Documente Academic
Documente Profesional
Documente Cultură
Bill Moore
John Fisher-Smith
Terry Hudson
Jose Novillo
Reto Sigl
ibm.com/redbooks
International Technical Support Organization
October 2001
SG24-6177-00
Take Note! Before using this information and the product it supports, be sure to read the
general information in “Special notices” on page 325.
This edition applies to WebSphere Payment Manager Versions 2.2 and 2.2.1 for use with Windows
NT, Windows 2000 Server, AIX, and Solaris.
When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the
information in any way it believes appropriate without incurring any obligation to you.
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
The team that wrote this redbook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Notice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii
IBM trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii
Comments welcome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
iv e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
5.5 Configuring a cassette for VisaNet . . . . . . . . . . . . . . . . . . . . . . . . . . 150
5.6 Using the Vital test account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
5.6.1 Merchant profile data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
5.6.2 SampleCheckout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
5.6.3 Adjustment of SampleCheckout . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
5.6.4 Adjustment of WebSphere Payment Manager . . . . . . . . . . . . . . . . 152
5.6.5 Connect to the VisaNet test account . . . . . . . . . . . . . . . . . . . . . . . . 156
5.6.6 Sample orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
5.6.7 View the test order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
5.6.8 Consult the trace log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Contents v
8.2.5 Branding using your Payment Manager stylesheet. . . . . . . . . . . . . 220
8.3 Customizing the CustomOffline cassette . . . . . . . . . . . . . . . . . . . . . 221
8.4 Payment Manager users and realms . . . . . . . . . . . . . . . . . . . . . . . . 222
8.4.1 PSDefaultRealm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
8.4.2 Single sign-on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
8.5 Merchant integration using the cashier framework . . . . . . . . . . . . . . 236
8.5.1 Exercise software components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
8.5.2 What you need to proceed with the exercise . . . . . . . . . . . . . . . . . 238
8.5.3 Install exercise software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
8.6 Merchant integration using Sample Checkout. . . . . . . . . . . . . . . . . . 253
8.6.1 Exercise software components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
8.6.2 Approving orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
8.6.3 Depositing payments. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
vi e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Using the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
System requirements for downloading the Web material . . . . . . . . . . . . . 318
How to use the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Contents vii
viii e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Preface
We then provide examples to show how WebSphere Payment Manager APIs can
be used to customize the product, and give details of how to develop custom
cassettes so that WebSphere Payment Manager can be used with different
payment protocols.
Terry Hudson is a Senior IT Specialist working for IBM in the UK. He has 12
years of IT experience working at IBM. A CICS application developer for nine
years, he has worked on all major releases of CICS, specializing in CICS
customization, SNA, CPI-C, X.400, X.500 and SMTP technologies. He has a
Mathematics for Business Honours Degree from Middlesex University in London,
England. He has been involved in a technical capacity with IBM e-commerce
products and services for the past three years. His current responsibilities
include pre-sales technical support for the IBM WebSphere Commerce Suite
portfolio of software products across Europe, the Middle East, and Africa.
x e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The authors: John Fisher-Smith, Jose Novillo, Bill Moore, Reto Sigl, Terry Hudson
Lance Bader
Phil Kregor
Christopher Meyer
Robert Perry
Jennifer Ricard
David Soroka
Mark Wainwright
IBM Raleigh
Melissa Polizzotto
IBM Austin
Scott Esposito
IBM Poughkeepsie
Preface xi
David Jackson
IBM Columbus
Juan P Ferrandiz
IBM Spain
Dieter Roth
IBM Germany
Raymond Kwok
Rob Pereen
Sam Wong
IBM Canada
Angelo Scaccabarozzi
IBM Italy
Notice
This publication is intended to help administrators and developers who work with
WebSphere Payment Manager to provide payment solutions for e-commerce
applications. The information in this publication is not intended as the
specification of any programming interfaces that are provided by WebSphere
Payment Manager. See the PUBLICATIONS section of the IBM Programming
Announcement for WebSphere Payment Manager V2.2 for more information
about what publications are considered to be product documentation.
IBM trademarks
The following terms are trademarks of the International Business Machines
Corporation in the United States and/or other countries:
e (logo)® Net.Data®
IBM ® OS/400®
AIX® Redbooks™
CICS® Redbooks Logo ™
DB2® RS/6000®
DB2 Universal Database™ S/390®
Home Director™ SP™
IBM Consumer Wallet™ VisualAge®
IBM Payment Gateway™ WebSphere®
IBM Payment Registry™ Lotus®
MQSeries® Lotus Notes®
Net.Commerce™
xii e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Comments welcome
Your comments are important to us!
