the custom QueuedEMailer.CMailer queued component. By calling a
queued component to send the e-mail message, the process is made asynchronous,
thus preventing any latency caused by the e-mail process from causing a negative
effect on response time for the user checking out.
A custom property page for the QueueEmail Class component is used to configure
the component in the Pipeline Editor. This allows you to set the appropriate mes-
sage queue, moniker, and ProgID used to instantiate the queued component that
will actually be used to send the e-mail, as illustrated in Figure 9.9:
Figure 9.9
QueueEmail Class Custom Property Page
QueuedEMailer.CMailer
The process of actually sending the e-mail message is handled by the
QueuedEMailer.Cmailer queued component. This component is installed in a
COM+ application that has been marked as queued. In addition, the _CMailer
Interface is also marked as queued, allowing methods on that interface to be called
asynchronously through a message queue. The _CMailer interface contains one
method; SendMail, which is defined using the following method signature:
IT-EBOOKS.DIRECTORY
HRESULT SendMail(
[in] BSTR strXMLOrderForm,
[in] VARIANT_BOOL blnUseHTMLMail);
Notice that both parameters are marked as [in], because queued components
do not support [out] or [retval] parameters. The strXMLOrderForm parameter is
used to pass the XML representation of the order form to the component. The
blnUseHTMLMail parameter is a Boolean value that is used to determine if
the e-mail message should be sent in HTML format or plain text.
The QueuedEMailer.CMailer component is also configured to support object
construction. This means that the component implements the IobjectConstruct
interface, which contains a method named Construct that is called by COM+ when
the object is instantiated. A constructor string is passed to the Construct method
containing configuration information that can be used by the object. The constructor
string passed to QueuedEMailer.CMailer is in the following XML format:
<config>
<from>support@consolidatedretail.com</from>
<subject>Order Confirmation</subject>
<TextXSL>C:\Inetpub\b2cref\xml\emailtext.xsl</TextXSL>
<HTMLXSL>C:\Inetpub\b2cref\xml\emailhtml.xsl</HTMLXSL>
<SMTPServer></SMTPServer>
<SMTPPort></SMTPPort>
<SMTPTimeout></SMTPTimeout>
<UseSSL>False</UseSSL>
<SMTPUserName></SMTPUserName>
<SMTPPassword></SMTPPassword>
<SMTPAuthMethod></SMTPAuthMethod>
</config>
This constructor is configured using the Component Services Microsoft Manage-

ment Console (MMC) snap-in as illustrated in Figure 9.10 on the next page.
The QueuedEMailer.CMailer object uses the MSXML3 and CDOSYS objects.
Loading of the XML and XSL is accomplished by the XMLDomDocument, which
uses the MSXML3 object. The actual sending of the e-mail message is accomplished
by the IMessage object (CDO-collaboration data objects), which uses the CDOSYS
object. The Collaboration Data Objects (CDO) for Microsoft Windows 2000
(Cdosys.dll), which implements the 2.0 version of the CDO API specification, is a
COM component designed to simplify writing programs that create or manipulate
Internet messages.
IT-EBOOKS.DIRECTORY
Figure 9.10
Component Services MMC Snap-in
Conclusion
At this point, you should understand the basic functionality and development
decisions behind the ConsolidatedRetail.com application. The code comments
provide additional detail and information.
The next chapter provides an overview of the debugging and testing processes and
best practices, with specific references to the actual tests performed on the Refer-
ence Architecture application.
IT-EBOOKS.DIRECTORY
10
Debugging and Testing
As with any application, it is the responsibility of the developer to ensure that an
e-commerce application delivers both the correct business functionality and the
required level of performance and scalability. To make sure that the application
meets its goals, it must be debugged thoroughly and performance tested.
The first section of this chapter describes procedures for debugging the
ConsolidatedRetail.com site as well as for viewing and debugging the Extensible
Markup Language (XML) output from the pre-processed Active Server Pages
(PASP) scripts. The chapter then goes on to describe types and levels of testing, the
functional testing process, performance testing, and general guidance for evaluating
the test results.
Debugging the Site

Debugging a Web site brings with it several challenges, particularly when server-
side logic such as Active Server Pages (ASP) scripting is used. The preferred devel-
opment environment for building and debugging Web-based applications on
computers running Windows is Visual Studio, which includes Visual InterDev, a
development suite for Web sites. You can use this environment to debug the Refer-
ence Architecture application by adding the FrontPage Server Extensions to the Web
site and creating a new Visual InterDev project based on the site.
For more information about debugging with Visual InterDev, refer to the Visual
InterDev documentation in the MSDN developer program library.
IT-EBOOKS.DIRECTORY
Debugging XML Output from PASP Scripts

Another challenging aspect of debugging the ConsolidatedRetail.com site is view-
ing the XML produced by the PASP scripts. The response stream from these pages is
intercepted by the Extensible Stylesheet Language (XSL) Internet Server Application
Programming Interface (ISAPI) filter and rendered using the specified style sheet.
However, there will be occasions when you should check the XML produced by the
script without applying a style sheet.
The easiest way to view the XML output is to make an .asp copy of each .pasp file in
the site, and access the .asp files using Microsoft Internet Explorer. Because the .asp
versions of the files will not be intercepted by the XSL ISAPI filter, the XML re-
sponse will be returned to the browser and can be seen by viewing the source of the
resulting page. You can access many of the scripts simply by specifying the URL
address of the file, while for others you must pass parameters in a query string
appended to the URL. The following list describes how you can view the XML
results of each of the PASP files in the site.
Note: The XML output for the PASP pages provided in the ConsolidatedRetail.com site is
reproduced in Appendix A. XML output can vary slightly depending upon input in user data
fields and whether or not Microsoft Passport authentication is used.
● Acct.pasp – Save the page as Acct.asp, and then navigate to the

ConsolidatedRetail.com site and log on (or you will be redirected when you try
to view Acct.asp). You can then use Internet Explorer to access Acct.asp by
specifying a URL address with no parameters (in the form http://servername:81/
Acct.asp). To view the XML, click Source on the View menu.
● AddressBook.pasp – Save this page as AddressBook.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected when you
try to view AddressBook.asp). You can then use Internet Explorer to access
AddressBook.asp by specifying a URL address with no parameters (in the form
http://servername:81/AddressBook.asp). To view the XML, click Source on the
View menu. For more meaningful results, use the site to add at least one address
to your address book first.
● AddtoList.pasp – Save this page as AddtoList.asp, and then navigate to the
to view the page). You can then use Internet Explorer to access AddtoList.asp by
AddtoList.asp). To view the XML, click Source on the View menu. For more
meaningful results, use the site to add items to a shopping list first.
● AddtoListResp.pasp – Save this page as AddtoListResp.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected when you
try to view the page). You can then use Internet Explorer to access
IT-EBOOKS.DIRECTORY
Chapter 10: Debugging and Testing 187
AddtoListResp.asp by specifying a URL address with no parameters (in the form

http://servername:81/AddtoListResp.asp). To view the XML, click Source on the
View menu. For more meaningful results, use the site to add items to a shopping
list first.
● Basket.pasp – Save this page as Basket.asp. You can then use Internet Explorer to
access Basket.asp by specifying a URL address with no parameters (in the form
http://servername:81/Basket.asp). To view the XML, click Source on the View
menu. For more meaningful results, use the site to add a few items to your
shopping cart first.
● Category.pasp – Save this page as Category.asp. You can then use Internet
Explorer to access Category.asp by specifying a URL address with values for
the following parameters:
● txtCatalog – The name of the catalog you want to browse.
● txtCategory (optional) – The name of a specific category in the specified

catalog).
For example, you could view the XML representation of the Books catalog by
specifying the following URL http://servername:81/
Category.asp?txtCatalog=Books
To view the Games category in the Books catalog, you would use the following
URL http://localhost/Category.asp?txtCatalog=Books&txtCategory=Games
When the page is returned, click Source on the View menu to see the XML.
● Changepasswd.pasp – Save this page as Changepasswd.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected when
you try to view Changepasswd.asp). You can then use Internet Explorer to access
Changepasswd.asp by specifying a URL address with no parameters (in the form
http://servername:81/Changepasswd.asp). To view the XML, click Source on the
View menu.
● CreditCards.pasp – Save this page as CreditCards.asp, and then navigate to the
to view the page). You can then use Internet Explorer to access CreditCards.asp
by specifying a URL address with no parameters (in the form http://
servername:81/CreditCards.asp). To view the XML, click Source on the View
menu.
● EditAddressBook.pasp. Save this page as EditAddressBook.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will not be able to
view any address information). The URL for this page can include values for the
following parameters:
● txtAddressType – Address type, such as billing or shipping. If no value is
provided, then the shipping address is used.
● txtAddressID – Globally unique identifier (GUID) for the address. If a value
is specified, then that address is returned.
IT-EBOOKS.DIRECTORY
For example, to view the XML produced when a user wants to add a new ship-
ping address, use Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp
To view the XML produced when a user wants to add a new billing address, use
Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp?txtAddressType=Billing
To view the XML produced when a user wants to edit a specific address, use
Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp?txtAddressID=AddressGUID
After you retrieve the page, click Source on the View menu to see the XML.
● EditCreditCard.pasp – Save this page as EditCreditCard.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected when
you try to view the page). You can then use Internet Explorer to access
EditCreditCard.asp by specifying a URL address with no parameters (in the form
http://servername:81/EditCreditCard.asp). To view the XML, click Source on the
View menu.
● ForgotPasswd.pasp – Save this page as ForgotPasswd.asp, and then navigate to
the ConsolidatedRetail.com site. You can then use Internet Explorer to access
ForgotPasswd.asp by specifying a URL address with no parameters (in the form
http://servername:81/ForgotPasswd.asp). To view the XML, click Source on the
View menu.
● Index.pasp – Save this page as Index.asp. You can then use Internet Explorer to
access Index.asp by specifying a URL address with no parameters (in the form
http://servername:81/Index.asp). To view the XML, click Source on the View
menu.
● ListBase.pasp – Save this page as ListBase.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will not be able to view the
information). The URL for this page can include values for the following
parameters:
● ListPage – List type, such as shopping lists (lists) or save for later (sfl).
● ListName – User-specified name for the shopping list.
For example, to view the XML for a shopping list called “MyClass,” use Internet
Explorer to navigate to the URL http://servername:81/
listbase.asp?ListPage=lists&ListName=MyClass
To view the XML, click Source on the View menu. For more meaningful results,
use the site to create a shopping list first.
● ListSearch.pasp – Save this page as ListSearch.asp. You can then use Internet
Explorer to access ListSearch.asp by specifying a URL address with no param-
eters (in the form http://servername:81/ListSearch.asp). You will see the blank
search form.
IT-EBOOKS.DIRECTORY
When the form is completed, the URL for this page can include values for the
following parameters:
● txtLogon – Logon name of the user who created the public list.
● txtListName – User-specified name for the shopping list.
● txtEmailAddress – E-mail address of the user who created the shopping list.
● txtSearch – Verifies that the search form is completed. This must return the
value True or an error message is displayed asking the user to enter complete
data.
For example, the URL for a shopping list called “Kim” would be similar to the
following:
http://servername:81/ListSearch.asp?txtLogon=UserName
&txtListName=Kim&txtEmailAddress=EmailName
&txtSearch=True
To view the XML, click Source on the View menu. For more meaningful results,
use the site to create a public shopping list first, and then search for that list.
● Login.pasp – Save this page as Login.asp. Close any current sessions with the
ConsolidatedRetail.com site (or you will be redirected to Acct.pasp when you try
to access Login.asp). You can then use Internet Explorer to access Login.asp by
Login.asp). To view the XML, click Source on the View menu.
● MultiShipping.pasp – Save this page as MultiShipping.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected to
Login.pasp when you try to view MultiShipping.asp). Then add at least one item
to your shopping cart (or you will be redirected to Basket.pasp when you try to
access MultiShipping.asp). You can then use Internet Explorer to access
MultiShipping.asp by specifying a URL address with no parameters (in the form
http://servername:81/MultiShipping.asp). To view the XML, click Source on the
View menu.
● OrderHistory.pasp – Save this page as OrderHistory.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to the Logon
page when you try to view OrderHistory.asp). Place an order. You can then use
Internet Explorer to access OrderHistory.asp by specifying a URL address with
no parameters (in the form http://servername:81/OrderHistory.asp). To view the
XML, click Source on the View menu.
● OrderHistoryDetail.pasp – Save this page as OrderHistoryDetail.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will be redirected
to the Logon page when you try to view OrderHistoryDetail.asp). Place at least
one order, and then you can view OrderHistoryDetail.asp using Internet Ex-
plorer by specifying a URL address with a single parameter, order, which should
be the GUID identifying an existing order (or an error will occur). The URL to
IT-EBOOKS.DIRECTORY
access this page is similar to the following: http://servername:81/

OrderHistoryDetail.asp?order= {0FA626B0-852E-4707-93D5-A00619C6A35B}
After you retrieve the page, click Source on the View menu to see the XML.
● OrderSummary.pasp – Save this page as OrderSummary.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected to the
Logon page when you try to view OrderSummary.asp). Place an order and
confirm the shipping address, shipping method, and payment information. The
Order Confirmation page should appear. Do not click submit. You can then use
Internet Explorer to access OrderSummary.asp by specifying a URL address with
no parameters (in the form http://servername:81/OrderSummary.asp). Click
Source on the View menu to see the XML.
● Payment.pasp – Save this page as Payment.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to the Logon
page when you try to view Payment.asp). Add an item to your shopping cart (or
you will be redirected to Basket.pasp when you try to view Payment.asp). Click
the Shopping Cart icon, and the click the check out button. On the Shipping
page, click Ship to this Address. On the shipping method selection page
(ShippingMethod.pasp), select a shipping method and click continue. Enter
credit card information, and then click submit. You can then use Internet Ex-
plorer to access Payment.asp by specifying a URL address with no parameters
(in the form http://servername:81/Payment.asp). Click Source on the View menu
to see the XML.
● Product.pasp – Save this page as Product.asp. You can then use Internet Explorer
to access Product.asp by specifying a URL address with values for the following
parameters:
● txtCatalog – The name of the catalog you want to browse.
● txtProductID – The ProductID for the product you want to view.
● txtVariantID (optional) – The variant ID for the product.
For example, you could view the XML representation of the book named Code by
specifying the following URL http://servername:81/
Product.asp?txtCatalog=Books&txtProductID=Code
Click Source on the View menu to see the XML.
● Registration.pasp – Save this page as Registration.asp. You can then use Internet
Explorer to access Registration.asp by specifying a URL address with no param-
eters (in the form http://servername:81/Registration.asp). To view the XML, click
Source on the View menu.
IT-EBOOKS.DIRECTORY
● SearchResults.pasp – Save this page as SearchResults.asp. You can then use

Internet Explorer to access SearchResults.asp by specifying a URL address with
values for the following parameters:
● txtSearchPhrase – The phrase you are searching for.
● txtCatalog – The name of the catalog you want to search.
● txtSearchRowsToReturn (optional) – The number of results you want to

return to the user interface.
● txtSearchStartPos (optional) – The row number you want to start the search
from.
For example, you could search for the word Age in the Books catalog by specify-
ing the following URL http://servername:81/
SearchResults.asp?txtSearchPhrase=age&txtCatalog=Books
● Shipping.pasp – Save this page as Shipping.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to Login.pasp
when you try to view Shipping.asp). Add an item to the shopping cart, and then
click the Shopping Cart icon. You can then use Internet Explorer to access
Shipping.asp by specifying a URL address with no parameters (in the form
http://servername/Shipping.asp). To view the XML, click Source on the View
menu.
● ShippingMethod.pasp – Save this page as ShippingMethod.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will be redirected
to Login.pasp when you try to view ShippingMethod.asp). Add an item to the
shopping cart, and then click the Shopping Cart icon. You can then use Internet
Explorer to access ShippingMethod.asp by specifying a URL address with no
parameters (in the form http://servername/ShippingMethod.asp). To view the
XML, click Source on the View menu.
● StepSearch.pasp – Save this page as StepSearch.asp. You can then use Internet
Explorer to access StepSearch.asp by specifying a URL with no parameters (in
the form http://servername/StepSearch.asp). To view the XML, click Source on
the View menu.
StepSearch.pasp has the following required parameters:
● hdnCatalog – The catalog that contains the items to search.
● txtCategory – The search category within the catalog.
● txtChildCategory (optional) – The subcategory within the category previ-

ously defined.
IT-EBOOKS.DIRECTORY
StepSearch can include additional optional parameters for each catalog and
category. For example, the catalog books could have the category business software
and the subcategory database. The search for database software books could
allow the following additional parameters:
● Author
● ISBN
● PageCount
● Publisher
● ReadingLevel
● Title
The URL address for such a search would be similar to the following:
http://servername/StepSearch.asp?hdnorder=Author%7CISBN%7CPagecount
%7CPublisher%7CReading+Level%7CTitle&hdncatalog=Books&txtcategory
=Business+Software&txtchildcategory=Database&Author=&ISBN=&Pagecount
=&Publisher=&Reading+Level=&Title=
● ThankYou.pasp – Save this page as Thankyou.asp, and then navigate to the
ConsolidatedRetail.com site and log on. Place at least one order and follow the
ordering procedure until the OrderSummary.pasp page is displayed. Do not click
submit. You can then use Internet Explorer to access Thankyou.asp by specifying
a URL address with no parameters (in the form http://servername/
Thankyou.asp). To view the XML, click Source on the View menu.
● UserProfile.pasp – Save this page as UserProfile.asp, and then navigate to the
ConsolidatedRetail.com site and log on. You can then use Internet Explorer to
access UserProfile.asp by specifying a URL address with no parameters (in the
form http://servername/UserProfile.asp). To view the XML, click Source on the
View menu.
Debugging a Custom Site Built on the Reference Architecture