Preface xiii
xiv e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
1
After reading this book you should understand the concept of a payment server,
be aware of the software that is required to establish a running environment, and
have the ability to maintain the server for adding new merchants and defining
administration roles. We also provide information on what other payment
solutions are being offered and what kind of features are to be expected from
upcoming e-commerce services.
Most chapters offer you the ability to test the merchant environment without the
need to have live connectivity of a financial institution to the system. This makes
it easy for you to simulate the complete merchant and bank environment, without
having to use a production system.
In our installation routines we have the password set the same as the username.
This is for ease of use in a test environment and should not be adopted in any
production system.
2 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
1.1.3 Supported environment
Independent of what server operating system and what database products you
have or prefer to run, we explain the most frequently used ones in detail: AIX,
Windows NT, and Solaris at the operating system level, and DB/2 and Oracle at
the database level. The book does not cover installation on Linux platforms,
because WebSphere Payment Manager was not available on that operating
system at the time we wrote this book.
Although some install variables are operating system dependent, the code of
WebSphere Payment Manager relies on the pure Java programming language so
that it operates in a similar manner on different platforms. Connectivity software
used between the customer, merchant and financial institution is based on
common security standards such as SSL (Secure Socket Layer) or SET (Secure
Electronic Transaction).
The book provides instructions for setting up a split payment environment, where
WebSphere Payment Manager runs on a different server from the database or
the Web server. For merchants with large transaction volumes, this is the
preferred way to build the infrastructure, because it gets the greatest
performance out of the servers.
This book will not cover the aspects of installing and using WebSphere Payment
Manager in an Application Service Provider (ASP) environment, where
merchants can sign up for a payment service. Although interactive signup to
payment services might be the preferred way for merchants and has already
been realized using WebSphere Payment Manager code, this concept is not
detailed by our redbook.
The bank may decide which credit card brands it wants to offer to their
customers. The credit card can only be used, if there is debit on the buyer’s bank
account. While in earlier days a print of the card was taken and later sent for
verification to the payment institution, today’s merchants have validation
machines that check the customer’s liquidity over phone lines before the
purchase is being accepted. Signing the receipt for every payment and having
the merchant compare it with the signature on the back of the card is still the
commonly used verification method. Nevertheless some banks now print a
picture of the card holder on the credit card as an additional verification method.
Early adopters of the Internet were often financially well off, and companies soon
realized that there was money to be made on the Web. The Internet began to be
used as a carrier for performing financial transactions. Customers could pay for
goods and services through the Internet, and they did not have to leave their
home or office in order to complete their purchases. Customers can purchase
more goods in less time. Web sites are online 24 hours and accessible through a
Web browser from all over the world, and customers can pay for goods whenever
and wherever they want.
4 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
1.3 Positioning online payment solutions
Almost every institution that sells goods and services can use the payment
capabilities of the Internet as an additional or primary way of selling their
products to customers.
Merchants often use the Internet to reach a wider customer community, instead
of only selling their goods locally in a store. Offering their goods and services
online has also had advantages for the merchants, since they don’t have to
maintain office space or pay staff to take care of their sales business and
financial transactions. In many cases it is cheaper to rent or buy server space
and run an online shop, instead of renting office space to sell the goods.
Today, many large businesses are starting to sell their goods online. As a result,
online payments made on the Web are increasing rapidly from year to year and
the number of online shops on the Web is increasing at a similar rate. Large
companies are finding an advantage in migrating their selling online, and small
and medium businesses find that they can reach out for more customers on the
Internet.
1.4 Security
The primary issue of the buyer and the merchant is security. Transactions must
be as secure as possible, and it is important to understand who takes the risk
with Internet payments.
Credit cards are a valuable possession for many people. The card number,
expiration date and the signature are the important things that control access to
the buyer’s bank account.
Because the Internet still has a reputation as the open and free world,
uncertainty persists when buying goods online. The buyer does not see where
the Web site is located, what people are behind the bits and bytes, or by whom
the payment is validated, and as a result trust is often hard to establish.
Many banks use IBM payment solutions on their infrastructure, and merchants
trust WebSphere Payment Manager because it is fully compatible and scalable
with the bank’s infrastructure and can be seamlessly integrated into their
financial environment without writing additional application code.
1.5.1 Content
WebSphere Payment Manager provides the payment server software, but also
the following products that make it easier for you to build the merchant’s
infrastructure environment:
IBM HTTP Server
6 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
WebSphere Application Server, Advanced Edition
IBM Universal DataBase (UDB)
Cassette support for SET (Secure Electronic Transaction) and CyberCash
1.5.2 Functionality
WebSphere Payment Manager has a Web-based front end that is used for
payment server administration as well as by the hosted merchants for merchant
administration. The front end can be easily accessed remotely through any
industry-standard browser. As the server administrator, you can define users and
their roles with access to the payment server. You also have the ability to adjust
the layout of the Web interface to reflect the customer’s corporate requirements.
For each merchant and transaction method, administrators can define whether
orders should be automatically processed by the payment server and routed to
the financial institution for validation, or if each order requires manual approval
from the merchant. This decision often depends on how many transactions are
expected to be processed each day.
WebSphere Payment Manager can also be used by merchants who don’t need
interaction with a financial institution at all, but want to use offline transaction
procession capabilities. For example, a local supermarket could use offline
payment methods to allow customers to choose the desired goods online, but
pick them up and pay for them when visiting the local shop.
8 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
2
Technology had managed to read the bar codes on the goods inside the man’s
coat and pay for them using the payment details on his person.
While this vision of the future may seem fanciful, it does represent an example of
how quickly the requirements for payment solutions are changing in order to
meet the demands of new technology and new ways of doing business.
Imagine using your cell phone or PDA to pay for goods when and where you
want. For example, you reach a drink vending machine in the street. You want to
purchase a drink but you have no money on you at the time. You do, however,
have your cell phone with you so you call the drink machine on your cell phone
and pay for a can of drink using the information on your cell phone, either prepaid
or via your own Internet bank account.
This concept of being able to buy whenever or whereever you are is fast
becoming reality.
At the time of writing this book, Nokia, the world leader in Mobile
communications, announced a collaboration with IBM, Luottokunta, and
Radiolinja to jointly pilot secure credit card payments by using a mobile phone
with a wallet application contained in the phone itself. The intention of the parties
involved is to demonstrate their commitment to the mobile wallet concept and
Wireless Identity Module WIM) technology. IBM WebSphere Commerce Suite
and Payment Manager technology will be used in the pilot. For more information
on the project, please refer to
http://press.nokia.com/PR/200109/834847_5.html
10 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
For more information on the Nokia wallet phone, please see:
http://www.nokia.com/phones/6310/wallet.html.
The following URL is an IBM white paper on wireless payments, which discusses
the concept and reality of wireless payments in more detail:
http://www.ibm.com/pvc/tech/pdf/Pvwee02.pdf
Purchase orders
Almost all businesses in the worldwide marketplace use purchase orders in
some fashion. Purchase orders are a complex area when dealing with
authorization for payment. They frequently have a total amount restriction per
order, in addition to the same restriction over a period of time (for example, a
customer may be allowed to purchase only 2000 units of currency over six
months). In addition to limit restrictions, purchase orders often require some kind
of sign-off/signature by, for example, the manager of a group. These features of
purchase orders bring new challenges when the ideas are placed in the
electronic commerce world. For example:
The payment processor would be required to keep track of the organizations’
orders and enforce the time/amount restrictions of the purchase orders.
Some way of documenting the signature would be required (maybe through
assigning certificates to a purchase order for instance).
Support of these features implies that the payment system will be required to be
have knowledge of the contents of the shopping basket being processed so that
the coupons can be authorized and redeemed for payment.
Deferred credit
Buy-now, pay-later offers are widely seen throughout the retail sector. There is
no reason why merchants/manufacturers wouldn’t also want to offer this kind of
feature with Internet-based purchases. Details of credit or debit cards, and direct
debits would need to be collected by the commerce store, and a method of
indicating to the payment system that the purchase is a deferred credit purchase
would be required. Decisions on where the order would lie dormant (until the
deferred credit period had expired) would need to made. Would the e-commerce
system hold the information? Probably not, since the merchant would require
some form of authorization check on the consumer’s payment details before the
goods were released to the customer. Other options are the merchant payment
system (most likely to be given the responsibility) or the back-end financial
institution.
The challenge here for the payment system will be similar to that raised for
deferred payments: how does the payment system keep track of the regular
payments and notify the merchant/consumer of any failures?
12 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
2.3 Payment Manager solutions
Chapter 8, “Customization using the payment API” on page 211 discusses the
details on how WebSphere Commerce Suite V5.1 integrates with WebSphere
Payment Manager V2.2.
Note: This does necessarily imply that you would need an e-commerce
application to create a shopping basket. In this case, Payment Manager could be
integrated into a set of static HTML pages using the Payment Manager API . The
user could enter any user-specific information on pages prior to the pay/buy or
checkout page.