If you build a custom business-to-consumer Internet site based on the Reference
Architecture code, you should be aware of the following when you debug the
application.
In some cases you will need to manually enable Visual InterDev debugging for your
ASP applications. These situations are documented in article Q258929, “HOWTO:
Debug ASP Applications Manually Against Windows 2000 Web Server,” in the
Microsoft Knowledge Base at http://search.support.microsoft.com/
Before you attempt to debug the application:
1. Complete the procedures documented in Microsoft Knowledge Base article
Q278751, “BUG Error 800a0046 After You Install Visual Studio 6.0 SP4.”
IT-EBOOKS.DIRECTORY
Complete these procedures even if you install Service Pack 5 (and earlier service
packs are not present). For more information, see Q244272, “INFO: Visual
InterDev 6.0 Debugging” in the Microsoft Knowledge Base.
2. Install Visual Studio Service Pack 5 (SP5), which is available for download at
http://msdn.Microsoft.com/vstudio/sp/vs6sp5/dnldoverview.asp/. Refer
to the readme file included in the Service Pack download for any additional
requirements.
Developing a Test Strategy

The test effort requires a focus because there are many possible test areas and
different types of testing available for each one of those areas. Because there
are always resource constraints — whether these are time, people, or money —
prioritization of the test areas and the type and level of testing to be done are
very important decisions, and are the focus of preliminary test planning.
Possible Test Areas

The following are possible areas to focus your testing:
● User Interface testing – These tests check form and consistency. Checks include
those for screen appearance (font, size, colors, and appearance in general), as
well as checks on the data validations for all of the fields in all of the forms in the
application. Both of these tests should be based on the specification documents.
(See Appendix B for more information about data validation in the Reference
Architecture.)
● Business Logic testing – The functional specification document defines the
business logic that is expected in the implementation. Therefore, there should be
a set of test cases for checking the business logic. For the Reference Architecture
implementation, this could be done either from the user interface or from the
Commerce Server Business Desk utility. This testing should include testing for
different kinds of users and for different entry paths into the site.
● Backend testing – Ideally, back-end tests should be done in the database. Because
the Reference Architecture uses Microsoft Commerce Server 2000, which is
tightly integrated with the SQL Server 2000 tables, the test team could use the
Commerce Server objects to interact with the tables. The test team could write
stubs to test the Commerce Server objects in an isolated manner, and then com-
pare the results from the stub with the XML output that the code generates. You
could also perform this comparison at the user interface layer.
IT-EBOOKS.DIRECTORY
Possible Test Types

The test team may want to perform the following types of tests:
● Functional testing ensures that the system provides the functionality described
in the functional specification document.
● Regression testing checks whether or not the identical actions performed using
an earlier build of a product function the same on a new build of the product.
This process determines whether a previously reported problem is still there,
whether the problem has been completely resolved; and whether the resolution
caused new problems or revealed related problems.
● Security testing guarantees that only users with the appropriate authority are
able to use the applicable features of the system. Systems engineers establish
different security settings for each user in the test environment.
● Performance testing ensures that the application responds in the time limit set
by the user.
● Stress testing verifies that the application responds appropriately with many
users and activities happening simultaneously. The number of users must be
agreed upon beforehand, and the hardware environment for system testing must
mirror production.
● Automated testing can be used for regression and functional testing. This can be
very helpful if the system is stable and not changed often.
● Platform testing certifies that the application runs successfully on the operating
system and browser combinations agreed upon in the master test plan, which is
discussed in the “Testing Methodology” section later in this chapter.
● Internet service provider (ISP) smoke testing confirms that the application
responds to requests made over an ISP connection.
● End-to-end interface testing checks all of the inputs and outputs as well as the
system. This ensures that the application interacts properly with external sys-
tems as defined by the functional specifications.
● Input and boundary testing guarantees that the system allows only valid input.
This includes testing to ensure that the maximum number of characters for a
field cannot be exceeded and that boundary conditions function correctly (such
as valid ranges and off-by-one, null, maximum, minimum, tab order from field
to field on the screen, and so on).
● Windows/Internet GUI standards testing verifies that the application has a
standardized look and feel.
● Localization testing guarantees that the application will work properly in
different languages.
● Euro-compliant testing is used when an application will receive monetary
values from the Economic and Monetary Union (EMU).
IT-EBOOKS.DIRECTORY
● Conversion testing checks any data that must be converted to ensure that the
application works properly. This could be conversion from a legacy system or
changes needed for the new schema.
● Installation/upgrade testing checks the setup/upgrade routine to ensure that
the application can be installed over an existing copy. The test team may decide
whether to test only full builds or to also test incremental builds.
● Usability testing ensures that the application is easy to work with, limits key-
strokes, and is easy to understand. The best way to perform this testing is to
bring in experienced, medium, and novice users, and solicit their input on the
usability of the application.
● Ad hoc testing is done to test the system with unstructured scenarios to ensure
that it responds appropriately. To accomplish this, you can ask someone to
perform a function without telling them the steps for doing it.
● Environment security testing guarantees that the application installs and runs
in the production environment. For this testing, the SQL Server and Internet
Information Services (IIS) security settings must be identical to those used in
production.
● Network testing determines what happens to the application when different
network latencies are applied. For example, it can uncover possible problems
with slow network links.
● Disaster recovery (backup/restore) testing is done to ensure that adequate
procedures are in place for restoring the application and its data store in the
event of a disaster. This testing is owned by production support.
● Application-based failover functionality testing ensures that application-based
failover works in documented failure situations.
● User acceptance testing is typically performed by those who are similar in skill
set and background to the target audience. The purpose is to determine how well
the application meets user requirements and expectations (the user requirements
drive the test). Note that the test team doesn’t actually perform this testing, but
may supervise or design it.
● Out of memory and memory leaks testing ensures that the application runs in
the amount of memory specified in the technical documentation. This testing
also detects memory leaks associated with starting and stopping the application
many times.
● Migration testing of applications from earlier versions of the operating system
ensures that the application runs after a later version of the operating system is
installed.
● Help testing is done to ensure that the details provided in Help are relevant and
provide a solution to the problem faced. The test team does not check the valid-
ity of the business rules while verifying the Help content.
IT-EBOOKS.DIRECTORY
The test team must decide on the level of testing that needs to be done in each of
these areas, as follows:
● High – Very important to thoroughly test this area
● Medium – Perform standard testing
● Low – Test if time allows
The next section focuses on functional testing.
Functional Testing
While developing an e-commerce solution, you should carefully test each build to
ensure that it provides the functionality described in the application functional
specification. This involves ensuring that the application behaves in the expected
manner when each of the user scenarios identified in the application design occurs.
Testing Methodology
In most medium-to-large scale projects, a testing team is assigned the task of per-
forming functional testing, and an iterative cycle of application builds and tests lead
to the eventual release of the software.
Figure 10.1 shows a typical application development and test cycle. Refer to the
appropriate subsection in this chapter for a description of each stage in the cycle.
Stage 1 – Document the Test Goals and Master Plan

The testing effort begins with the documentation of the test goals and how these
goals are to be achieved. It is essential to plan and put in writing the test assump-
tions, schedule, priorities to test, level of testing, responsibilities, expectations and
dependencies, risks, and mitigation plans — all in the context of the testing effort.
At the end of this planning, you will have a master test plan document, which is a
living document through the test life cycle.
The source documents required during this phase are the functional specification
document and the high-level release schedule of the code.
Refer to the “Developing a Test Strategy” section earlier in this chapter for a de-
scription of the areas and types of tests that the team should consider when devel-
oping the master test plan.
Stage 2 – Prepare the Detailed Test Plan

The detailed test plan describes the various usage scenarios and entry paths for all
of the users or accounts. These test usage scenarios are based on the usage scenarios
identified during the application design process. The detailed test plan also identi-
fies the priority of each of the scenarios to be tested.
IT-EBOOKS.DIRECTORY
1. Test Goals /
Master Test 2. Detailed Test 3. Test Plan 4. Test Case
Planning Planning Review Generation
5. Test Execution / 6. Cycle 9. Test Report 10. Release

Defect Isolation Complete? Generation
7. Triage Meeting
Key
Test Team
Development
8. Bug Fix Team
Figure 10.1
Typical Test Cycle
The source documents required during this phase are the functional specification
document and the high-level application and architectural design.
Refer to Appendix C for a sample detailed test plan.
Stage 3 – Review the Detailed Test Plan

The development team must review the detailed test plan to ensure that it matches
the functional testing requirements for the application. After the testing plan is
approved, testing can begin.
Stage 4 – Define the Test Cases

The approved detailed test plan is used to generate detailed test cases that define
the action to be performed on the application, as well as the input data, expected
results, and the need to record the results in a prescribed format. During this stage,
you should prioritize the detailed test cases based on the criticality of the function
being tested. (It may be necessary to expand each scenario in the detailed test plan
into one or more test cases in the detailed test case document.) In addition, you may
need to generate a test case sequencing document to reduce execution time.
Refer to Appendix D for sample detailed test cases.
IT-EBOOKS.DIRECTORY
Stage 5 – Test the Application

During the actual testing stage, you should test all of the application paths end-to-
end to ensure that they conform to the functional specification. The test team uses a
defect-tracking tool to report all of the defects uncovered during testing to program
management. In addition, the test team may isolate the defects.
The documents necessary for this phase are the detailed test cases.
Stage 6 – Determine if the Build/Test Cycle Is Complete

It is unlikely that the application will be ready for release after a single round of
testing. The decision to perform another build and test iteration depends on many
factors, including the severity of the remaining bugs, budgetary constraints, and
milestone dates. Your project plan should allow for several build/test iterations
before release.
Stage 7 – Hold Triage Meetings

The test team, program management team, and development team discuss the
defects during triage meetings, and each defect is assigned to a development team
member for resolution.
Stage 8 – Fix and Resolve Bugs

The development team must work together to resolve all of the bugs identified
during the triage meeting. After resolving them, each bug is assigned back to the
owner (the test engineer who raised the bug) for verification and closure, if verifica-
tion is successful. After a defect — or bug — is resolved, the defect is assigned back
to the owner (the test engineer who identified the bug) for closure if it is fixed or for
further action if issues are unresolved.
Stage 9 – Generate the Test Report

The test report contains status information about specific items listed in the test
plan, along with defect information categorized by severity level.
This report is crucial for the Go/No Go meeting (discussed in the following
subsection).
Stage 10 – Conduct the Go/No Go Meeting

When testing is complete, the program management team conducts a Go/No Go
meeting to decide whether or not the application is ready to be released. In addition
to program management, the required attendees are the test team and the develop-
ment team.
The key documents for this meeting are the release criteria (decided during the
master test plan stage) and the test report.
IT-EBOOKS.DIRECTORY
Performance Testing
Before deploying an e-commerce solution into a production environment, the
application should be thoroughly tested to ensure that it meets the required perfor-
mance and scalability targets. Generally speaking, an application should be tested
in terms of response time and throughput to verify that it provides an acceptable level
of performance when used by the target number of users.
Response Time
Response time is a measurement of the performance of the application from the
individual user’s perspective. It measures the interval between a user request and
the response from the application. What constitutes an acceptable response time
will vary from site to site, and perhaps from page to page (for example, a user may
be prepared to wait longer for his or her user credentials to be authenticated than
for the products in a requested category to be displayed), and while a “the faster the
better” approach may seem to be the preferred design pattern, you should be aware
that in some cases, response time should be compromised to provide adequate
security or scalability.
The two main factors that contribute to poor response time in an e-commerce
application are network latency and application processing time. Network latency can
be minimized in a number of ways. For example:
● Deploy the application on suitable infrastructure architecture. For example,
use fast switches rather than hubs and specify high performance networking
hardware.
● Minimize the physical distance between application tiers.
● Minimize the number of cross-network function calls between components.
● Cache data to avoid unnecessary database access calls.
Application processing time is the “think” time that the application requires to
perform particular tasks. You can minimize this time by ensuring that your code is
well written and that the application uses an appropriate mix of interpreted script
and compiled code. Additionally, using an asynchronous programming model
where possible can greatly enhance response time.
Response time generally degrades as the load on an application increases. Addition-
ally, some programmatic bugs (such as those resulting in memory leaks) can be
detected under high load levels only. Therefore, response time tests must be per-
formed under a suitable simulation of the expected load.
IT-EBOOKS.DIRECTORY
Throughput
Throughput is a more holistic view of the application’s performance. It measures
the ability of the application to cope with the load placed on it by multiple concur-
rent users. Throughput is generally measured in pages per second or requests per
second, and it is an indication of how well the application scales when accessed
by large numbers of users.
Strategies to improve throughput include scaling out (using multiple servers
configured in a load balancing cluster to share the user load), partitioning data
across multiple database servers using a hashed value as a partitioning key, mini-
mizing resource contention by utilizing pooling technologies (such as database
connection pooling and COM+ object pooling), and scaling up (adding hardware
resources to servers in order to cope with the increased load).
To accurately test throughput in an e-commerce site, you must profile the kinds of
activity your users will be performing. In particular, you must identify the antici-
pated buy-to-browse ratio (the expected percentage of users who make a purchase
compared to the percentage of users who simply browse the catalog). This can vary
widely between different types of sites (for example, in a business-to-consumer
retail site you may expect only around 20 percent of users to actually make a pur-
chase, while in an Internet banking solution, most users will require a transaction of
some sort). To a large extent, this information can be accurately identified only after
the site is in production, but you should test using the most accurate estimations
available based on the metrics from similar sites. When simulating user load for test
purposes, you should try to reflect the expected usage patterns as much as possible
to gain an accurate picture of how the application will perform in production.
Testing should be performed on a realistic basis. The test infrastructure should be as
close as possible to the production environment in which you intend to deploy the
application. For example, you should use multiple Web servers configured with
some kind of Internet Protocol (IP)-based load balancing. Don’t rely on performance
metrics gathered from testing on a single computer! Remember that security mea-
sures such as firewalls and encryption affect performance, and incorporate these
measures into your test environment.
Performance Testing Tools and Utilities

There are a variety of tools that can be used to gather performance statistics. These
include monitoring tools such as Microsoft Windows 2000 System Monitor and
Netmon, SQL Server Profiler, system log files such as those generated by IIS, dedi-
cated testing tools such as Microsoft Web Application Stress (WAS) tool, and many
other third-party stress testing tools. Each tool has its own strengths and weak-
nesses, so to get an accurate picture of your application’s performance, do not rely
on a single tool. Instead, test the application using a variety of different tools.
IT-EBOOKS.DIRECTORY
The WAS tool can be used to simulate the load placed on your application by a
number of concurrent users. To do this, you can record a sequence of HTTP requests
to your site, and have the WAS tool play those requests back for a specified number
of concurrent users. The tool gathers response time and throughput statistics, which
can then be used to evaluate your application’s performance. You can learn more
about the WAS tool and download it at http://webtool.rte.microsoft.com/
default.htm
When using stress testing tools such as WAS, you should create several scripts
simulating different user scenarios, rather than a single script. This allows you to
run the scripts individually when you are trying to identify a specific performance
bottleneck, or simultaneously when you are trying to simulate a realistic load on
the application. Most stress testing tools allow you to configure the relative stress
placed on the system by each script as a percentage of the total stress, allowing you
to more accurately reflect the usage patterns you expect to find in production.
Performance Testing Methodology

The customers of an e-commerce site expect the site to perform well at all times.
Performance, scalability, and overall reliability of the application are fundamental
to the Web application design.
The methodology of performance analysis includes the following distinct steps:
1. Preparing for the analysis
2. Creating a stress script
3. Executing the test
4. Analyzing the results
5. Documenting and delivering the results.
Each of these steps is examined in the following sections.
Preparing for the Analysis

The first step of the analysis involves gathering information. This information
should provide you with the details necessary to duplicate the application environ-
ment and understand how the application is used; it should also tell you of any
existing performance issues. Sources for this information include marketing fore-
casts, production IIS logs, performance logs, and functional specifications for the
application. Of course, much of this information is available for an existing produc-
tion site only. For a new site, you should rely on marketing forecasts and metrics
obtained from similar sites. The information you collect is critical to the success
of the performance analysis. It will help determine the requirements for the test
environment and will be used through all phases of the analysis — from staging
the environment to deciphering test results.
IT-EBOOKS.DIRECTORY
You should also identify all deliverables for the performance analysis before the
analysis begins. Think of the deliverables as the contract between the test team and
the application owners. Often when conducting performance analysis, the applica-
tion owners may not know what they are looking for out of the analysis. Creating a
set of deliverables can answer this for them.
Create a Replica of the Production Environment
For the most accurate test results, the test facility should mimic the current or
expected production environment. This includes both hardware and software
configurations. If load-balancing solutions such as Microsoft Network Load Balanc-
ing or the Windows NT Load Balancing Service (NLB/WLBS) are deployed in
production, your test environment should reflect this.
Server roles and the number of servers deployed in production should similarly be
configured in the test facility. For example, if you are using a cluster of three IIS
servers in production, match that configuration in the stress test lab. CPU, RAM
and disk configurations for each IIS server should also match what is in production.
Service packs, drivers, and BIOS versions for hardware must be duplicated. Match-
ing hardware and software enables you to produce more accurate benchmark
numbers and eliminates the need to extrapolate data.
You may not be able to create an exact replica of your production environment due
to budget constraints or other limitations. In that case, be sure to note the differ-
ences when you are performing your data analysis.
To test the ConsolidatedRetail.com site, the application was deployed on the test
infrastructure shown in Figure 10.2.
The workstations were used to simulate Internet clients (one of the computers ran
Windows 2000 Professional, while the other two ran Windows 98), accessing the site
through a level three switch. The IIS servers in the Web tier then communicated
through a second switch to the database server. All Commerce Server objects and
pipelines were deployed on the IIS servers (that is, there was no separate physical
tier of application servers) and all of the site data, with the exception of the direct
mail database, which was stored on the SQL Server database server behind the
second switch. The direct mail database was deployed on the IIS servers.
This infrastructure was designed to provide an approximation of the deployment
environment for the application.
IT-EBOOKS.DIRECTORY
IIS Server
(4x500 MHz, 512 Mb RAM)
Test Workstation
(P2, 266, 128Mb RAM)
IIS Server
Ethernet
Ethernet
Ethernet
(4x700 MHz, 512 Mb RAM)
Switch Switch
SQL Server
Test Workstation (8x500 MHz, 2098 Mb RAM)
(P2, 266, 128Mb RAM)
IIS Server
(4x700 MHz, 512 Mb RAM)
Test Workstation
(P2, 266, 128Mb RAM)
IIS Server
(4x700 MHz, 512 Mb RAM)
Figure 10.2
Test Infrastructure
Involve the Application Owner

Many times the application owners have conducted research of their own. Discuss-
ing performance issues with the application owners may save you time. They will
be able to provide you keen insight into performance anomalies with their applica-
tion. In particular, the application developers may have specific areas of concern
and knowledge that a manager may not be able to provide. If their research uncov-
ers existing bottlenecks, your task could simply involve verifying these trouble
areas and providing the developers with greater detail.
IT-EBOOKS.DIRECTORY
Understand the Technology Behind the Application

Understanding the technologies behind the application before proceeding is im-
perative. The more in-depth understanding you have of the application, the more
thorough your performance/stress analysis will be. For example, if you know that a
particular application relies heavily on XML, you should become familiar with the
performance tuning aspects of XML.
In the case of the ConsolidatedRetail.com application, the test team needed to be
confident in the deployment and use of Commerce Server 2000, as well as XML and
the XSL ISAPI filter.
Define the Transaction or User Scenarios
To complete a successful performance/stress analysis, you must know how end
users use an application on a daily basis. You will find that users tend to do one
task more than others. Your performance/stress scripts should reflect this usage
pattern. When you are determining these usage patterns, be sure to contact market-
ing and product support staff. These people generally have more contact with users
and will have insight into these statistics. IIS logs are also a good source for under-
standing how often application components or pages are accessed. Logs can also be
extremely useful, not only for defining user scenarios to script, but also for verify-
ing page view distribution in production compared to stress test distributions.
In the case of the ConsolidatedRetail.com site, the expected usage pattern is a
browse to buy ratio of 80 percent. Additionally, of the 20 percent of users who make
a purchase, it is expected that half of them will be returning users who have already
registered, and half will be new customers who must register before checking out.
Define the Goals
Be sure to define the goals of the analysis, and include these goals in the test plan so
that everyone has the same understanding of what the deliverables are. This re-
duces the risk of having to re-run test scripts, which wastes time and resources and
can negatively affect the analysis because the test team may tend to rush through
the data due to a lack of time.
Creating the Stress Script

After gathering the required information and preparing your test environment, the
next step in the performance/stress analysis is to create a stress script that accu-
rately simulates the expected traffic for the site. This can be accomplished using
historical data from the current build/version of the site or expected data from the
marketing or business analysts. To generate bulletproof stress scripts, consider the
factors discussed in the following subsections.
IT-EBOOKS.DIRECTORY
Create More Than One Script

When dealing with multiple scenarios, you should avoid creating a single script
that contains all of the scenarios. Using a single large script will make it difficult to
isolate the particular scenario that is slowing down the entire script. For example, if
you want to simulate a common e-commerce site, you may have a user scenario in
which the user browses categories and products, another in which the user adds to
the shopping cart and checks out, and yet another that allows the user to search for
products. If the test team creates three separate scripts, the team can execute stress
tests separately, identify the bottlenecks in each user scenario and simultaneously
simulate the anticipated traffic mix of the site.
Avoid Record and Play Back
The days of static Web sites have long been over. A majority of today’s sites, par-
ticularly those created for the purpose of e-commerce, have content that is purely
dynamic. For that reason, you cannot accurately script the site by simply recording
and playing back the basic get and post commands. You may need to customize if
the site dynamically generates items such as shopper IDs, basket IDs, order IDs, and
GUIDs. Many test tools have features to capture the dynamically changing variables
for each thread (virtual user), but you need to verify the script results to ensure
variables are being generated properly.
Many test tools also have the ability to import data from a .csv or .txt file. This
feature allows you to dump a list of products and categories from the SQL database
and use the data contained in the files as the means to make your script more
dynamic (instead of making your script use the same products repeatedly). The
WAS tool allows you to create a list of variables to include in your script, for ex-
ample; user names, passwords, products, and categories can all be created as
variables.
Verify the Actions of the Stress Tool
Before proceeding with a large-scale test, you should always verify that the stress
tool is accurately using the site as an actual user. To do this, you must understand
what each ASP page accesses and executes on the IIS server and SQL Server. The IIS
server log file and the SQL Profiler/Trace files are excellent resources to use when
tracking the behavior of ASP pages. A more accurate method is to walk through the
site with a browser and make note of all SQL commands and stored procedures that
are called for each page. In addition, note all of the Web content (such as GIF, XML,
ASP, and HTML files) that appears in the IIS log for each page included in the stress
script. You can then play the script back for one user going through the scenario a
single time and verify that the identical server-side activity occurs in the SQL trace
file and IIS log.
IT-EBOOKS.DIRECTORY
Executing the Performance/Stress Test

At this point, you should have an environment built to host the application and a
script created that simulates client load. The third step of a performance/stress
analysis is to execute the stress test by running your script. The following subsec-
tions outline some basic points to use when executing a performance/stress test.
Smoke Test the Site
Smoke testing allows you to identify the number of clients and number of threads
necessary to find the application system bottleneck. Microsoft recommends using
several clients running a lower number of threads, rather than a single client run-
ning a high number of threads. Smoke testing means running several short stress
tests to focus into the optimal ratio between clients and virtual user threads. Opti-
mal means the ratio that is producing a performance degradation or bottleneck on
the servers, not on the stress clients.
Start Gather Performance Data
When you have the correct ratio between clients and threads, set up the test by
starting System Monitor on all of the servers and logging every counter. For tests
that are 30 minutes or less, you can use 15- or 30-second intervals. For longer tests,
use 60- to 300-second intervals to keep the log file size to a minimum.
Reset the IIS Log Before Starting Your Test
Clearing the IIS logs eases the process of data analysis. You can reset the logs by
shutting down the IIS Administrator Service (iisadmin) by using the iisreset com-
mand or the net stop iisadmin /y command. Next, delete the IIS log file found in
C:\Winnt\System32\LogFiles, and restart the w3svc service by using the net start
w3svc command.
Clear the Windows Events System, Security, and Application Logs
Clearing the Windows Events logs allows you to identify any abnormal error
messages resulting from the site during stress testing.
Configure and Start the SQL Profiler
On the SQL Server, start the SQL Profiler, create a new trace, and add the T-SQL and
Locks events only. This trace shows all of the SQL commands and stored proce-
dures, reads, writes, and command durations, and any deadlocks that occur. Note
that SQL trace files rapidly grow in size as the test proceeds. Therefore, only collect
them for the entire test if you are running a test of 30 minutes or less. For an ex-
tended test, Microsoft recommends running SQL Profiler at 30-minute intervals in
the beginning, middle, and end of the test. If you have an additional SQL Server,
you can set up your trace to log to a database instead of a file.
IT-EBOOKS.DIRECTORY
Create a Controlled Environment

If possible, try to execute the stress test with no other activity on the IIS cluster or
SQL Server(s). Using this controlled environment, you can make sure that there are
no abnormal error messages, page views, network traffic, or load coming from any
source other than your stress clients.
Analyzing the Results

After you run the tests and generate the test data, you can begin the analysis phase.
First, you should verify that the stress test ran through the simulation successfully,
and then proceed with a complete analysis of the data. This process is outlined in
the following subsections.
Stop the Simulation and Halt Data Collection
Stop the stress scripts, System Monitor, and SQL Profiler on all of the clients and
servers in the test environment. Make sure that the System Monitor, SQL Profiler
trace, IIS log, and Windows Event Logs have been saved in a separate directory,
allowing you to archive and organize your test data.
Review the Windows Event Log
Read through the Windows Event Log and make sure that no abnormal messages
were generated as a result of your stress script. Errors generated as a result of the
stress test are acceptable.
Analyze the Performance Monitor Data
System Monitor data can help you determine metrics such as system CPU utiliza-
tion, memory utilization, disk queuing, and w3svc counters.
Analyze the SQL Trace File
When you analyze the SQL trace file, search for SQL commands and stored proce-
dures that have long durations (more than a second), and a high number of SQL
reads or writes. If you are not familiar with the performance tuning aspects of SQL
Server, forward your findings to a SQL architect for further analysis. Tuning the
SQL Server may involve adding a few indexes and changing code within the stored
procedures, or it can become a more involved process of re-architecting the design
of the database.
Verify the Pages Accessed
IIS log files should help identify all of the page views accessed during the stress
test. Additionally, Commerce Server 2000 statistics and IIS log files can be imported
into a data warehouse and examined using the Reports module of Commerce Server
Business Desk. This can provide an in-depth picture of the site activity during
the test.
IT-EBOOKS.DIRECTORY
Measure Throughput for the Site

Throughput is measured in terms of successful completions of user scenarios. For
example, successful shopping basket creations, orders processed, and searches
performed are considered successful completions for an e-commerce site. These
metrics are understandable by most everyone, not just developers. One of the
easiest and most accurate methods to define throughput is by using a table in the
database and measuring the delta before and after the test. You can then reconcile
this data using the IIS log, counting the number of actual page views.
Use SQL Tables for Throughput Analysis
As mentioned earlier, SQL databases also have tables that can be used to count the
number of successful transactions. For example, if there is a shopping basket table,
run a row count before and after the stress test. The difference is the number of
shopping baskets created during the stress test. The results of the query, along with
the time stamps at the beginning and end of the test, help determine a transaction/
time throughput rate.
Verify Throughput Numbers
The key questions to answer during this verification is whether the number of
transactions indicated by the IIS log correlate with the number of total new transac-
tions indicated by entries in the database, and if not, why. Another potential source
for verifying throughput is stress tool reports, although these reports can be overly
optimistic when compared to server side data. Therefore, you may want to trust the
server side data if there is a discrepancy. Verifying throughput from two or more
sources enables you to be more confident in the results.
Conclusion
This chapter provided instructions that will allow you to access and debug output
from the PASP script files included in the Reference Architecture application.
In addition, it provided an overview of the debugging and testing processes and
best practices, with specific references to the actual tests performed on the Refer-
ence Architecture application. You can use this chapter as a reference when develop-
ing a test plan for customized software based on the Reference Architecture. For
more information and specific examples to use when preparing detailed test plans
and test cases, refer to Appendices C and D.
IT-EBOOKS.DIRECTORY
Part 4
Appendices
Part 4 of the Developer’s Guide for the Reference Architecture for Commerce
provides additional reference materials that you may find helpful when reviewing
the Reference Architecture application code or when building or testing a solution
based on the Reference Architecture. The materials included in Part 4 are intended
primarily for application developers and testers.
Part 4, “Appendices,” includes the following:
● Appendix A: XML Output from ConsolidatedRetail.com
● Appendix B: Data Field Validation
● Appendix C: Sample Detailed Test Plan
● Appendix D: Sample Detailed Test Cases

IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
Appendix A
XML Output from
This appendix contains the XML output from the following ConsolidatedRetail.com
PASP files:
● Acct.pasp
● AddressBook.pasp
● AddtoList.pasp
● AddtoListResp.pasp
● Basket.pasp
● Category.pasp
● ChangePasswd.pasp
● CreditCards.pasp
● DeleteAddressBook.pasp
● EditAddressBook.pasp
● EditCreditCard.pasp
● ForgotPasswd.pasp
● Index.pasp
● ListBase.pasp
● ListSearch.pasp
● Login.pasp
● MultiShipping.pasp
● OrderHistory.pasp
● OrderHistoryDetail.pasp
IT-EBOOKS.DIRECTORY
● OrderSummary.pasp
● Payment.pasp
● Product.pasp
● Registration.pasp
● Shipping.pasp
● ShippingMethod.pasp
● StepSearch.pasp
● Thankyou.pasp
● UserProfile.pasp
Acct.pasp
The following XML is a sample of the output produced when an authenticated user
accesses Acct.pasp. (This XML was generated for a user who logged on using SQL
Server authentication rather than Passport; therefore, the <notpassportuser/> tag
appears in the XML output.)
server-config="Acct-Config.xml"
href="Acct-IE5.xsl"?>
<page pagename="Acct.pasp">
<pagemode/>
<profilemenu/>
<notpassportuser/>
<getcatalogsforuser>
<selectiontitle>Browse Catalogs:</selectiontitle>
<catalog>
</catalog>
<catalog>
</catalog>
<profile auth="auth"/>
<exceptions></exceptions>
</page>
IT-EBOOKS.DIRECTORY
Appendix A: XML Output from ConsolidatedRetail.com 213
AddressBook.pasp
The following XML is a sample of the output produced when an authenticated
user accesses AddressBook.pasp. (This XML was generated for a user who
logged on using SQL Server authentication rather than Passport; therefore, the
<notpassportuser/> tag appears in the XML output.) In addition, note that
<isbilling> has a value of 1, which indicates that the billing address is same as
the shipping address:
server-config="AddressBook-Config.xml"
href="AddressBook-IE5.xsl"?>
<page pagename="AddressBook.pasp">
<profilemenu/>
<addresses>
<address>
<address_id>{CDBD249A-3D16-4952-A2CC-947EA9D6985B}</address_id>
<address_type>1</address_type>
<description>Home</description>
<address_line2/>
<tel_number>019182782</tel_number>
<tel_extension/>
<isbilling>1</isbilling>
</address>
</addresses>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
AddtoList.pasp
The following XML is a sample of the output produced when a user adds items to a
shopping list:
server-config="addtolist-Config.xml"
href="addtolist-IE5.xsl"?>
<page pagename="addtolist.pasp">
<listaddinfo>
<productid>
</productid>
<variantid/>
<catalog>Books</catalog>
<category/>
<quantity>1</quantity>
</listaddinfo>
<lists></lists>
<publicuser/>
<lineitems>0</lineitems>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
AddtoListResp.pasp
The following XML is a sample of the output produced when a user views the
contents of an updated shopping list:
server-config="addtolistresp-Config.xml"
href="addtolistresp-IE5.xsl"?>
<page pagename="addtolistresp.pasp">
<response>Your item has been added to your list.</response>
IT-EBOOKS.DIRECTORY
<catalog>
</catalog>
<catalog>
</catalog>
</page>
Basket.pasp
The following XML is a sample of the output produced when a user accesses
Basket.pasp and has a product in the basket:
server-config="Basket-Config.xml"
href="Basket-IE5.xsl"?>
<page pagename="Basket.pasp">
<advertising/>
<auth/>
<currentcatalogname/>
<backurl>http://MYCOMP:81/index.pasp</backurl>
<discounts>
<nodiscountdisplay>—</nodiscountdisplay>
</discounts>
<totallineitems>1</totallineitems>
<orderform
orderform_id="{B8B9F717-FCEB-4DE3-8865-FF9168690A98}"
<Items quantity="1" product_id="651"
product_idurl="651" product_catalog="Hardware"
product_category="Featured Products"
description="Coming Soon"
d_DateCreated="10/8/2001 5:06:03 PM"
cy_lineitem_total="74.95"
lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
_product_Name="Microsoft® SideWinder® Freestyle Pro"
_cy_oadjust_adjustedprice="74.95"
_cy_oadjust_discount="0"/>
</orderform>
<catalog>
IT-EBOOKS.DIRECTORY
</catalog>
<catalog>
</catalog>
</page>
Category.pasp
The following XML is a sample of the output produced by Category.pasp:
server-config="Category-Config.xml"
href="Category-IE5.xsl"?>
<page pagename="Category.pasp">
<advancedsearch>
<advcatalogname>Hardware</advcatalogname>
<advcategoryname/>
</advancedsearch>
<searchscope>Hardware</searchscope>
<getcatalogattributes>
<startdate>2/10/2000</startdate>
<startdateurl>2%2F10%2F2000</startdateurl>
<enddate>2/10/2000</enddate>
<enddateurl>2%2F10%2F2000</enddateurl>
<variantid>SKU</variantid>
<variantidurl>SKU</variantidurl>
<productid>prodid</productid>
<productidurl>prodid</productidurl>
<currency>USD</currency>
<currencyurl>USD</currencyurl>
<weightmeasure>lbs</weightmeasure>
<weightmeasureurl>lbs</weightmeasureurl>
<catalogid>2</catalogid>
<catalogidurl>2</catalogidurl>
<customcatalog>False</customcatalog>
<customcatalogurl>False</customcatalogurl>
<freetextindexcreated>
9/27/2001 3:33:47 PM
</freetextindexcreated>
<freetextindexcreatedurl>
9%2F27%2F2001+3%3A33%3A47+PM
</freetextindexcreatedurl>
IT-EBOOKS.DIRECTORY
<producttableupdated>
9/27/2001 3:33:42 PM
</producttableupdated>
<producttableupdatedurl>
9%2F27%2F2001+3%3A33%3A42+PM
</producttableupdatedurl>
<currentcatagoryname></currentcatagoryname>
</getcatalogattributes>
<rootcategories>
<rootcategory>
<categoryname>Featured Products</categoryname>
<categorynameurl>Featured+Products</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Gaming Devices</categoryname>
<categorynameurl>Gaming+Devices</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Keyboards</categoryname>
<categorynameurl>Keyboards</categorynameurl>
</rootcategory>
<rootcategory>
<categoryname>Mice</categoryname>
<categorynameurl>Mice</categorynameurl>
</rootcategory>
</rootcategories>
<rootproducts>
<selectiontitle>
no products found at the root level for catalog 'Hardware'.
</selectiontitle>
</rootproducts>
<showlists/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
ChangePasswd.pasp
The following XML is a sample of the output produced by ChangePasswd.pasp:
server-config="ChangePasswd-Config.xml"
href="ChangePasswd-IE5.xsl"?>
<page pagename="ChangePasswd.pasp">
<profilemenu/>
<notpassportuser/>
<validate>
<maxlengthpassword>255</maxlengthpassword>
<validateitem>
<functionname>CheckPassword</functionname>
<fieldname>txtCurrentPassword</fieldname>
<errormessage>Please enter your current password.</errormessage>
</validateitem>
<validateitem>
<fieldname>txtNewPassword</fieldname>
<errormessage>Please enter a new password.</errormessage>
</validateitem>
<validateitem>
<fieldname>txtConfirmPassword</fieldname>
<errormessage>Please confirm the new password.</errormessage>
</validateitem>
</validate>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
CreditCards.pasp
The following XML is a sample of the output produced by CreditCards.pasp after a
user saves credit card information in his or her profile:
server-config="CreditCards-Config.xml"
href="CreditCards-IE5.xsl"?>
<page pagename="CreditCards.pasp">
<profilemenu/>
<creditcards>
<creditcard>
<ccid>{CDF383A4-7932-4674-867A-085F7B6E181A}</ccid>
<ccname>Kim Abercrombie</ccname>
<ccnumber>xxxxxxxxxxxxxxx5231</ccnumber>
<ccexpmonth>01</ccexpmonth>
<ccexpyear>2002</ccexpyear>
<ccnickname>Personal</ccnickname>
<user_id>{E246BE62-8937-4CF2-A312-178DEC172A5F}</user_id>
<cctype>Visa</cctype>
</creditcard>
</creditcards>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
DeleteAddressBook.pasp
The following XML is a sample of the output produced by DeleteAddressBook.pasp
when no address parameter is specified:
server-config="DeleteAddressBook-Config.xml"
href="DeleteAddressBook-IE5.xsl"?>
<page pagename="DeleteAddressBook.pasp">
<addresstype>Shipping</addresstype>
<pagemode>AddressBook.pasp</pagemode>
<profilemenu/>
<address>
<generalinfo>
<address_id>{372BB421-8990-4D41-9F23-6F9E682E8321}</address_id>
<address_name>a</address_name>
<description>b</description>
<address_line1>a</address_line1>
<address_line2>a</address_line2>
<city>a</city>
<region_name>Alabama</region_name>
<tel_extension/>
</generalinfo>
</address>
<code_table>
<region_name>Alaska</region_name>
<region_name>Arizona</region_name>
<region_name>Arkansas</region_name>
<region_name>California</region_name>
<region_name>Colorado</region_name>
<region_name>Connecticut</region_name>
<region_name>Delaware</region_name>
<region_name>District of Columbia</region_name>
<region_name>Florida</region_name>
<region_name>Georgia</region_name>
<region_name>Hawaii</region_name>
<region_name>Idaho</region_name>
<region_name>Illinois</region_name>
<region_name>Indiana</region_name>
<region_name>Iowa</region_name>
<region_name>Kansas</region_name>
<region_name>Kentucky</region_name>
<region_name>Louisiana</region_name>
<region_name>Maine</region_name>
<region_name>Maryland</region_name>
<region_name>Massachusetts</region_name>
IT-EBOOKS.DIRECTORY
<region_name>Michigan</region_name>
<region_name>Minnesota</region_name>
<region_name>Mississippi</region_name>
<region_name>Missouri</region_name>
<region_name>Montana</region_name>
<region_name>Nebraska</region_name>
<region_name>Nevada</region_name>
<region_name>New Hampshire</region_name>
<region_name>New Jersey</region_name>
<region_name>New Mexico</region_name>
<region_name>New York</region_name>
<region_name>North Carolina</region_name>
<region_name>North Dakota</region_name>
<region_name>Ohio</region_name>
<region_name>Oklahoma</region_name>
<region_name>Oregon</region_name>
<region_name>Pennsylvania</region_name>
<region_name>Rhode Island</region_name>
<region_name>South Carolina</region_name>
<region_name>South Dakota</region_name>
<region_name>Tennessee</region_name>
<region_name>Texas</region_name>
<region_name>Utah</region_name>
<region_name>Vermont</region_name>
<region_name>Virginia</region_name>
<region_name>West Virginia</region_name>
<region_name>Wisconsin</region_name>
<region_name>Wyoming</region_name>
</code_table>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
EditAddressBook.pasp
The following XML is a sample of the output produced by EditAddressBook.pasp
when no address parameter is specified:
server-config="EditAddressBook-Config.xml"
href="EditAddressBook-IE5.xsl"?>
<page pagename="EditAddressBook.pasp">
<pagemode/>
<profilemenu/>
<code_table>
IT-EBOOKS.DIRECTORY
</code_table>
<notpassportuser/>
<validate>
<maxlengthlistedas>255</maxlengthlistedas>
<validateitem>
<functionname>CheckListedAs</functionname>
<fieldname>txtListedAs</fieldname>
<errormessage>
Please enter a valid 'Listed As' name.
</errormessage>
</validateitem>
<maxlengthfullname>34</maxlengthfullname>
<validateitem>
<functionname>CheckFullName</functionname>
<fieldname>txtAddressName</fieldname>
<errormessage>Please enter a valid name.</errormessage>
</validateitem>
<maxlengthaddr1>20</maxlengthaddr1>
<validateitem>
<functionname>CheckAddress1</functionname>
<fieldname>txtAddressLine1</fieldname>
<errormessage>Please enter a valid address line 1.</errormessage>
</validateitem>
<validateitem>
</validateitem>
<maxlengthcity>22</maxlengthcity>
<validateitem>
<functionname>CheckCity</functionname>
<fieldname>txtCity</fieldname>
<errormessage>Please enter a valid city.</errormessage>
</validateitem>
<validateitem>
<functionname>CheckState</functionname>
<fieldname>txtRegionName</fieldname>
<errormessage>Please select a state.</errormessage>
</validateitem>
<maxlengthzipcode>14</maxlengthzipcode>
IT-EBOOKS.DIRECTORY
<validateitem>
<functionname>CheckZipCode</functionname>
<fieldname>txtPostalCode</fieldname>
<errormessage>Please enter a valid zip code.</errormessage>
</validateitem>
<validateitem>
<functionname>CheckPhoneFaxNumber</functionname>
<fieldname>txtPhoneNumber</fieldname>
</validateitem>
</validate>
<billing_address_id/>
<add_billing/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
The following XML is a sample of the output produced by EditAddressBook.pasp