14 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Payment Manager also provides support for collecting the security codes
usually displayed on the signature side of most credit cards. The information
is not embossed, so it does not appear on credit card receipts. By collecting
this information, the owner of the site would be reducing the risk of someone
using the stolen credit card details from a paper receipt. If you know the
security code, the chances are that you are physically holding the credit card.
This does not, however, protect against a stolen card, but does give an extra
measure of protection.
The designer of the checkout area may also want to look at making the area
Electronic commerce modelling language (ECML) compliant.
ECML is an attempt to make filling out a checkout area easier and more
uniform across the Internet. It is estimated that over a quarter of all
Internet-based sales are lost because the consumer didn’t fill out the
checkout area, either because they found it too hard or because of the
(personal) information they had to provide. Since the owner of a site is
responsible for making it easy for users to fill in the payment details, it is
advisable to look into the modeling language. For more information on ECML,
see:
http://www.ecml.org
Once the information has been successfully obtained, simple verification
checks have been performed, and any errors resolved, the information could
be passed using the Payment Manager API AcceptPayment command.
You also have to decide on your policy of automatically approving orders. You
may want to set up Payment Manager so that the full amount is automatically
approved by the back-end financial institution. This would give the
merchant/owner an indication that the credit card was good and credit worthy.
At this stage no money would have been drawn from the user’s credit card. If
you were selling merchandise that the consumer needed to obtain, for
instance by shipping the merchandise, you would also have to ensure that
you complied with your country’s laws. In some countries it is unlawful to
collect payment for goods that the consumer (or payer) has not received.
Processing of a subscription, for example, may not be bound by this type of
rule, so it may be possible to also set up automatic approval of the credit card
payment.
After successfully creating an order, it is common for the consumer to receive
some kind of notification (for example via e-mail) that the payment was
successful or to detail any error situations that were encountered as part of
the payment request.
The error code may just indicate that the payment failed and it would be up
to the consumer to further investigate the reason for the failure with their
card issuer. Clearly if the policy of the card issuer is to give out the
granularity of error detail (such as the limit has been reached) then it would
be dependent on the back-end payment cassette used for the credit card
brand to pass that detail back to the front end “store” application.
This is no different from purchasing goods using the phone and being told
that the payment request has been rejected, and not being told the reason
why.
For more information on using the Payment Manager API and the tools available
in Payment Manager to help build payment application, please refer to the
product manual IBM WebSphere Payment Manager for Multiplatforms
Programmer’s Guide and Reference Version 2.2.
For more information on how customers have used the power and flexibility of
IBM WebSphere Payment Manager in real-life business situations, please refer
to some case studies at the following URL:
http://www.software.ibm.com/casestudies/swcs.nsf/swgsearch?SearchView&Query=Web
Sphere+Payment+Manager
16 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Administrator
Browser
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
Administrator
Browser
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
18 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Function calls for:
– Payment processing
– Queries
– Administration
An HTTP interface for low-level programming
A Java client library (CAL)
A 128-bit SSL client
For more information on the Payment Manager API, please refer to IBM
WebSphere Payment Manager for Multiplatforms Programmer’s Guide and
Reference Version 2.2.
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
WebSphere Commerce Suite V5.1 also uses the Payment Manager user
interface to manage orders and users as part of its Commerce Accelerator
function. For more information on the integration of WebSphere Payment
Manager with WebSphere Commerce Suite, refer to Chapter 7, “Integration with
WebSphere Commerce Suite” on page 169. It is also possible to customize the
look and feel of the user interface when using Commerce Suite.
The Payment Manager servlet is a Java servlet that runs under WebSphere
Application Server, Advanced Edition V3.5 and acts as the communications layer
between the Web server and the Payment Engine. Figure 2-4 shows details of
the Payment Manager servlet.
20 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Administrator
Browser
Merchant Merchant
Application Browser
Payment Servlet
UI Servlet
Query Engine
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
Administrator
Browser
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
The UI servlet handles GUI access. All requests passed to the Payment servlet
are passed via CAL methods.
22 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The UI servlet, has one PSPL file with flags that points to a Java properties file
that decides the look and feel of each page. This enables you to customize and
brand the Payment Manager user interface according to your needs. The UI
servlet is shown in Figure 2-5.
Merchant Merchant
Application Browser
Payment Servlet
UI Servlet
Query Engine
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
If you have used Payment Server V1.2, the Payment Engine can be directly
accessed in compatibility mode.