when an address parameter is specified:
server-config="EditAddressBook-Config.xml"
href="EditAddressBook-IE5.xsl"?>
<page pagename="EditAddressBook.pasp">
<pagemode>AddressBook.pasp</pagemode>
<profilemenu/>
<code_table>
IT-EBOOKS.DIRECTORY
</code_table>
<notpassportuser/>
<validate>
<validateitem>
<fieldname>txtListedAs</fieldname>
<errormessage>
</errormessage>
</validateitem>
IT-EBOOKS.DIRECTORY
<validateitem>
<fieldname>txtAddressName</fieldname>
<errormessage>Please enter a valid name.</errormessage>
</validateitem>
<validateitem>
</validateitem>
<validateitem>
</validateitem>
<maxlengthcity>22</maxlengthcity>
<validateitem>
<functionname>CheckCity</functionname>
<fieldname>txtCity</fieldname>
<errormessage>Please enter a valid city.</errormessage>
</validateitem>
<validateitem>
<functionname>CheckState</functionname>
<fieldname>txtRegionName</fieldname>
<errormessage>Please select a state.</errormessage>
</validateitem>
<maxlengthzipcode>14</maxlengthzipcode>
<validateitem>
<functionname>CheckZipCode</functionname>
<fieldname>txtPostalCode</fieldname>
<errormessage>Please enter a valid zip code.</errormessage>
</validateitem>
<validateitem>
<fieldname>txtPhoneNumber</fieldname>
</validateitem>
</validate>
<billing_address_id>
{14505FF4-8B94-4102-9745-0AD40CC2010B}
</billing_address_id>
<add_billing/>
<address>
<generalinfo>
IT-EBOOKS.DIRECTORY
<address_line2/>
<tel_extension/>
</generalinfo>
</address>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
EditCreditCard.pasp
The following XML is a sample of the output produced by EditCreditCard.pasp
before a user submits revised credit card information for his or her profile:
server-config="EditCreditCard-Config.xml"
href="EditCreditCard-IE5.xsl"?>
<page pagename="EditCreditCard.pasp">
<pagemode/>
<strbilladdrid/>
<profilemenu/>
<creditcard>
<generalinfo>
</generalinfo>
</creditcard>
<donotshowcreditcard/>
IT-EBOOKS.DIRECTORY
<code_table>
<payment_method>
<payment_method_id>visa</payment_method_id>
<payment_method_name>Visa</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>mastercard</payment_method_id>
<payment_method_name>MasterCard</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>amex</payment_method_id>
<payment_method_name>American Express</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>discover</payment_method_id>
<payment_method_name>Discover</payment_method_name>
</payment_method>
<month>
<month_id>01</month_id>
<month_name>January</month_name>
</month>
<month>
<month_name>February</month_name>
</month>
<month>
<month_name>March</month_name>
</month>
<month>
<month_name>April</month_name>
</month>
<month>
<month_name>May</month_name>
</month>
<month>
<month_name>June</month_name>
</month>
<month>
<month_name>July</month_name>
</month>
<month>
<month_name>August</month_name>
</month>
<month>
<month_name>September</month_name>
</month>
IT-EBOOKS.DIRECTORY
<month>
<month_name>October</month_name>
</month>
<month>
<month_name>November</month_name>
</month>
<month>
<month_name>December</month_name>
</month>
<year>2001</year>
<year>2002</year>
<year>2003</year>
<year>2004</year>
<year>2005</year>
<year>2006</year>
</code_table>
<validate>
<validateitem>
<fieldname>txtCCNickName</fieldname>
<errormessage>
</errormessage>
</validateitem>
<validateitem>
<fieldname>txtCCName</fieldname>
<errormessage>Please enter a valid card name.</errormessage>
</validateitem>
</validate>
<catalog>
</catalog>
<catalog>
</catalog>
</page
IT-EBOOKS.DIRECTORY
The following XML is a sample of the output produced by EditCreditCard.pasp for

a modified credit card entry:
server-config="EditCreditCard-Config.xml"
href="EditCreditCard-IE5.xsl"?>
<page pagename="EditCreditCard.pasp">
<pagemode/>
<strbilladdrid/>
<profilemenu/>
<creditcard>
<generalinfo>
</generalinfo>
</creditcard>
<donotshowcreditcard/>
<code_table>
<payment_method>
<payment_method_id>visa</payment_method_id>
<payment_method_name>Visa</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>mastercard</payment_method_id>
<payment_method_name>MasterCard</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>amex</payment_method_id>
<payment_method_name>American Express</payment_method_name>
</payment_method>
<payment_method>
<payment_method_id>discover</payment_method_id>
<payment_method_name>Discover</payment_method_name>
</payment_method>
<month>
<month_name>January</month_name>
</month>
<month>
<month_name>February</month_name>
</month>
<month>
<month_name>March</month_name>
</month>
IT-EBOOKS.DIRECTORY
<month>
<month_name>April</month_name>
</month>
<month>
<month_name>May</month_name>
</month>
<month>
<month_name>June</month_name>
</month>
<month>
<month_name>July</month_name>
</month>
<month>
<month_name>August</month_name>
</month>
<month>
<month_name>September</month_name>
</month>
<month>
<month_name>October</month_name>
</month>
<month>
<month_name>November</month_name>
</month>
<month>
<month_name>December</month_name>
</month>
<year>2001</year>
<year>2002</year>
<year>2003</year>
<year>2004</year>
<year>2005</year>
<year>2006</year>
</code_table>
<validate><maxlengthlistedas>255</maxlengthlistedas>
<validateitem>
<fieldname>txtCCNickName</fieldname>
<errormessage>
</errormessage>
</validateitem>
<validateitem>
IT-EBOOKS.DIRECTORY
<fieldname>txtCCName</fieldname>
<errormessage>Please enter a valid card name.</errormessage>
</validateitem>
</validate>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
ForgotPasswd.pasp
The following XML is a sample of the output produced by ForgotPasswd.pasp:
server-config="ForgotPasswd-Config.xml"
href="ForgotPasswd-IE5.xsl"?>
<page pagename="ForgotPasswd.pasp">
<mspassport>
<anchor>a</anchor>
<url>
http://current-login.passporttest.com/login.asp?
id=1&ru=http%3A%2F%2Flocalhost%3A81%
2F%5FProcessPassportLogin%2Easp&tw=3600&fs=1&kv=1&
ct=1002587591&cb=0&ems=1&ver=1.990.1052.1&C=1
</url>
<passportimage>
<image>img</image>
<width>66</width>
<height>19</height>
<border>0</border>
</passportimage>
</mspassport>
<validate>
<maxlengthusername>255</maxlengthusername>
<validateitem>
<functionname>CheckUserName</functionname>
IT-EBOOKS.DIRECTORY
<fieldname>txtUserName</fieldname>
<errormessage>Please enter a valid user name.</errormessage>
</validateitem>
</validate>
<catalog>
</catalog>
<catalog>
</catalog>
<profile/>
</page>
Index.pasp
The following XML is a sample of the output produced by Index.pasp:
server-config="Index-Config.xml"
href="Index-IE5.xsl"?>
<page pagename="Index.pasp">
<advertising/>
<name></name>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
ListBase.pasp
The following XML is a sample of the output produced as the common code base
for the Save for Later, Shopping List, and Public List pages (the basket pages):
server-config="lists-Config.xml"
href="lists-IE5.xsl"?>
<page pagename="lists.pasp">
<listsmenu/>
<lists>
<list>
<name>Booklist</name>
<list_public>True</list_public>
</list>
<list>
<name>Kim's Game</name>
<list_public>False</list_public>
</list>
</lists>
<listname>Booklist</listname>
<same_owner/>
<saved_order_public>True</saved_order_public>
<totallineitems>4</totallineitems>
<orderform orderform_id="{AED2152F-B768-4558-AA6B-77C59A01E36D}">
<Items
quantity="1"
product_id=
"Microsoft Mastering: eCommerce Development: Business to Consumer"
product_catalog="Books"
product_category=""
d_DateCreated="10/8/2001 5:38:31 PM"
lineitem_uid="{2362784E-0FF2-4543-BB31-DEF2A7D33008}"
_product_Name=
"Microsoft Mastering: eCommerce Development: Business to Consumer"
_cy_oadjust_adjustedprice="0"/>
<Items
quantity="1"
product_id="Quick Course in Microsoft Access 2000"
d_DateCreated="10/8/2001 5:40:51 PM"
lineitem_uid="{CED8AABF-FDBF-4663-9070-04E567AC1A91}"
_product_Name="Quick Course in Microsoft Access 2000"
<Items
quantity="1"
product_id="Programming Microsoft Access 2000"
product_category=""
d_DateCreated="10/8/2001 5:41:31 PM"
lineitem_uid="{03FDA15D-4E62-41C4-A27D-2CF89199DA00}"
IT-EBOOKS.DIRECTORY
_product_Name="Programming Microsoft Access 2000"