For more information on the Payment Engine, please refer to the IBM
WebSphere Payment Manager for Multiplatforms Administrator’s Guide Version
2.2.
The Payment Manager Query Engine handles query API requests for viewing the
database (for example Query orders). Once the information is obtained by the
engine, the response is formatted into an XML document. This is shown in
Figure 2-7.
24 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Administrator
Browser
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
Merchant Merchant
Application Browser
Payment Servlet
Cassette
Cassette
Cassette
Payment
Manager
DB2
Payment Engine
Cassette
Cassette
IBM WebSphere Cassette
Payment Manager
26 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Restriction: If you configure your Payment environment using multiple
servers Payment Manager V2.2 does not support the following:
Two Payment Manager systems talking to one Payment Manager
database.
Two Payment Managers accepting orders from different (for example
alternate) sources.
One order source (for example e-commerce system) sending to alternate
Payment Managers: Order1 being sent to Payment Manager 1, Order 2
being sent to Payment Manager 2, Order 3 being sent to Payment Manager
1. This kind of flip-flop order processing is not supported in this current
release.
Each Payment Manager environment requires its own database. You will see
unpredictable results if more than one Payment Manager uses the same
database.
DB2
28 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
3
The scenarios cover the most common situations from a practical point of view.
We have provided tips and critical steps for installation and configuration. We
also have added checks at the end of each section.
This chapter is a complement to the official installation guides that ship with
Payment Manager. It is not an exhaustive and detailed description of every
possible install situation, but a source of advice and guidance.
30 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
WebSphere Payment Manager supports and has been tested with WebSphere
Application Server Versions 2.0.3.x through to 3.5.4. In all the scenarios we used
WebSphere Application Server, Advanced Edition 3.5.4. We recommend that you
do not use older versions of WebSphere Application Server, because they will
not be supported with future releases of WebSphere Payment Manager.
We did test Payment Manager with DB2 Version 7.2 on the Windows platform
and it worked without problems, but we did not do any stress testing. At the time
we wrote this redbook, DB2 V7.2 was not officially supported with WebSphere
Application Server, Advanced Edition V3.5.x and WebSphere Payment Manager
V2.2, so we do not recommend that you use this combination in a production
environment, until you have checked the official hardware and software
prerequisites. We used DB2 7.1 with Fix Pack 2 or 3 for most of the testing done
in this redbook.
We used IBM HTTP Server V1.3.12, which ships with WebSphere Application
Server, Advanced Edition V3.5, and this gets patched to V 1.3.12.3 when
upgrading to WebSphere Application Server V3.5.4.
On the Solaris platform, we installed Oracle 8.1.7 as the database and iPlanet
Enterprise Server 4.1 Service Pack 7 as the HTTP server.
The great advantage of this architecture is its low initial cost. Also it is easy to
escalate to cope with more transactions.
If the machine is used only to host payment services for several merchants, the
more demanding application is WebSphere Application Server, since the HTTP
server is a very light process and the database is accessed locally and only from
Payment Manager.
As more transactions are processed, another machine can be added with the
HTTP server, WebSphere Application Server and Payment Manager installed
using a remote database (2-tier). To balance the load, a network dispatcher must
be installed in a separate machine or in any of the WebSphere Application
Server machines as shown in Figure 3-1 on page 33. The dispatcher can be
used to split wisely the requests to the less busy WebSphere Application Server
and provide almost twice the performance. This way, new machines can be
added as needed.
32 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Application Server
Node 1
WebSphere
eND Application
Server
Application Server
Node 2
WebSphere
eND Application Database
Server
...
Application Server
Node n
WebSphere
eND Application
Server
The new machines at the same time will provide higher availability, but will be
relying on the first machine, which has the database installed. To further improve
the availability, the database should be kept in another machine and a backup
replica of the database kept on a backup machine. The replica will only be in use
when the main machine is down. As you see, high availability is expensive. At
least four machines are needed.
There is a way to achieve high availability with only two machines, both of which
should be highly scalable so that one can assume the load of the other. The
architecture is a mix between1-tier and 2-tier. The method is to configure two
machines identically and have those machines use mirror disks to access the
data (RAID 1), as shown in Figure 3-2 on page 34. One of the nodes will act as
the application server and the other as the database server, but both are able to
work independently so that if one fails, the other can take all the load. This can
be achieved in AIX using HACMP mode 2 for all the software.
DB2
Active
HACMP
Mirroring
Mode 1
Database Server
Node 2
Disks
DB2
Standby
HACMP
Mirroring
Figure 3-2 High availability database service in AIX using mode HACMP1 and RAID 1
A 3-tier architecture is an improvement on the 2-tier when the use of the HTTP
server is not limited to the access to the administration interface of WebSphere
Payment Manager and its corequisite software.
34 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Typically, a unique machine or a cluster manages all the HTTP servers using
virtual hosts and dispatching techniques. Then one or more WebSphere
Application Server and Payment Manager machines use the HTTP server cluster
and a remote database.
Other
Applications
Figure 3-3 Standard architecture - central HTTP server, application servers and
database
This architecture has two main applications: high availability and reusing existing
servers. But high availability can be achieved with a 2-tier architecture as we
explained earlier and since this requires fewer machines we suggest that reuse
of an installed, configured and known HTTP server is the best reason to use a
3-tier architecture with Payment Manager.
Assure that all product CDs are on hand and that you have downloaded any fixes
required. Here we list useful Web sites to get fixes and information:
If you need to download an AIX maintenance level you can do so from:
http://techsupport.services.ibm.com/rs6000/support/
Along with the fixes, download and read any related information including the
installation instructions. Don’t forget to read the IBM WebSphere Payment
Manager for Multiplatforms Install Guide Version 2.2 instructions for detailed and
exhaustive installation scenarios. The IIBM WebSphere Payment Manager for
Multiplatforms Administrator’s Guide Version 2.2 also provides information about
administering and maintaining the WebSphere Payment Manager.
36 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Always read the latest readme file, readme.framework.html, accessed through
documentation links on the Payment Manager Web site:
http://ibm.com/software/websphere/paymgr/support/
Apart from the software, you need to collect some data from your system,
including the IP and host name of every machine involved in the installation.
Note: When installing WebSphere Application Server, you will be asked which
database you want to use. You must use a relational database. DB2 UDB is
recommended. Do not select the Quick option so the InstantDB is not used.
38 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
2. Execute the program Install found on the root directory of the Payment
Manager for Windows NT and Windows 2000 CD-ROM.
3. In the Payment Manager Install window, click Next.
4. Accept the license agreement.
5. Accept the default destination directory or enter another directory.
6. If your Web server is already installed, you will be asked for the location of the
publish directory. If the location displayed is correct, click Next. If not, enter
the correct location and click Next. The publish directory is the directory out of
which your Web server serves documents. The publish directory for IHS is
determined by the setting of the DocumentRoot directive in the httpd.conf file
(the default directory is htdocs).
7. Select the DB2 UDB database.
8. When the install finds the JDBC driver information, click Next. If it does not
find the JDBC driver information, provide these values:
– JDBC Driver Class name: com.ibm.db2.jdbc.appDB2Driver
– JDBC Class location: \<db2installdirectory >\java \db2java.zip \
– JDBC Driver shared library path: \<db2installdirectory >\bin \
Note: If you enter incorrect database information and database errors
occur, using the Back button may cause more database error windows to
appear. If this occurs, you can either click Cancel and restart the
installation or you can click Back through several windows and then move
forward using the Next buttons (ensuring the correct values are entered at
each intervening window) until you get back to the database entry window.
Once this window reappears, you can enter the correct information.
9. In the Payment Manager Database Access Information window, enter your
values for the database owner user ID, administrator’s user ID, administrator’s
password, Payment Manager database name and the DB2 instance name.
For example, if you are using UDB, enter:
db2admin /*for the database owner user ID
db2admin /*for the database administrator's user ID
db2admin /*for the database administrator's password
payman /*for the IBM Payment Manager database name
DB2 /*the default DB2 instance name
10.In the Payment Manager Configuration Information window, take the default of
8611 for the Payment API port number or enter a new value if another
application on your system uses this TCP port.
11.If you want to create a Payment Manager shortcut on the Start menu, select
the check box.
Keep in mind that starting this service doesn’t mean that Payment Manager is up
and running. It’s also necessary to verify that the application server for Payment
Manager inside WebSphere Application Server is not stopped. To do that, go to
the WebSphere Administrative Console. The service and the Payment Manager
application server are separate components of the WebSphere Payment
Manager framework and are started separately. If you need to restart Payment
Manager, you have to restart both components: the Windows NT service will load
environment variables, and the application server inside WebSphere Application
Server will load servlet properties.
Note: this error applied only to the base level of WebSphere Payment Manager
V2.2 and has been corrected in the Payment Manager fixes that patch Payment
Manager to the V2.2.1 level.