<Items
quantity="1"
product_id="Programming Microsoft Internet Explorer 5"
product_category=""
d_DateCreated="10/8/2001 5:42:45 PM"
lineitem_uid="{990E64ED-AAF1-4BB6-8437-4FD7456014A1}"
_product_Name="Programming Microsoft Internet Explorer 5"
</orderform>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
ListSearch.pasp
The following XML is a sample of the output produced when a user chooses to
search for another user’s public shopping list:
server-config="ListSearch-Config.xml"
href="ListSearch-IE5.xsl"?>
<page pagename="ListSearch.pasp">
<mspassport>
<anchor>a</anchor>
<url>
ct=1002591087&cb=0&ems=1&ver=1.990.1052.1&C=1
</url>
<passportimage>
<image>img</image>
<width>66</width>
<height>19</height>
IT-EBOOKS.DIRECTORY
<border>0</border>
</passportimage>
</mspassport>
<displaysearchresults/>
<searchcriteria>
<email/>
<logon/>
<listname>my</listname>
</searchcriteria>
<searchresults>
<recordsfound>2</recordsfound>
<record>
<display_name>john</display_name>
<logon>public_user</logon>
<listid>{3AFD0281-5BCD-46DA-B118-69A0186BDD47}</listid>
<listname>MyBooks</listname>
</record>
<record>
<display_name>Mary</display_name>
<logon>public_user</logon>
<listid>{748B9FAD-3210-4F90-A222-C8748038B457}</listid>
<listname>MyList</listname>
</record>
</searchresults>
<advertising/>
<catalog>
</catalog>
<catalog>
</catalog>
<profile/>
</page>
Login.pasp
The following XML is a sample of the output produced when a registered user
logs on:
server-config="Login-Config.xml"
href="Login-IE5.xsl"?>
<page pagename="Login.pasp">
IT-EBOOKS.DIRECTORY
<mspassport><anchor>a</anchor>
<url>
ct=1002582678&cb=0&ems=1&ver=1.990.1052.1&C=1
</url>
<passportimage>
<image>img</image>
<width>66</width>
<height>19</height>
<border>0</border>
</passportimage>
</mspassport>
<validate>
<validateitem>
<fieldname>txtUserName</fieldname>
</validateitem>
<validateitem>
<fieldname>txtPassword</fieldname>
<errormessage>
Invalid password. Note that password is case-sensitive.
</errormessage>
</validateitem>
</validate>
<advertising/>
<pagemode/>
<catalog>
</catalog>
<catalog>
</catalog>
<profile/>
</page>
IT-EBOOKS.DIRECTORY
MultiShipping.pasp
The following XML is a sample of the output produced by MultiShipping.pasp:
server-config="MultiShipping-Config.xml"
href="MultiShipping-IE5.xsl"?>
<page pagename="MultiShipping.pasp">
<pagemode>MultiShipping.pasp</pagemode>
<addresses>
<address>
<address_id>{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}</address_id>
<address_line2/>
</address>
<address>
<address_line2/>
</address>
</addresses>
<orderform
<Addresses
address_name="Kim Abercrombie"
address_line1="1 Microsoft Way" city="Redmond" region_code="WA"
postal_code="12345" country_code="US" description="Office"
AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
<Addresses
address_name="Kim Abercrombie" address_line1="My House" city="Redmond"
region_code="WA" postal_code="12345" country_code="US" description="Home"
AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
<Items
quantity="1" product_id="651" product_catalog="Hardware"
product_category="Featured Products" description="Coming Soon"
d_DateCreated="10/8/2001 5:06:03 PM" cy_lineitem_total="74.95"
orig_lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
IT-EBOOKS.DIRECTORY
</orderform>
<code_table>
<shipping_method>
{00000000-0000-0000-0000-005211009179}
</shipping_method>
<shipping_method>
{00000000-0000-0000-0000-007390007575}
</shipping_method>
</code_table>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
OrderHistory.pasp
The following XML is a sample of the output produced by OrderHistory.pasp:
server-config="OrderHistory-Config.xml"
href="OrderHistory-IE5.xsl"?>
<page pagename="OrderHistory.pasp">
<profilemenu/>
<history>
<order>
<item>
<ordergroup_id>
{EDBBF5E4-9524-45A8-BAA2-CFB6CD40028A}
</ordergroup_id>
<order_status_code>4</order_status_code>
<orderstatusname>In Progress</orderstatusname>
<order_number>29598</order_number>
<saved_cy_total_total>107.45</saved_cy_total_total>
<d_datelastchanged>10/8/2001 6:16:18 PM</d_datelastchanged>
</item>
</order>
IT-EBOOKS.DIRECTORY
</history>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
OrderHistoryDetail.pasp
The following XML is a sample of the output produced by OrderHistoryDetail.pasp:
server-config="OrderHistoryDetail-Config.xml"
href="OrderHistoryDetail-IE5.xsl"?>
<page pagename="OrderHistoryDetail.pasp">
<orderform
orderform_id="{254416D6-82FD-45EF-B56D-19866D15615D}"
order_status_desc="In Progress"
billing_address_id="{14505FF4-8B94-4102-9745-0AD40CC2010B}"
saved_cy_oadjust_subtotal="74.95"
saved_cy_total_total="107.45"
cc_name="Visa"
cc_expyear="2002"
cc_expmonth="06"
cc_number="xxxxxxxxxxxxxxx5231"
cc_id="{CDF383A4-7932-4674-867A-085F7B6E181A}"
cc_Account_Holder="Kim Abercrombie"
cy_tax_total="7.5"
<Addresses
address_line1="1 Microsoft Way"
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
IT-EBOOKS.DIRECTORY
description="Office"
<Addresses
address_line1="My House"
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
description="Home"
AddressesDictKey="{14505FF4-8B94-4102-9745-0AD40CC2010B}"/>
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
description="Home"
<Items
quantity="1"
product_id="651"
product_Name="Microsoft® SideWinder® Freestyle Pro"
product_catalog="Hardware"
shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
d_DateCreated="10/8/2001 5:06:03 PM"
lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"/>
<shipments
shipping_method_id="{00000000-0000-0000-0000-005211009179}"/>
</orderform>
<profilemenu/>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
OrderSummary.pasp
The following XML is a sample of the output produced by OrderSummary.pasp:
server-config="OrderSummary-Config.xml"
href="OrderSummary-IE5.xsl"?>
<page pagename="OrderSummary.pasp">
<verify_with_total>107.45</verify_with_total>
<orderform
cc_name="Visa"
cc_expyear="2002"
cc_expmonth="06"
cc_id="{CDF383A4-7932-4674-867A-085F7B6E181A}"
_cy_shipping_total="25"
_cy_tax_total="7.5"
cc_Account_Holder="Kim
Abercrombie" cy_tax_total="7.5"
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
description="Home"
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
IT-EBOOKS.DIRECTORY
description="Home"
<Items
quantity="1"
product_id="651"
shipping_method_name="quantity"
d_DateCreated="10/8/2001 5:06:03 PM"
<shipments
</orderform>
<shipping_methods>
<shipping_method>
{00000000-0000-0000-0000-005211009179}
</shipping_method>
<shipping_method>
{00000000-0000-0000-0000-007390007575}
</shipping_method>
</shipping_methods>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
Payment.pasp
The following XML is a sample of the output produced by Payment.pasp:
server-config="Payment-Config.xml"
href="Payment-IE5.xsl"?>
<page pagename="Payment.pasp">
<advertising/>
<billingaddressstatus>
{14505FF4-8B94-4102-9745-0AD40CC2010B}
</billingaddressstatus>
<creditcards>
<creditcard>
</creditcard>
</creditcards>
<orderform
_cy_tax_total="7.5"
cy_tax_total="7.5"
<Addresses
city="Redmond" region_code="WA"
postal_code="12345"
country_code="US"
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
description="Home"
<Addresses
IT-EBOOKS.DIRECTORY
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
description="Home"
<Items
quantity="1"
product_id="651"
shipping_method_name="quantity"
d_DateCreated="10/8/2001 5:06:03 PM"
<shipments
</orderform>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
Product.pasp
The following XML is a sample of the output produced by Product.pasp:
server-config="Product-Config.xml"
href="Product-IE5.xsl"?>
<page pagename="Product.pasp">
<advancedsearch>
<advcatalogname>Books</advcatalogname>
<advcategoryname/>
</advancedsearch>
<advertising/>
<categoryname/>
<getproduct>
<product>
<originalpriceurl>27%2E99</originalpriceurl>
<productid>Code</productid>
<productidurl>Code</productidurl>
<variantid/>
<variantidurl/>
<author displayname="Author">Charles Petzold</author>
<authorurl>Charles++Petzold</authorurl>
<description>
Using common household objects and familiar language systems such
as Morse code and Braille, CODE reveals the secret inner life
of computers and other smart machines.
</description>
<descriptionurl>
Using+common+household+objects+and+familiar+language+systems
+such+as+Morse+code+and+Braille%2C+CODE+reveals+the+secret+inner+life
+of+computers+and+other+smart+machines%2E
</descriptionurl>
<isbn displayname="ISBN">0-7356-0505-X</isbn>
<isbnurl>0%2D7356%2D0505%2DX</isbnurl>
<name displayname="Name">Code</name>
<nameurl>Code</nameurl>
IT-EBOOKS.DIRECTORY
a href=http://mspress.microsoft.com/prod/books/2352.htm target =_a
http://mspress.microsoft.com/prod/books/2352.htm /a
</producturl>
<producturlurl>
a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fpro
d%2Fbooks%2F2352%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
2Emicrosoft%2Ecom%2Fprod%2Fbooks%2F2352%2Ehtm+%2Fa
</producturlurl>
<title displayname="Title">Code</title>
<titleurl>Code</titleurl>
<variants><variantname>ISBN</variantname>
<varcount>0</varcount>
</variants>
</product>
</getproduct>
<relatedproducts/>
<relatedcategories/>
<parentcategories>
<parentcategory>
<categoryname>Business Reference</categoryname>
</parentcategory>
<parentcategory>
<categoryname>Education Reference</categoryname>
</parentcategory>
<parentcategory>
<categoryname>Programming Languages</categoryname>
</parentcategory>
</parentcategories>
<productid>Code</productid>
<showlists/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
Registration.pasp
The following XML is a sample of the output produced by Registration.pasp:
server-config="Registration-Config.xml"
href="Registration-IE5.xsl"?>
<page pagename="Registration.pasp">
<mspassport>
<anchor>a</anchor>
<url>
ct=1002582742&cb=0&ems=1&ver=1.990.1052.1&C=1
</url>
<passportimage>
<image>img</image>
<width>66</width>
<height>19</height>
<border>0</border>
</passportimage>
</mspassport>
<advertising/>
<validate>
<validateitem>
<fieldname>txtLogonName</fieldname>
</validateitem>
<validateitem>
<functionname>CheckEmail</functionname>
</validateitem>
<validateitem>
<fieldname>txtUserSecurityPassword</fieldname>
<errormessage>Please enter a password.</errormessage>
</validateitem>
<validateitem>
<fieldname>txtConfirmPassword</fieldname>
<errormessage>Please confirm the new password.</errormessage>
</validateitem>
IT-EBOOKS.DIRECTORY
</validate>
<pagemode></pagemode>
<catalog>
</catalog>
<catalog>
</catalog>
<profile/>
</page>
SearchResults.pasp
The following XML is a sample of the output produced by SearchResults.pasp when
searching for “age” in the Books category:
server-config="SearchResults-Config.xml"
href="SearchResults-IE5.xsl"?>
<page pagename="SearchResults.pasp">
<mspassport>
<anchor>a</anchor>
<url>
ct=1002584868&cb=0&ems=1&ver=1.990.1052.1&C=1
</url>
<passportimage>
<image>img</image>
<width>66</width>
<height>19</height>
<border>0</border>
</passportimage>
</mspassport>
<advertising/>
<searchstring>Age</searchstring>
<searchcount>4</searchcount>
<searchrowstoreturn>10</searchrowstoreturn>
<searchstartpos>1</searchstartpos>
IT-EBOOKS.DIRECTORY
<searchresults>
<product>
<productid>
Microsoft Age of Empires: Inside Moves, Revised and Expanded Edition
</productid>
<productidurl>
Microsoft+Age+of+Empires%3A+Inside+Moves%2C+Revised+and+Expanded+Edition
</productidurl>
<description>
MICROSOFT AGE OF EMPIRES: INSIDE MOVES, REVISED AND
EXPANDED EDITION, shows you how to deploy winning strategies
and inside hints and tips when playing Age of Empires.
The bestselling first edition of Microsoft Age of Empires:
Inside Moves (Microsoft Press, 1997) has been fully updated
to cover Age of Empires patches and the brand-new
Age of Empires Expansion Pack quotRise of Rome.quot
</description>
<descriptionurl>
MICROSOFT+AGE+OF+EMPIRES%3A+INSIDE+MOVES%2C+REVISED
+AND+EXPANDED+EDITION%2C+shows+you+how+to+deploy+winning
+strategies+and+inside+hints+and+tips+when+playing+Age+of
+Empires%2E+The+bestselling+first+edition+of+Microsoft+Age
+of+Empires%3A+Inside+Moves+%28Microsoft+Press%2C+1997%29
+has+been+fully+updated+to+cover+Age+of+Empires+patches
+and+the+brand%2Dnew+Age+of+Empires+Expansion+Pack
+quotRise+of+Rome%2Equot
</descriptionurl>
<name displayname="Name">
Microsoft Age of Empires: Inside Moves, Revised and Expanded Edition
</name>
<nameurl>
Microsoft+Age+of+Empires%3A+Inside+Moves%2C+Revised+and+Expanded+Edition
</nameurl>
</product>
<product>
IT-EBOOKS.DIRECTORY
<productid>Grown-Ups Guide to Computing</productid>
<productidurl>Grown%2DUps+Guide+to+Computing</productidurl>
<description>
In the GROWN-UPS GUIDE TO COMPUTING, youll discover how people
of all ages and from all walks of life have enriched their
lives with computers-and how you can too! If you are
one of that rapidly growing group of older adults interested
in finding out what computers can do and how to get started,
this book is for you.
</description>
<descriptionurl>
In+the+GROWN%2DUPS+GUIDE+TO+COMPUTING%2C+youll+discover
+how+people+of+all+ages+and+from+all+walks+of+life+have+enriched+their
+lives+with+computers%2Dand+how+you+can+too%21++If+you+are+one
+of+that+rapidly+growing+group+of+older+adults+interested+in
+finding+out+what+computers+can+do+and+how+to+get+started%2C
+this+book+is+for+you%2E
</descriptionurl>
<name displayname="Name">Grown-Ups Guide to Computing</name>
<nameurl>Grown%2DUps+Guide+to+Computing</nameurl>
</product>
<product>
<productid>Microsoft Age of Empires: Inside Moves</productid>
<productidurl>Microsoft+Age+of+Empires%3A+Inside+Moves</productidurl>
<description>
MICROSOFT AGE OF EMPIRES: INSIDE MOVES provides the strategic
hints, statistics, and tactical assistance you need to take
one of a dozen primitive tribes and shape it into a great civilization.
</description>
IT-EBOOKS.DIRECTORY
<descriptionurl>
MICROSOFT+AGE+OF+EMPIRES%3A+INSIDE+MOVES+provides+the
+strategic+hints%2C+statistics%2C+and+tactical+assistance
+you+need+to+take+one+of+a+dozen+primitive+tribes+and+shape
+it+into+a+great+civilization%2E
</descriptionurl>
<name displayname="Name">Microsoft Age of Empires: Inside Moves</name>
<nameurl>Microsoft+Age+of+Empires%3A+Inside+Moves</nameurl>
</product>
<product>
<productid>
</productid>
<productidurl>
Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
</productidurl>
<description>
Master all the vital strategic gambits, tips, and tricks
for winning with this official guide to the exciting new
version of Microsoft Age of Empires! MICROSOFT AGE OF
EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
survive and thrive in the thousand years from the
fall of Rome to the Middle Ages.
</description>
<descriptionurl>Master+all+the+vital+strategic+gambits%2C
+tips%2C+and+tricks+for+winning+with+this+official+guide
+to+the+exciting+new+version+of+Microsoft+Age+of
+Empires%21+MICROSOFT+AGE+OF+EMPIRES+II%3A+AGE+OF+KINGS%3A
+INSIDE+MOVES+shows+you+how+to+survive+and+thrive+in+the+thousand
+years+from+the+fall+of+Rome+to+the+Middle+Ages%2E
</descriptionurl>
IT-EBOOKS.DIRECTORY
</name>
<nameurl>
Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
</nameurl>
</product>
<selectiontitle>
product(s) found for search criteria "Age."
</selectiontitle>
</searchresults>
<catalog>
</catalog>
<catalog>
</catalog>
<profile/>
</page>
Shipping.pasp
The following XML is a sample of the output produced by Shipping.pasp:
server-config="Shipping-Config.xml"
href="Shipping-IE5.xsl"?>
<page pagename="Shipping.pasp">
<pagemode>Shipping.pasp</pagemode>
<advertising/>
<addresses>
<address>
<address_id>{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}</address_id>
<description>Office</description>
<address_line2/>
</address>
<address>
IT-EBOOKS.DIRECTORY
<address_line2/>
</address>
</addresses>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
ShippingMethod.pasp
The following XML is a sample of the output produced by ShippingMethod.pasp:
server-config="ShippingMethod-Config.xml"
href="ShippingMethod-IE5.xsl"?>
<page pagename="ShippingMethod.pasp">
<pagemode>ShippingMethod.pasp</pagemode>
<advertising/>
<code_table>
<shipping_method>
{00000000-0000-0000-0000-005211009179}
</shipping_method>
<shipping_method>
{00000000-0000-0000-0000-007390007575}
</shipping_method>
IT-EBOOKS.DIRECTORY
</code_table>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
StepSearch.pasp
The following XML is a sample of the output produced by the home page for the
site, which allows users to specify search criteria and search the catalogs:
server-config="StepSearch-Config.xml"
href="StepSearch-IE5.xsl"?>
<page pagename="StepSearch.pasp">
<advertising/>
<searchhandle>[Books][Simulations]</searchhandle>
<userinput>
<field>
<name>Author</name>
<valueentered></valueentered>
<type>5</type>
<value>Microsoft Corporation</value>
<value>The PC Press, Inc. Ben Chiu</value>
<value>The PC Press, Inc. Michele Chambre</value>
</field>
<field>
<name>ISBN</name>
<type>5</type>
<value>0-7356-0547-5</value>
<value>1-57231-592-X</value>
<value>1-57231-628-4</value>
</field>
<field>
<name>Pagecount</name>
<type>0</type>
<value>320</value>
IT-EBOOKS.DIRECTORY
</field>
<field>
<name>Publisher</name>
<type>5</type>
<value>Microsoft Press</value>
</field>
<field>
<name>Reading Level</name>
<type>5</type>
<value>All Levels</value>
</field>
<field>
<name>Title</name>
<type>5</type>
<value>
Instrument Flight Techniques with Microsoft Flight Simulator 98
</value>
<value>Microsoft Combat Flight Simulator: Inside Moves</value>
<value>Microsoft Flight Simulator 2000: Inside Moves</value>
</field>
</userinput>
<getresults/>
<ourcatalog>Books</ourcatalog>
<ourrootcategory>Games</ourrootcategory>
<ourchildcategory>Simulations</ourchildcategory>
<count>3</count>
<hdnorder></hdnorder>
<searchresults>
<product>
<oid>81</oid>
<oidurl>81</oidurl>
<parentoid>26</parentoid>
<parentoidurl>26</parentoidurl>
<productid>Microsoft Flight Simulator 2000: Inside Moves</productid>
<productidurl>
Microsoft+Flight+Simulator+2000%3A+Inside+Moves
</productidurl>
<variantid/>
<variantidurl/>
<lastmodified>9/27/2001 3:31:46 PM</lastmodified>
<lastmodifiedurl>9%2F27%2F2001+3%3A31%3A46+PM</lastmodifiedurl>
<title displayname="Title">
IT-EBOOKS.DIRECTORY
Microsoft Flight Simulator 2000: Inside Moves

</title>
<titleurl>Microsoft+Flight+Simulator+2000%3A+Inside+Moves</titleurl>
<description>
MICROSOFT FLIGHT SIMULATOR 2000: INSIDE MOVES is the essential
companion to both Flight Simulator 2000 Standard and
Professional Edition! It goes far beyond basic flight
manuals to provide advanced flight tips, tactics, strategies,
and more. It even includes a timesaving tear-out keyboard guide.
</description>
<descriptionurl>
MICROSOFT+FLIGHT+SIMULATOR+2000%3A+INSIDE+MOVES+is+
the+essential+companion+to+both+Flight+Simulator+2000
+Standard+and+Professional+Edition%21+It+goes+far
+beyond+basic+flight+manuals+to+provide+advanced
+flight+tips%2C+tactics%2C+strategies%2C+and+more%2E
+It+even+includes+a+timesaving+tear%2Dout+keyboard+guide%2E
</descriptionurl>
<authorurl>Microsoft+Corporation</authorurl>
Microsoft Flight Simulator 2000: Inside Moves
</name>
<nameurl>Microsoft+Flight+Simulator+2000%3A+Inside+Moves</nameurl>
</producturl>
<producturlurl>
a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod
%2Fbooks%2F2431%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
</producturlurl>
IT-EBOOKS.DIRECTORY
</product>
<product>
<oid>241</oid>
<oidurl>241</oidurl>
<productid>
</productid>
<productidurl>
Instrument+Flight+Techniques+with+Microsoft+Flight+Simulator+98
</productidurl>
<variantid/>
<variantidurl/>
</title>
<titleurl>
</titleurl>
<description>
INSTRUMENT FLIGHT TECHNIQUES WITH MICROSOFT FLIGHT
SIMULATOR 98 shows you how to fly planes in Microsoft
Flight Simulator 98 with the instrument flight
techniques used by professional pilots.
</description>
<descriptionurl>
INSTRUMENT+FLIGHT+TECHNIQUES+WITH+MICROSOFT+FLIGHT+
SIMULATOR+98+shows+you+how+to+fly+planes+in+Microsoft
+Flight+Simulator+98+with+the+instrument+flight+techniques
+used+by+professional+pilots%2E
</descriptionurl>
<author displayname="Author">
The PC Press, Inc. Michele Chambre
</author>
IT-EBOOKS.DIRECTORY
<authorurl>
The+PC+Press%2C+Inc%2E++++++++++++++++++++++++Michele++Chambre
</authorurl>
</name>
<nameurl>
</nameurl>
</producturl>
<producturlurl>
a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod
%2Fbooks%2F1429%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
</producturlurl>
</product>
<product>
<oid>316</oid>
<oidurl>316</oidurl>
<productid>
Microsoft Combat Flight Simulator: Inside Moves
</productid>
<productidurl>
Microsoft+Combat+Flight+Simulator%3A+Inside+Moves
</productidurl>
<variantid/>
<variantidurl/>
IT-EBOOKS.DIRECTORY
</title>
<titleurl>Microsoft+Combat+Flight+Simulator%3A+Inside+Moves</titleurl>
<isbn displayname="ISBN">1-57231-592-X</isbn>
<isbnurl>1%2D57231%2D592%2DX</isbnurl>
<description>
Whether you scramble a Spitfire to intercept invading raiders or escort
B-17 bombers in a Mustang, MICROSOFT COMBAT FLIGHT SIMULATOR: WWII
EUROPE SERIES: INSIDE MOVES is the companion guide that reveals
all of the tips, tactics, and strategies you need to secure
air superiority in the virtual blue yonder.
</description>
<descriptionurl>
Whether+you+scramble+a+Spitfire+to+intercept+invading+raiders
+or+escort+B%2D17+bombers+in+a+Mustang%2C+MICROSOFT+COMBAT
+FLIGHT+SIMULATOR%3A+WWII+EUROPE+SERIES%3A+INSIDE+MOVES+is
+the+companion+guide+that+reveals+all+of+the+tips%2C
+tactics%2C+and+strategies+you+need+to+secure+air
+superiority+in+the+virtual+blue+yonder%2E
</descriptionurl>
<author displayname="Author">
The PC Press, Inc. Ben Chiu
</author>
<authorurl>
The+PC+Press%2C+Inc%2E++++++++++++++++++++++++Ben++Chiu
</authorurl>
</name>
<nameurl>Microsoft+Combat+Flight+Simulator%3A+Inside+Moves</nameurl>
</producturl>
<producturlurl>
a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fpro
d%2Fbooks%2F1339%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
</producturlurl>
IT-EBOOKS.DIRECTORY

</product>
<selectiontitle>3 product(s) found for search criteria</selectiontitle>
</searchresults>
<showlists/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
ThankYou.pasp
The following XML is a sample of the output produced when a user completes the
checkout process:
server-config="ThankYou-Config.xml"
href="ThankYou-IE5.xsl"?>
<page pagename="ThankYou.pasp">
<advertising/>
<orderform
cc_name="Visa"
cc_expyear="2002"
cc_expmonth="06"
_cy_tax_total="7.5"
http_server_name="localhost:81"
IT-EBOOKS.DIRECTORY
order_number="29598"
http_server_protocol="http://">
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
<Addresses
city="Redmond"
region_code="WA"
postal_code="12345"
country_code="US"
<Addresses
city="Redmond" region_code="WA"
postal_code="12345"
country_code="US"
<Items
quantity="1"
product_id="651"
d_DateCreated="10/8/2001 5:06:03 PM"
<shipments
</orderform>
<sendmail/>
<ordernumber>29598</ordernumber>
<catalog>
IT-EBOOKS.DIRECTORY
</catalog>
<catalog>
</catalog>
</page>
UserProfile.pasp
The following XML is a sample of the output produced by UserProfile.pasp:
server-config="UserProfile-Config.xml"
href="UserProfile-IE5.xsl"?>
<page pagename="UserProfile.pasp">
<profilemenu/>
<pagemode/>
<validate>
<validateitem>
<functionname>CheckName</functionname>
<fieldname>txtFirstName</fieldname>
<errormessage>Please enter a valid first name.</errormessage>
</validateitem>
<validateitem>
<functionname>CheckName</functionname>
<fieldname>txtLastName</fieldname>
<errormessage>Please enter a valid last name.</errormessage>
</validateitem>
<validateitem>
<functionname>CheckEmail</functionname>
</validateitem>
<validateitem>
<fieldname>txtTelNumber</fieldname>
</validateitem>
<validateitem>
<fieldname>txtWorkNumber</fieldname>
IT-EBOOKS.DIRECTORY
<errormessage>Please enter a valid fax number.</errormessage>

</validateitem>
</validate>
<userobject>
<accountinfo>
<org_id/>
<account_status>1</account_status>
<user_catalog_set/>
<date_registered>10/8/2001 4:54:52 PM</date_registered>
</accountinfo>
<advertising>
<campaign_history/>
</advertising>
<businessdesk>
<partner_desk_role/>
</businessdesk>
<generalinfo>
<logon_name>kim</logon_name>
<email_address>kim@somecompany.com</email_address>
<user_type>1</user_type>
<user_title/>
<last_name></last_name>
<first_name></first_name>
<tel_number/>
<tel_extension/>
<fax_number/>
<fax_extension/>
<user_id_changed_by/>
</generalinfo>
<profilesystem>
<date_last_changed>10/8/2001 6:09:14 PM</date_last_changed>
<date_created>10/8/2001 4:54:37 PM</date_created>
</profilesystem>
</userobject>
<notpassportuser/>
<catalog>
</catalog>
<catalog>
</catalog>
</page>
IT-EBOOKS.DIRECTORY
Appendix B
Data Field Validation
This appendix describes the data field validations performed by the Reference
Architecture application. The validations implemented are rudimentary and do not
enforce strict business rules. However, the implementation is flexible and easy to
modify for specific requirements.
Note that the Electronic Commerce Modeling Language (ECML) specifications
referred to in this appendix were used for maximum lengths only. The application is
not fully ECML compliant. You can find more information about ECML at http://
www.ecml.org/
This appendix first defines the data fields that require validation and the general
type of information that should be validated. The appendix then describes the field
validation performed and the error messages displayed for each file that uses these
data fields.
Data Fields That Require Validation

The Reference Architecture for Commerce includes a number of data fields that
require validation. These fields are summarized in the Data Field Validation Table
that follows. This table identifies the following for each data field:
● Field name
● Type of input permitted
● Maximum data length allowed by the SQL Server database
● Maximum data length suggested by ECML standards
● Maximum data length used in the Reference Architecture application

IT-EBOOKS.DIRECTORY
The Data Field Validation Table uses the following abbreviations:

● NA – Not applicable
● AN – Alphanumeric characters are permitted
● N – Numeric characters are permitted
● Format – Standard format used (for example, the standard email format is
xyz@company.com)
● Spaces – White (or blank) spaces are permitted
● Hyphen, @, #, and so on – Specific characters, such as hyphens, are permitted (for

example, hyphens may be permitted in phone numbers)
● Data type – Information in brackets specifies the field type in the database (for
example, [nvc] indicates nvarchar)
● SP – Stored procedure search parameter size
Data Field Validation Table

Field Name Validation Type SQL ECML Ref. Arch.
Maximum Maximum Maximum
Search NA SP 4000 [nvc] NA NA
Quantity NA 4 [Integer] NA NA
Username AN, hyphen, underscore, @, 255 [nvc] NA 255
period
Password All 255 [nvc] NA 255
E-mail address Format 80 [nvc] 40 40
First Name A and spaces 255 [nvc] 15 15
Last Name A and spaces 255 [nvc] 15 15
Phone No. N, spaces, hyphens, brackets, 255 [nvc] 10 14
periods
Fax No. N, spaces, hyphens, brackets, 255 [nvc] 10 14
periods
Listed As AN, hyphen, spaces, underscore, 255 [nvc] NA 255
Address AN, # (hash mark or number 255 [nvc] 20 20
sign), spaces, comma, hyphen,
period
City A, spaces 255 [nvc] 22 22
ZIP Code N, hyphen, spaces 255 [nvc] 14 14
State A, spaces 255 [nvc] 2 NA
IT-EBOOKS.DIRECTORY
Appendix B: Data Field Validation 267
Field Name Validation Type SQL ECML Ref. Arch.

Maximum Maximum Maximum
Credit Card N, spaces, hyphen 255 [nvc] 19 19
Number
Card Type A 255 [nvc] 4 NA
Card Exp. A 255 [nvc] 2 NA
Month
Card Exp. N 255 [nvc] 2 NA
Year
How Validation Is Performed

Files in the Reference Architecture application implement data field validation as
described in the following. If the data provided is invalid, the corresponding error
message is displayed to the user.
Notes:
● Server- or client-side validation is determined by the bintvalidateOption parameter, which
is passed to the UIValidate function present in PASP files that require validations. This
parameter if set to UIV_CLIENT_AND_SERVER performs validation on both the server
and client side. If this parameter is set to UIV_CLIENT_ONLY, only client-side validation is
performed. If this parameter is set to UIV_SERVER_ONLY, only server-side validation
is performed.
● Modifying the Rc.xml file modifies the error messages displayed on the site. If you modify
this file, the error message shown after client- or server-side validation is modified. The
Reference Architecture application provides only the most basic error messages.
● Some Reference Architecture pages contain fields that cannot be validated or where
validation is not required because it has already occurred. These exceptions are discussed
at the end of this section.
IT-EBOOKS.DIRECTORY
Login.pasp
Field Name Data Type Client Server Max. Comments Error Messages
Length
Username Character Yes Yes 255 Username field allows letters Please enter a valid user
numbers, hyphens, underscores, name.
periods, and at signs (@). No
spaces are allowed.
Password Character Yes Yes 255 Password field should not be null. Invalid password.
The user can enter any combina- Note that password is
tion of characters; therefore, no case-sensitive.
further validation is done.
Registration.pasp
Length
Username Character Yes Yes 255 Username field allows letters, Please enter a valid
numbers, hyphens, underscores, user name.
periods, and at signs (@). No
spaces are allowed.
E-mail Address Character Yes Yes 40 E-mail Address field should confirm Please enter a valid
to standard format; for example, e-mail address.
xyz@abc.com
Password / Character Yes Yes 255 Password field should not be null. Please enter a password.
Confirm
Password Confirm Password field should not Please confirm the new
be null. password.
Password and Confirm Password Your entries for pass-

entries must match. word and confirm
password do not match.
The user can enter any combina-
tion of characters; therefore, no
further validation is done.
UserProfile.pasp
Length
First Name Character Yes Yes 15 First Name field should contain Please enter a valid first
alphabetical characters only. name.
Spaces are allowed.
Last Name Character Yes Yes 15 Last Name field should contain Please enter a valid last
Spaces are allowed.
E-mail Address Character Yes Yes 40 E-mail Address field should confirm Please enter a valid
to standard format; for example, e-mail address.
xyz@abc.com
IT-EBOOKS.DIRECTORY
Length
Phone Number Character Yes Yes 14 Phone Number field can contain Please enter a valid
numeric characters, parentheses, phone number.
hyphens, spaces, and periods. The
Phone Number field can be empty.
Fax Number Character Yes Yes 14 Fax Number field can contain Please enter a valid fax
numeric characters, parentheses, number.
hyphens, spaces, and periods. The
Fax Number field can be empty.
EditAddressBook.pasp
Length
Listed As Character Yes Yes 255 Listed As field can contain letters, Please enter a valid
numbers, spaces, hyphens, and “Listed As” name.
underscores.
Name Character Yes Yes 34 Name field should contain Please enter a valid
Spaces are allowed.
Address Line 1 Character Yes Yes 20 Address field can contain letter, Please enter a valid
numbers, spaces, number signs address line 1.
(#), hyphens, commas, and
periods.
Address Line 2 Character Yes Yes 20 No validation should be performed Please enter a valid
if this field empty. If the user address line 2.
enters data, the field can contain
letter, numbers, spaces, number
signs (#), hyphens, commas, and
periods.
City Character Yes Yes 22 City name field should contain Please enter a valid city.
alphabetical characters only.
Spaces are allowed.
State Character Yes Yes 255 This field is a drop-down list; Please select a state.
therefore, the only validation that
should be performed is to confirm
that the field is not null.
Zip Code Character Yes Yes 14 Zip Code field should be numeric. Please enter a valid Zip
In addition, a hyphen and spaces Code.
should be allowed.
Phone Number Character Yes Yes 10 No validation should be performed Please enter a valid
if the field is empty. If the user phone number.
enters data, then numeric charac-
ters, parentheses, hyphens,
spaces, and periods should be
allowed.
IT-EBOOKS.DIRECTORY
ForgotPasswd.pasp
Length
User Name Character Yes Yes 255 User Name field should be Please enter a valid user
alphanumeric and can contain name.
hyphens, underscores, periods,
and @ only.
ChangePasswd.pasp
Length
Current Character Yes Yes 255 Current Password field should not Please enter your current
Password be null. The user can enter any password.
combination of characters; there-
fore, no further validation should
be done.
New Password Character Yes Yes 255 New Password field should not be Please enter a new
null. The user can enter any com- password.
bination of characters; therefore,
no further validation should be
done
Confirm Character Yes Yes 255 Confirm Password field should not Please confirm the new
Password be null. password.
Confirm Password field should Your entries for password

match the New Password. and confirm password do
not match.
EditCreditCard.pasp
Length
Listed As Character Yes Yes 255 Listed As field can contain alpha- Please enter a valid
numeric characters, as well as ‘Listed As’ name.
spaces, hyphens, and underscore
characters.
Name on Card Character Yes Yes 34 Name field should contain alpha- Please enter a valid card
betical characters only. Spaces name.
are allowed.
Account Character Yes Yes 19 Account Number field can contain The credit card number
Number numbers, spaces, and hyphens. you provided is not valid.
Please verify your
payment information or
use a different card.
Card Type Character No Yes 255‘ The Card Type field is a drop-down Please select a card
list; therefore, a server-side check type.
should occur to confirm that this
field is not null.
IT-EBOOKS.DIRECTORY
Length
Expiration Character No Yes 255 The Expiration Month field is a Please select the card
Month drop-down list; therefore, a server- expiration month.
side check should occur to
confirm that this field is not null.
Expiration Character No Yes 255 The Expiration Year field is a drop- Please select the card
Year down list; therefore, a server-side expiration year.
check should occur to confirm that
this field is not null.
AddtoList.pasp
Length
New List Name Character Yes Yes 20 New List Name field can contain Please enter a valid list
letters, numbers, hyphens, under- name.
scores, single quotation marks,
and spaces. A list with this name
already exists. Please
New List Name field cannot dupli- try another name.
cate an existing list name.
Basket.pasp, Category.pasp, ListBase.pasp, Product.pasp, and StepSearch.pasp

Length
Quantity Integer No No 3 The Quantity field is not validated None.
because it is previously handled on
the server side. If any character
other than a number is entered
and the user chooses to add the
product to the cart, the number
defaults to 1 (a single instance of
the selected item is added to the
cart). If the user updates the cart
and indicates a non-numeric
quantity, there is no change to the
cart quantity.
ListSearch.pasp
This page includes the following data fields:
● Logon Name
● List Name
● E-mail Address
IT-EBOOKS.DIRECTORY
Because the user can perform a search for a public list using any of one these fields,
validation cannot be enforced to require the user to complete any of fields. If the
user attempts to use invalid data, he or she will receive a message indicating that
no corresponding list was found and will be returned to the search page.
StepSearch.pasp
This page consists of dynamic fields that correspond to the catalog the user has
selected for browsing. For example, if the user selects the Hardware catalog, dy-
namic fields such as Cordless, License Type, Operating System, and Scroll Wheel
may appear.
As with ListSearch.pasp, the user can perform a search on any of the fields mention
above. And, because the catalog may change, validation on specific fields cannot be
performed.
If the user attempts to use invalid data, he or she will receive a message indicating
that no corresponding items were found and will be returned to search page.
Search Text Box

This is a free-form text box. If the user attempts to use invalid data, he or she will
receive a message indicating that no corresponding items were found and will be
returned to search page.
IT-EBOOKS.DIRECTORY
Appendix C
Sample Detailed Test Plan
This appendix provides a sample detailed test plan that a test team should use as
the basis for test cases when testing a site such as ConsolidatedRetail.com. Refer to
Appendix D, Sample Detailed Test Cases, for the cases that correspond to the
scenarios documented in the detailed test plan.
Assumptions and Requirements

This detailed test plan discusses the majority of user interactions that could occur
on the ConsolidatedRetail.com Web site. This testing includes all Web pages that
can be accessed by any user, along with a minimal set of developer scenarios and
site download-related scenarios.
The test plan has the following assumptions and requirements:
● The tester should perform each test on a fresh build (from scratch). After the
build is completed, the tester should complete the following steps:
1. Set up the catalog data.
2. Set up the Commerce Server 2000 administrative data for transaction
parameters, such as shipping rates, shipping methods, taxes, predictors,
and so forth.
● When possible, the test team should test every page with every supported
browser and supported browser version.
● When possible, the tester should address the following common scenarios for
each test:
1. Change the default fonts of the Microsoft Internet Explorer browser for each
page and spot potential graphic and textual errors.
2. Resize the Internet Explorer browser for each page and spot potential graphic
and textual errors.
IT-EBOOKS.DIRECTORY
3. For each page, check for bugs using different navigational techniques in the
Internet Explorer browser, such as Back, Forward, History, and Favorites.
4. Use different navigational techniques inside the application. For example, use
the TAB key to change focus or move from one control to another within the
application, and check for bugs.
5. Verify that a user can navigate from one page to any other common page.
6. Verify that all of the options and buttons present on any page are accessible to
authenticated users.
7. Verify that a user can perform all available operations even if the graphical
components are not available on the user interface.
8. Confirm that the Web site behaves and appears the same when different
screen resolutions are used for the user agents.
● It is assumed that the test team will complete ad-hoc testing on the application
initially, before executing the test cases that arise directly from the scenarios.
● Throughout this detailed test plan, transaction refers to a complete order process,
starting with adding items to the shopping basket through confirming the order
after purchase.
● To emulate an unregistered user accurately, the tester should begin his or her
testing session using a fresh instance of the browser. This means that if the tester
was previously testing an area of the site in which he or she was logged on as a
registered user, the tester needs to close the browser and reopen it.
● The following generic test cases should be performed on all pages on the site:
● Test all links.
● Check the default cursor positions in all screens that the user can access.
● Check the default button operations in all screens that the user can access.
● Verify that the user can enter all types of valid data and confirm the maxi-
mum data length for each data entry field (data field lengths are documented
in Appendix B).
● Test all mandatory fields to ensure that only valid entries are accepted and
that the null entries are not accepted.
● Verify that the scenarios execute as expected after cookies are disabled.
● Verify that the user can test for multiple copies of the same application.
● Verify that developer users can debug the code. Also, change the code for
logout, and test the output results.
● Ensure that the user can install a new build over the existing installation, and
can then test on the new installation.
IT-EBOOKS.DIRECTORY
Appendix C: Sample Detailed Test Plan 275
Test Scenarios
The sample detailed test plans in this section address the following functionality:
● Registration and authentication
● Access privileges
● Banner advertisement
The scenarios described are a selection from the full detailed test plan used in the
development of the Reference Architecture Web site, and therefore are not num-
bered sequentially.
Registration and Authentication Tests

The following test scenarios check the registration and authentication features of
the site.
Scenario 1 – Registration Using Microsoft Passport
Description A new user registers using Passport authentication.