40 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
To create a remote database and catalog it at the client, enter the following at the
client machine from a DB2 command line:
catalog tcpip node node_name remote server_hostname server port_of_service
create db db_name
We have endeavored to keep these install descriptions quite simple, because our
intention is to provide an overview of the process and not to duplicate the
detailed install instructions found in the manuals for each product. Also we
assume that you are familiar with the AIX operating system.
Therefore, all products are installed locally, including IBM HTTP Server,
WebSphere Application Server, and DB2. WebSphere Payment Manager is an
application server inside WebSphere Application Server and as such it has to be
on the same machine.
Since this installation is for testing purposes we decided to use a small number of
large filesets instead of creating one fileset for each product. Logical Volume
Manager was used to provide some level of separation from physical disk
sub-systems. For each database instance created, we created a logical volume.
This may not be suitable for a production environment, but no matter how you
partition a machine the installation steps remain the same.
Again because this was a test environment we did not create many users on our
AIX system, but only created one user to act as the DB2 administrator. All other
operations were done by the root user.
Operating system
We started with a clean 4.3.3 AIX machine. The minimum maintenance level
tested to run WebSphere Application Server was level 2, but we upgraded our
AIX to the highest version available. That was maintenance level 8.
Verify your paging space with lsps -a. At least 128 MB of paging space is
needed, but the recommendation for AIX is twice the size of the system RAM.
Prior to installation we suggest you back up your system using the mksysb
command.
DB2
We installed DB2 UDB Enterprise Edition 7.1. You need to apply at least Fix
Pack 1 to get WebSphere Application Server, Advanced Edition 3.5.x up and
running properly. We downloaded UDB Fix Pack 3 to a temporary directory and
decompressed it for later use.
Before starting the actual installation, we created a DB2 user and group, created
a new volume for the DB2 instance, and allocated disk space.
42 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
and WebSphere Payment Manager databases grow, the size of the
/home/db2inst1 file system may need to be increased.
Table 3-1 Free space needed in journaled file systems.
File system Blocks of free space needed in
scenario 1
/ 100,000
/home 100,000
/home/db2inst1 600,000
/usr 1,000,000
3. Create a user db2inst1 (the same name as the instance for ease of use) in a
new group db2admin.
Note: Don’t use more than 8 characters for the name of the owner of the DB2
instance. DB2 recommends no more than 8 characters to keep compatibility
with host S/390 environments.
4. Give the ownership of the file system where the DB2 instance will reside
(/home/db2inst1) to this new user (db2inst1). Use the command chown -fR
db2inst1:db2iadm1 /home/db2inst1. Then verify the file system ownership
(user db2inst1, group db2iadm1) with ls -la /home/db2inst1.
The AIX machine is now ready for the installation of DB2 UDB Enterprise Edition
7.1 software.
Installation steps
The following steps should used to complete the install:
1. Install the latest maintenance level for AIX.
Operating system
The only step necessary here is the installation of the correct maintenance level.
Check for the required space in the / (root), /tmp, /usr and /var file systems by
making a preview of the maintenance level update using smitty update_all. The
space requirements are included in the summary at the end of the SMIT output.
You can choose whether to commit the software updates. The advantage of
committing is more free space on the file systems. The disadvantage is that you
cannot roll back the changes.
You can check out if the fixes has been installed with the command:
instfix -ikv 4330-08_AIX_ML
44 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
This will report that not all filesets have been found, but this is not a problem,
because not all packages to fix are installed on the machine. However, if no fixes
have been installed the report will say that no data was found about the fixes,
and this is a problem that you will need to correct.
Change the file systems size if needed and repeat the smitty update_all
command with the same options as in the preview, but this time applying the
changes.
Reboot the machine with the shutdown -Fr command after the update has
successfully completed.
After this, your AIX machine will be at the latest maintenance level.
DB2
Execute the db2setup command from the DB2 install directory to start the DB2
install. Follow these steps:
1. When the Install DB2 V7.1 window appears, select DB2 UDB Enterprise
Edition, highlight OK, and press Enter.
2. When the Create DB2 Services window appears, select Create a DB2
Instance, highlight OK and press Enter.
3. In the DB2 instance authentication window, enter the following:
– User Name: db2inst1
– Group Name: db2admin
– Home Directory: /home/db2inst1
– Highlight OK and press Enter.
4. You can ignore the message about DB2 not being able to change an existing
password and continue.