Objective Determine whether a new user can register on the site using Passport
credentials.
Priority High
Steps: 1.1 Access the home page, and then click Register Now.
1.2 Click the Passport link on the registration page.
1.3 Use valid Passport credentials (e-mail address and password) to
complete all data fields on the page.
1.4 Click the Register button.
Scenario 2 – Logon Using Passport
Description A user logs on to the site using Passport authentication.

Objective Determine whether a user with valid Passport credentials can access
the site. Depending on the user’s browser settings, check whether
cookies are deposited on the user’s computer.
Priority High
Steps: 2.1 Access the home page, and then click the Passport link.
2.2 Enter a valid Passport credentials (e-mail address and password).
2.3 Click the Sign In button.
IT-EBOOKS.DIRECTORY
Scenario 3 – Registration Using SQL Server
Description A new user registers using SQL Server authentication.

Objective Determine if a new user can register on the site, and whether he or
she will be authenticated automatically.
Priority High
Steps: 3.1 Access the home page, and click Register Now.
3.2 Complete the User Name, E-mail Address, and Password fields.
Reenter the password in the Confirm Password field.
Scenario 4 – Registration Using SQL Server and Invalid Data
Description A user attempts to register using SQL Server authentication and

submits incomplete or invalid credentials.
Objective Determine if a new user can register on the site, and whether he or
she will be authenticated automatically.
Priority High
Steps: 4.1 Access the home page and click the Register Now button.
4.2 Enter a User Name.
4.3 Enter a Password and Confirm Password that do not match.
Scenario 5 – Registration Using A Duplicate User Name
Description A user attempts to register using SQL Server authentication and

submits an existing user name.
Objective Determine if a user ID is unique for registration, and if not, verify that
the user is notified accordingly.
Priority High
Steps: 5.1 Access the home page, and then click the Register Now button.
5.2 Enter existing information in the User Name, Password, and Confirm
Password fields.
5.4 After the error message is displayed, register using another user
name.
IT-EBOOKS.DIRECTORY
Scenario 6 – Changing a Password Using Valid Data
Description A user tries to change his or her password using SQL server authenti-
cation and valid input.
Objective Determine whether an authenticated user can change his or her
password.
Priority High
Steps: 6.1 Access the home page, and then click the Logon Click Here! button.
6.2 Enter valid Passport information in the User Name and Password
fields, and then click the Logon button.
6.3 Click the My Account button.
6.4 Click Change Password, and then enter valid data in all fields.
6.5 Click Submit.
Scenario 7 – Changing a Password Using Invalid Data
Description A user tries to change his or her password using SQL server authenti-
cation and invalid input.
Objective Determine whether an authenticated user can change his or her
password.
Priority High
7.2 Enter valid Passport information in the User Name and Password
fields, and then click the Logon button.
7.3 Click the My Account button.
7.4 Click Change Password, and then enter invalid data in one or more
fields.
7.5 Click Submit.
IT-EBOOKS.DIRECTORY
Scenario 8 – Logon Using SQL Server and Valid Data
Description A user logs on to the site using a valid user name and password and
SQL Server authentication.
Objective Determine if a user with valid SQL Server authentication credentials
can access the site.
Priority High
8.2 Enter valid information in the User Name and Password fields.
8.3 Click the Logon button.
Scenario 9 – Logon Using SQL Server and Invalid Data
Description A user attempts to log on to the site using an invalid user name and
password and SQL Server authentication.
Objective Determine whether a user with invalid user name and password com-
bination is denied access to the site and that the appropriate error
messages are displayed. The user should be prompted to enter
resubmit his or her authentication information.
Priority High
9.2 Enter invalid information in the User Name and Password fields.
9.3 Click the Logon button.
Scenario 10 – Valid User Requests a Password Reminder
Description A user submits a valid user name and requests a password reminder.
Objective Determine whether a password reminder e-mail message is sent to a
registered user’s e-mail address after the user provides his or her valid
user name and requests a reminder.
Priority High
10.2 Click the Forgot Password? button.
10.2 Enter valid information in the User Name field, and then click the
Submit button.
IT-EBOOKS.DIRECTORY
Scenario 11 – Invalid User Requests a Password Reminder
Description A user submits an invalid user name and requests a password

reminder.
Objective Determine whether an appropriate error message is displayed if a user
requests a password reminder and submits an invalid user name.
Priority High
11.2 Click the Forgot Password? button.
11.3 Enter invalid information in the User Name field, and then click the
Submit button.
Access Privileges
Scenario 12 – Access Privileges of an Unauthenticated User
Description An unauthenticated user attempts to use the Web site.

Objective Verify that a user is able to log on, register, browse and search cata
logs, and access and manage the order baskets and shopping lists.
Priority High
Steps: 12.1 Access the home page.
12.2 As an unauthenticated user, check access to the site features.
Scenario 13 – Access Privileges of an Authenticated User
Description A user logs on and attempts to use the Web site.

Objective Verify that a user is able to register, browse and search catalogs,
access and manage the order baskets and shopping lists, access user
profile information, address information, billing and payment informa-
tion, and complete checkout, and receive order confirmation e-mail.
Priority High
Steps: 13.1 Access the home page, and log on to the site.
13.2 As an authenticated user, check access to the site features.
IT-EBOOKS.DIRECTORY
Scenario 14 – Access to My Accounts After Closing the Browser
Description An authenticated user closes the browser window and then attempts
to access the My Accounts area.
Objective Verify that a user is unable to access My Accounts after closing the
browser window as an authenticated user.
Priority High
14.2 Close the browser window.
14.3 Restart Internet Explorer, and then access the site.
14.4 Click My Accounts.
Scenario 15 – Unauthenticated Access to the Shopping Basket
Description An unauthenticated user tries to add items to the shopping basket,

and then logs on.
Objective Verify that an authenticated user can see items placed in the shopping
basket during the previous unauthenticated session.
Priority High
15.2 Add items to the shopping basket.
15.3 Logon to the site as an existing user or register as a new user.
Scenario 16 – Access to the Shopping Basket After Closing the Browser
Description An authenticated user tries to add items to the shopping basket,

closes the browser window, and then accesses the site again.
Objective Check to see whether an unauthenticated user can see items placed
in the shopping basket during the previous authenticated session.
Priority High
16.2 Add items to the shopping basket.
16.3 Close the browser window.
16.4 Access the site again (but do not log on).
16.5 Click the shopping basket icon.
IT-EBOOKS.DIRECTORY
Banner Advertisement
Scenario 17 – User Selects a Banner Advertisement
Description A user attempts to see an advertisement displayed on the Web site.

Objective Verify that a user is able to select the banner advertisement from the
site and see the appropriate destination page.
Priority High
17.2 Click the advertisement.
IT-EBOOKS.DIRECTORY
IT-EBOOKS.DIRECTORY
Appendix D
Sample Detailed Test Cases
This appendix contains a subset of the test cases a test team should use when testing
a site such as ConsolidatedRetail.com. Refer to “Appendix B: Sample Detailed Test
Plan,” for the scenarios used to build these test cases.
Detailed Test Case Legend
Column Heading Definition
No. Number of the specific test case in this document
DTP Ref. Detailed Test Plan Scenario on which this test case was built
Priority & Test Type Relative priority of the test case (high, medium, or low) and type of
test performed — automated (A) or manual (M)
Condition to be Tested Specific functionality to be tested
Execution Details Steps to complete the test case
Expected Result What should happen
Actual Result What actually happened
Test OK? Did the application function as expected? (Y=Yes; N=No)
IT-EBOOKS.DIRECTORY
Registration Authentication Test Case

No. DTP Ref. Priority & Condition to be Tested Execution Details Expected Result Actual R
Test Type
1 DTP 1 High (M) User registers as a new user Visit the test site. The new user should
using Passport authentication. Click the Register Now be able to register on
link for Passport. the site.
Complete all fields.
Click Register.
2 DTP 2 High (M) User logs on using Passport Visit the test site. The user should be able
authentication. Click Passport Sign in. to log on and have
Enter a valid user name access to all available
and password. features on the site.
Click Sign In.
3 DTP 3 High (A) User registers as a new user Visit the test site. The new user should be
using SQL Server authentica- Click the Register Now link. able to register on the
tion and valid input. Complete all fields. site and be authenti-
Click Register. cated automatically.
4 DTP 4 Medium (A) User registers as a new user Visit the test site. The new user should
using SQL Server authentica- Click the Register Now link. not be able to register
tion and leaves the User name Complete all fields except on the site and should
field blank (invalid input). User name. not be authenticated
Click Register. automatically.
tion and leaves the E-mail Complete all fields except on the site and should
address field blank (invalid E-mail address. not be authenticated
input). Click Register. automatically.
tion and leaves the Password Complete all fields except on the site and should
field blank (invalid input). Password. not be authenticated
Click Register. automatically.
tion and leaves the Confirm Complete all fields except on the site and should
password field blank (invalid Confirm password. not be authenticated
input). Click Register. automatically.
IT-EBOOKS.DIRECTORY
Test Type
tion and enters an existing Enter an existing user name. and an appropriate
user name. Complete all other fields. error message should
Click Register. be displayed.
9 DTP 6 Medium (A) User changes the password Visit the test site. The user should be
using SQL Server authentica- Click the Click here! button. able to change the
tion and valid input. Enter a valid user name and password. Log on with
password, and then click the new password to
Logon. verify that it works.
Click My Account, and then
click Change password.
Enter valid input.
Click Change password.
10 DTP 7 Medium (A) User changes the password Visit the test site. The user should not be
using SQL Server authentica- Click the Click here! button. able to change the
tion and invalid input. Enter a valid user name and password. Log on with
password, and then click the invalid password to
Logon. verify that it does not
Click My Account, and then work.
click Change password.
Enter invalid input.
Click Change password.
11 DTP 8 High (A) User logs in using SQL Server Visit the test site. The user should be able to
authentication and a valid user Click the Click here! button. log on and have access to
name and password. Enter a valid user name all the available features
and password, and then in the site.
click Logon.
12 DTP 9 Medium (A) User logs in using SQL Server Visit the test site. The user should be
authentication and an invalid Click the Click here! button. denied access to the
user name and invalid Enter an invalid user name features of the site
password. and invalid password, and that require authenti-
then click Logon. cation. The site should
display an appropriate
error message and
then prompt the user
to log on again.
IT-EBOOKS.DIRECTORY
Test Type
authentication and a valid user Click the Click here! button. denied access to the
name and invalid password. Enter a valid user name features of the site
and invalid password, and that require authenti-
then click Logon. cation. The site should
display an appropriate
error message and
then prompt the user
to log on again.
authentication and an invalid Click the Click here! button. denied access to the
user name and a valid Enter an invalid user name features of the site that
password. and a valid password, and require authentication.
then click Logon. The site should display
an appropriate error
message and then
prompt the user to log
on again.
15 DTP 10 Medium (A) User is reminded of his or her Visit the test site. An e-mail message
password using SQL Server Click the Click here! button. containing the pass-
authentication and a valid user Click Forgot Password. word for the user’s
name. Enter a valid user name, account should be
and then click Submit. sent to the user’s
registered e-mail
address.
16 DTP 11 Medium (A) User is reminded of his or her Visit the test site. An appropriate error
password using SQL Server Click the Click here! button. message should be
authentication and an invalid Click Forgot Password. displayed.
user name. Enter an invalid user name,
and then click Submit.
IT-EBOOKS.DIRECTORY
Access Privileges Test Case

Test Type
17 DTP 12 Medium (A) Unauthenticated user registers As an unauthenticated user, The user should be able
at the site. visit the test site. to register.
Click the Register Now
button.
Enter valid information, and
then click Submit.
18 DTP 12 Medium (A) Unauthenticated user attempts As an unauthenticated user, The user should be able
to browse catalogs. visit the test site. to view the product
Click any catalog name. listing, product details,
Click any one category and so forth.
under the catalog.
Repeat this for other
catalogs.
Click Get Details for one or
more products.
19 DTP 12 Medium (A) Unauthenticated user attempts As an unauthenticated user, The user should be able
to search catalogs. visit the site. to view the search
Enter search criteria. result.
Click Go.
20 DTP 12 Medium (M) Unauthenticated user accesses As an unauthenticated The user should be able
order basket functions (Add, user, visit the site. to add, remove, and
Remove, Remove all, and Click Shopping cart. remove all items.
Update cart). Add one or more products
to the order basket.
Remove a product from the
order basket.
Remove all products from
the order basket.
21 DTP 12 Medium (A) Unauthenticated user attempts As an unauthenticated The user should not be
to access a shopping list. user, visit the site. allowed to access the
Click My Account. shopping list, and
should be prompted to
log on.
22 DTP 13 High (A) Authenticated user logs on. Visit the test site. The user should be able
Click the Click here! button. to log on and have
Enter a valid user name and access to all available
password, and then click features on the site.
the Logon button.
IT-EBOOKS.DIRECTORY
Test Type
23 DTP 13 High (A) Authenticated user browses Visit the test site. The user should be able
through catalogs. Click the Click here! button. to view the product
Enter a valid user name and listing, product details,
password, and then click and so on.
Logon.
Click any catalog name.
Click any category under
the catalog.
Repeat this for other
catalogs.
Click Get Details for one
or more products.
24 DTP 13 High (A) Authenticated user searches Visit the test site. The user should be able
through catalogs. Click the Click here! button. to view the search
Enter valid input, and then results.
click the Logon button.
Enter search criteria.
Click Go.
25 DTP 13 High (M) Authenticated user accesses Visit the test site. The user should be able
the order basket (Add, Remove, Click the Click here! button. to add, remove some,
Remove all, and Update cart). Enter a valid user name and and remove all items.
password, and then click the
Logon button.
Add one or more products
to the order basket.
Remove products from the
order basket.
the order basket.
26 DTP 13 High (M) Authenticated user accesses Visit the test site. The user should be able
the shopping list. Click the Click here! button. to access and manage
Enter a valid user name and the shopping list.
password, and then click
the Logon button.
Add one or more products
to the shopping list.
Remove a product from
shopping list.
shopping list.
Delete and update the
shopping list.
IT-EBOOKS.DIRECTORY
Test Type
27 DTP 13 High (A) Authenticated user accesses Visit the test site. The user should be able
his or her user profile. Click the Click here! button. to add or edit the user
Enter a valid user name and profile.
the Logon button.
Click My Account.
Click Change Account, and
add or edit the user profile.
28 DTP 13 High (A) Authenticated user accesses Visit the test site The user should be able
and modifies billing information. Click the Click here! button. to add and edit the
Enter a valid user name and billing information.
the Logon button.
Click My Account.
Click Billing Address, and
add or edit a billing address.
29 DTP 13 Medium (M) Authenticated user completes Visit the test site. The user should be able
a purchase. Click the Click here! button. to add items to the
Enter a valid user name and shopping cart and
password, and then click perform the checkout
the Logon button. process.
Browse through the catalog,
and add one or more
products to the shopping
cart.
Complete the checkout
process.
30 DTP 14 High (A) Authenticated user closes the Visit the test site. The user should not be
browser window and then Click the Click here! button. able to access the
attempts to access user Enter a valid user name and details when he or she
account detail. password, and then click clicks My Account.
the Logon button.
Close the browser window.
Again, visit the test site.
Click My Account.
31 DTP 15 High (A) User adds items to the shop- Visit the test site. The authenticated user
ping cart and then logs on Add items to the shopping should be able to view
using SQL Server authentication. cart. the shopping cart items
Click the Click here! button. that he or she added
Enter a valid user name and during the previous
password, and then click unauthenticated session.
the Logon button.
IT-EBOOKS.DIRECTORY
Test Type
32 DTP 15 High (A) User adds items to the shop- Visit the test site. The authenticated user
ping cart and then logs on Add items to the shopping should be able to view
using Passport authentication. cart. the shopping cart items
Click the Passport Sign in that he or she added in
button. the previous unauthenti-
cated session.
33 DTP 16 High (A) User adds items to the shop- Visit the test site. The unauthenticated
ping cart as an authenticated Click the Click here! button. user should not be able
user and then closes the Enter a valid user name and to view the shopping
browser, and then accesses password, and then click cart items that he or
the site again. Logon. she added during the
Click Catalog, and then previous authenticated
add items to the shopping session.
cart.
Close the browser.
Visit the test site again.
Click Shopping Cart.
34 DTP 17 Medium (A) User selects banner Visit test site. The user should be able
advertisement. Click the Banner to select the banner ad-
Advertisement. vertisement by clicking
Banner Advertisement,
and should be able to
reach the appropriate
advertisement page.
IT-EBOOKS.DIRECTORY
Index
A B C
abstraction, MSF Application banner advertisements, 36 caches, types, 115
Model, 40 Basket.pasp page, 152, 154 caching, 115
accessibility, 38, 68 baskets catalog names, 116
account information, changing, 51 adding products to, 35, 152 categories, 117
Acct.pasp page, 121 changing quantities, 47 product information, 117
Active Server Pages (ASP). See ASP converting contents to XML, 158 search results, 119
added functionality, 4 customer usage, 46 shipping methods, 118
adding deleting products, 47 candidate technologies, 68
new address, 51 managing, 35 commerce platform, 71
products to Save for Later objects, 102 data services, 70
basket, 46 types, 35 Internet services, 69
products to Shopping Cart, 46 updating, 47 operating systems, 69
products to shopping list, 48 using, 35 presentation services, 69
address book, 38 viewing, 154 Catalog Editor, 20
address information, changing, 51 behaviors of objects, 57 catalog objects, 100
Advertising pipeline, 161 browser independence, 82 Catalog Sets, 101
anonymous shopping, 30 browsing catalog-related pages, used by
Application Installer Program, anonymous, 34 ConsolidatedRetail.com
starting, 14 as functional requirement, 33 m, 96, 97
application processing time, 199 catalogs, 45, 135 catalogs
application services. See business Business Desk access, 133
services and DHTML, 77 adding, 151
ASP configuring, to work with XSL authentication for access to, 133
as Reference Architecture ISAPI filter, 15 browsing, 45, 135
component, 4 Folder, creating and creating, 100
files implemented as PASP configuring, 12 multiple, support for, 100
files, 93 using to create relationships in a product variants, 140
on Microsoft platforms, 87 catalog, 140 searching, 148
using VBScript to create, 85 business objects, identifying, 55 structuring, 100
with XSL ISAPI filter, 87 business requirements, 32, 80 viewing products, 140
attributes, identifying, 58 browser independence, 82 Category.pasp page, 139
authentication. See security documenting, 39 changing
impersonation/delegation globalization, 78 addresses and passwords, 51
model, 65 meeting, 78 quantities in baskets, 47
in Passport, 77, 126 performance, 79 checking out, 36, 49
trusted server model, 66 production environment client encryption. See security
authorization. See security requirements, 38 commerce platform. See candidate
availability, 38, 64 system requirements, 38 technologies
business services, MSF Application
Model, 39
IT-EBOOKS.DIRECTORY
292 Index
Commerce Server 2000, 3, 76 creating DHTML, and Business Desk, 77

and objects, 86 Business Desk Folder, 12 Discounts pipeline, 163
caching, 115 Catalog Sets, 101 distributed environment
catalog objects, 100 catalogs, 100 installing, 23
components, 88 new Web site, to host testing in, 22
pipeline components, 103 application, 13 distribution, MSF Application
pipelines, 103 new Web site, to host Commerce Model, 40
Predictor resource, 102 Server 2000 Business Desk, 14
shopping basket objects, 102
support for multiple
stress scripts, 204
Web Site Folder, 12
E
e-commerce sites
catalogs, 100 custom components, 55
performance requirements, 28
user management objects, 101 customer profiles, 120 user expectations of, 27
utility and configuration ease of navigation, 32
objects, 98
Commerce Server objects, 98
D ease of use, 28, 33
data field validation, 265 EditAddressBook.pasp page, 174
commerce site, 16 AddtoList.pasp, 271 Electronic Commerce Modeling
components
Basket.pasp, 271 Language (ECML), 265
business, custom, 104 Category.pasp, 271 encryption. See security
in pipelines, 103 ChangePasswd.pasp, 270 existing technologies
pipeline, configuring, 19
EditAddressBook.pasp, 269 factors, 71
Queued E-mail, configuring, 19 EditCreditCard.pasp, 270 Passport authentication, 77
QueuedEMailer.Cmailer, 182 fields that require validation, 265 using Commerce Server 2000, 76
conceptual phase, MSF Application
ForgotPasswd.pasp, 270 using Microsoft Internet
Design Process, 40 implementation, 267 Information Services (IIS), 75
configuring ListBase.pasp, 271 using SQL Server 2000, 76
Business Desk Folder, 12
ListSearch.pasp, 271 using Windows 2000 Server, 72
pipeline components, 19 Login.pasp, 268 using XSL ISAPI, 75
Queued E-mail component, 19 Product.pasp, 271 Extensible Stylesheet Language
shipping information, 22
Registration.pasp, 268 (XSL). See XSL
tax rates, 22 Search Text Box, 272
Web Site Folder, 12
XSL ISAPI filter, 15
StepSearch.pasp, 271, 272
UserProfile.pasp, 268
F
ConsolidatedRetail.com functional requirements
Data Field Validation Table, 266
and XML, 86 address book, 38
data services. See candidate anonymous browsing, 34
catalog-related pages, 96
technologies banner advertisements, 36
description of, 3 data services, MSF Application
include files, 95 browsing, 33
Model, 39 checking out, 36
initialization scripts, 95
debugging ease of navigation, 32
order management pages, 97 custom sites, 192
pipelines, 103 ease of use, 33
using Visual InterDev, 185 logon/authentication, 33
presentation services, 105
XML output from PASP multiple catalogs, 34
profile management scripts, 97 scripts, 186
user authentication scripts, 97 order cancellation, 38
deleting, products from baskets, 47 order status notification, 37
XSL output from PASP files, 106
Developer’s Guide order summary, 38
XSL style sheets, 108 document conventions, 8
cookies, 120 product pages, 34
Document Roadmap, 6 product search results, 34
in Passport, 127
project roles, 5 product searches, 34
copying products between purpose, 5
baskets, 49
IT-EBOOKS.DIRECTORY
Index 293
products and categories, 34

shipping calculation, 37
interface, consistency of, 28
internalization. See globalization
N
network latency, 199
shipping choices, 37 Internet Services Application new Web site
site access, 33 Programming Interface creating, to host application, 13
tax calculation, 37 (ISAPI), 69 creating, to host Commerce
types of baskets, 35 Server 2000 Business Desk, 14
user profiles, 33
user registration, 33
L
user registration management, 33
Listed As value, 174
Lists pipeline, 158
O
objects
functional testing, 39 logical design process, 55
functions attributes of, 58
logical phase, MSF Application behaviors of, 57
Logon, 124 Design Process, 41 identifying, 56
PutUserObject, 122 Login.pasp page, 123 relationships, 58
Logon function, 124 order cancellation, 38
G logon functions, 44 order processing, 166
globalization, 38, 62, 78 logon/authentication, 33 completing orders, 181
globally unique identifier confirming orders, 176
(GUID), 122
M obtaining user’s e-mail
manageability, 32, 38, 65, 80 address, 179
H management infrastructure, 77 sending confirming e-mail, 182
hardware requirements, 9 management interface, 32 shipping address, specifying, 166
methodology, testing, 196 specifying multiple shipping
I methods. See behaviors
Microsoft .NET Enterprise
methods, 171
specifying payment
identifying
Servers, 3 information, 173
attributes, 58
Microsoft Internet Information specifying shipping method, 169
behaviors, 57
Services (IIS), using, 75 order status notification, 37
objects, 56
Microsoft Passport. See Passport order summary, 38
relationships, 58
Microsoft Reference Architecture OrderSummary.pasp page, 176
importing
Predictor Modeling Data, 18 for Commerce. See Reference
sample XML catalog files, 20
Architecture P
include files, used by Microsoft Solutions Framework PAGBasket pipeline, 155
ConsolidatedRetail.com, 95 (MSF), 39 PAGFinal pipeline, 181
Microsoft Windows 2000 Server PAGTotal pipeline, 176
Index.pasp page, 110
infrastructure architecture, operating system, 3 Pairwise Unique ID (PUID), 126
minimum for production Microsoft® Commerce Server 2000. PASP
See Commerce Server 2000 and ASP files, 93
environment, 23
inheritance. See relationships MSF Application Design Process, 40 and XSL ISAPI filter, 70
initialization scripts, used by MSF Application Model, 39 implementing files, 93
multiple catalogs, 34 sample XML output from, 211
ConsolidatedRetail.com, 95
installing multiple device types, support XSL output from, 106
distributed environment, 23 for, 31 Passport, 77
MultiShipping.pasp page, 171 authentication, 126
prerequisite software. See
catalog-related pages, used by Pairwise Unique ID (PUID), 126
ConsolidatedRetail.com support for in Reference
Reference Architecture Architecture, 126
Application, 12 passwords, 44, 51
XSL ISAPI filter, 15
IT-EBOOKS.DIRECTORY
294 Index
Payment.pasp page, 173, 174 Product.pasp page, 140 SearchResults.pasp page, 148
performance, 38, 62, 79 production environment Secure Sockets Layer (SSL). See SSL
performance requirements, 29 requirements, 38 security, 31, 38, 65, 80
performance testing, 39, 199 profile management scripts, used authorization, 66, 81
analyzing results, 207 by ConsolidatedRetail.com client encryption, 67
creating stress scripts, 204 il.com, 97 displaying credit card
executing performance/stress project roles, 5 information, 179
tests, 206 properties. See attributes encryption, 66, 81
methodology, 201 purchasing. See checking out server encryption, 67
preparing analysis, 201 PutUserObject function, 122 SSL, 31
response time, 199 transport encryption, 67
throughput, 200
tools and utilities, 200
Q server certificates, 67
server encryption. See security
QueuedEMailer.Cmailer, 182
physical design process, 61 services. See behaviors
analysis and rationalization, 71 shipping address, specifying, 166
implementation, 82 R shipping calculation, 37
research, 61 RecordEvent pipeline, 160 shipping choices, 37
physical phase, MSF Application Reference Architecture shipping methods, specifying,
Design Process, 41 components, 4 169, 171
physical solution requirements, 62 debugging custom sites, 192 Shipping.pasp page, 166
pipeline components, 76 description, 3 ShippingMethod.pasp page, 169
pipelines purpose, 3 Shopping Cart, 35
Advertising, 161 support, 8 adding products, 46
and Commerce Server 2000, 103 support for Passport, 126 display options, 46
components, 103 Reference Architecture Application viewing, 154
custom components, 103 client-side scripting, 88 shopping list, 35
discounts, 163 data field validation, 265 adding products, 48
in ConsolidatedRetail.com, 103 downloading, 12 converting, 48
Lists, 158 functional requirements, 32 copying products to other
PAGBasket, 155 installing, 12 baskets, 49
PAGFinal, 181 stored procedures, 88 customer creating, 47
PAGTotal, 176 testing, in a distributed display options, 46
RecordEvent, 160 environment, 22 management operations, 48
pre-processed Active Server Pages Registration.pasp page, 121 private, 36
(PASP). See PASP relationships public, 36
Predictor Modeling Data, creating in a product catalog, 140 public or private, 48
importing, 18 identifying, 58 shopping from, 48
Predictor resource, 102 inheritance, 59 site access, 33
prerequisite software. See catalog- response time, 29, 63 software requirements, 10
related pages, used by response time, testing, 199 installing prerequisite
ConsolidatedRetail.com reuse, MSF Application Model, 40 software, 10
presentation services. See candidate SQL Server 2000, 3
technologies S using, 76
presentation services, MSF Save for Later basket, 35, 46 SQL Server, exploring, 86
Application Model, 39 viewing, 154 SSL, 31
product pages, 34 scalability, 29, 38, 63, 64, 80 staging, 39
navigating, 147 searches, customer initiated, 44 stress scripts, creating, 204
product searches, 34 searching, catalogs, 148
IT-EBOOKS.DIRECTORY
Index 295
style sheets performance, creating stress security, 31

Category-IE5.xsl, 142 scripts, 204 user profiles, 30
Product-ie5.xsl, 142 performance, methodology, 201 user names, 44
Registration-IE5.xsl, 121 performance, preparing user profiles, 30, 33, 128
SearchResults-IE5.xsl, 150 analysis, 201 user registration, 33, 121
StepSearch-IE5.xsl, 151 performance, tools and UserProfile.pasp page, 128
templates, 109 utilities, 200
XSL, 105, 108
support for multiple device
response time, 199
sample detailed plan, 273
V
Visual C++, knowledge of, 86
types, 31 test areas, 193
system requirements, 38 test scenarios, 275
Microsoft Internet Information test stages, 196 W
Services (IIS), using, 38 test types, 194 Web farms, 29
throughput, 200 Web Site Folder, creating and
configuring, 12
T throughput, testing, 200
total system throughput, 63 Windows 2000 server, using, 72
tax calculation, 37
transport encryption. See security
templates, in style sheets, 109
test cases, 281 X
access privileges, 285 U XML
legend, 281 Unified Modeling Language configuration file, 93
registration authentication, 282 (UML), 56 debugging, 186
test reports, 39 usability testing, 38 familiarity with, 86
test scenarios, 275 usage scenarios, 43 helper procedures, 107
access privileges, 279 checking out, 49 output, examples, 93
banner advertisement, 280 customer browsing, 45 output from commerce
changing a password, 277 customer logon, 44 components, 87
logon using Passport, 275 customer searches, 44 output from PASP scripts, 87
logon using SQL Server, 277, 278 evaluating, 57 sample output from PASP
registration and authentication identifying objects, 56 files, 211
tests, 275 payment information, 51 using with XSL, 69
registration using duplicate user requirements, 55 xml-stylesheet, 94
name, 276 shopping baskets, 46 XSL
registration using Passport, 275 use cases, 43 as Reference Architecture
registration using SQL user authentication, 123 Component, 4
Server, 276 user authentication scripts, used by ISAPI documentation, 70
requesting password ConsolidatedRetail.com style sheets, 105
reminders, 278 ail.com, 97 style sheets, in
testing user data. See customer profiles ConsolidatedRetail.com, 108
assumptions and user expectations, 27 understanding of, 86
requirements, 273 acceptable response time, 29 XSL ISAPI filter
developing strategies, 193 anonymous shopping, 30 and PASP files, 93
executing performance/stress consistency of interface, 28 and server config files, 94
tests, 206 ease of use, 28 configuring, to work with
functional testing, 196 manageability, 32 Business Desk, 15
in a distributed environment, 22 multiple device types, support fulfilling presentation services
methodology, 196 for, 31 roles, 69
performance, 199 of e-commerce sites, 27 installing and configuring, 15
performance, analyzing scalability, 29 transformations using, 87
results, 207 using as existing technology, 75

Merce Version 2 0 Jul 2002 ISBN 0735618267

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Merce Version 2 0 Jul 2002 ISBN 0735618267

Uploaded by

Copyright:

Available Formats

IT-EBOOKS.

Reference Architecture for Commerce

Configuring the Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

User Authentication and Profiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

● Chapter 2, “Installing the Software”

What Is the Reference Architecture?

4 Reference Architecture for Commerce

What’s New in this Version?

● Order cancellation, which allows customers to cancel orders.

● Enhanced documentation, including explanations of the new functionality, an

Chapter 1: Introduction to the Reference Architecture 5

What Is the Developer’s Guide?

Who Should Read this Guide?

6 Reference Architecture for Commerce

Part 1: Getting Started

Chapter 1: Introduction to the Reference Architecture 7

Part 2: System Architecture

Part 3: Solution Implementation

8 Reference Architecture for Commerce

Support for the Reference Architecture

● Web-based Newsgroup Client at http://msdn.microsoft.com/newsgroups

Before You Begin

10 Reference Architecture for Commerce

Installing the Prerequisite Software

Install Microsoft Windows 2000 Server and MSMQ

Chapter 2: Installing the Software 11

Install Commerce Server 2000

Install Microsoft XML Parser 3.0 SP 1

Install the Developer Tools (Optional)

Install Visual Studio 6.0

● Microsoft Visual InterDev® Web development system version 6.0

12 Reference Architecture for Commerce

Install the Passport SDK 1.4

After You Install the Prerequisite Software

Installing the Reference Architecture Application

Download the Reference Architecture Application

Create and Configure the Business Desk Folder

Create and Configure the Web Site Folder

Chapter 2: Installing the Software 13

2. Right-click the B2CRef folder, and then click Properties.

Create a New Web Site to Host the Application

14 Reference Architecture for Commerce

Create a New Web Site to Host

Start the Application Installer Program

Chapter 2: Installing the Software 15

Install and Configure the XSL ISAPI Filter

16 Reference Architecture for Commerce

Const LPCSTR g_szFileTypesA[] =

3. Delete XML from the list, and recompile the project.

Unpack the Commerce Site

Chapter 2: Installing the Software 17

18 Reference Architecture for Commerce

Import the Predictor Modeling Data

Configure the Business Desk Web Site

Chapter 2: Installing the Software 19

Configure the Pipeline Components

Configure the Queued E-mail Component

20 Reference Architecture for Commerce

8. Click OK to return to Component Services window.

Create the Business Desk Console for the Application

Configuring the Commerce Site

Import, Modify, or Delete Catalogs

Chapter 2: Installing the Software 21