5. Enter the following DB2FENC values:
– User Name: db2fenc1
– Group Name: db2admin
Modify the .profile file of the DB2 instance owner so that the db2profile is set up
automatically every time the user logs on. Create a new or edit the existing
.profile for the DB2 instance owner and add this line:
$HOME/sqllib/.db2profile
Switch to the DB2 instance owner ID ( su - db2inst1) and ensure that you can
start ( b2start) and stop DB2 (db2stop). Also test that you can access the DB2
command line by typing db2.
Before applying the DB2 Fix Pack, all DB2 service must be stopped. The
commands to do this are:
su - db2inst1
db2 force applications all
db2 terminate
db2stop
db2licd end
exit
To install the .bff files that comprise the DB2 Fix Pack, with all the prerequisites in
apply state, use the command smit update_all and make sure to select the
options COMMIT software updates = NO and SAVE replaced files = YES. Before
actually applying the fixes, do a preview. If everything is OK, proceed with the
real update. You can later commit or reject the Fix Pack using SMIT again.
This Fix Pack has an additional subdirectory in the installation image. The name
of this subdirectory is “extras”. This extras subdirectory contains the filesets for
the double-byte and unicode conversion tables, specifically the following filesets:
db2_07_01.cnvucs
db2_07_01.conv.jp
46 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
db2_07_01.conv.kr
db2_07_01.conv.sch
db2_07_01.conv.tch
To install the filesets in the extras subdirectory, use the command smit
install_all.
Note: Installing the extras subdirectory will automatically commit the above
filesets. You will not be able to reject the Fix Pack if you install the extras
subdirectory.
Since future Fix Packs will require this Fix Pack to be already installed, they will
no longer include the extras subdirectory. This means that you must have these
filesets installed before installing future Fix Packs.
After applying fixes, you must enter the following at a command prompt:
db2 terminate
db2 CONNECT TO dwcntrl
db2 BIND $HOME/sqllib/bin/@db2ubind.lst BLOCKING ALL GRANT PUBLIC
db2 BIND $HOME/sqllib/bin/@db2cli.lst BLOCKING ALL GRANT PUBLIC
db2 terminate
If you install UDB and WebSphere Application Server Version 3.5 on the same
machine, you must enter these commands (substituting the names appropriate
for your system) from a DB2 prompt to circumvent a known problem in
WebSphere Application Server:
catalog tcpip node node_name remote hostname server svcename
catalog database db_name as db_alias at node nodename
Then edit the /etc/environment file and add the following line:
EXTSHM=ON
You may want to have the Payment Manager database in a different DB2
instance from the WebSphere Application Server database. If this is the case you
need to create a new DB2 instance (for example psadmin). If you do this you will
also have to define service name ports in the /etc/services file:
db2cpsadmin 50000/tcp
(e.g., db2c + instance name; port = 50000) and
db2ipsadmin 50001/tcp
(e.g., db2i + instance name; port = 50001)
Note: Make sure your Internet connection is up and running before starting
the installation program. You have to have a fully qualified host name
configured; otherwise, WebSphere Payment Manager will use a host name
ending with a dot. If you are not sure, at the end of the installation check the
httpd.conf file of the HTTP server; probably it will have the value for the
directive ServerName with a dot at the end.
Also ensure that the resolution on your display is set to 800 by 600 pixels or
higher to best view the Payment Manager installation program.
The database, the HTTP Server, and WebSphere Application Server must be
running during the installation.
48 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
7. Select the UDB database to use with Payment Manager.
8. If the install finds the JDBC driver information, click Next. If the install program
does not automatically find the JDBC driver information you should enter the
correct values. For example:
– JDBC Driver Class name: com.ibm.db2.jdbc.appDB2Driver
– JDBC Class location: /usr/lpp/db2_07_01/java12/db2java.zip/
– JDBC Driver shared library path: /usr/lpp/db2_07_01/lib/
Note: If you entered incorrect database information and database errors
occur, using the Back button may cause more database error pop-ups to
appear. If this occurs, you can either click Cancel and restart the installation
or you can click Back through several windows and then move forward using
the Next buttons (ensuring the correct values are entered at each intervening
window) until you get back to the database entry window. Once this window
reappears, you can enter the correct information.
9. In the Payment Manager Database Access Information window, enter your
values for the database owner user ID, administrator’s user ID, administrator‘s
password, Payment Manager database name and the DB2 instance name.
For example, if you are using UDB, enter:
db2admin /*for the database owner user ID
db2admin /*for the database administrator's user ID
db2admin /*for the database administrator's password
payman /*for the IBM Payment Manager database name.
DB2 /*The default DB2 instance name
10.In the Payment Manager Configuration Information window, take the default of
8611 for the Payment API port number or enter a new value if another
application on your system uses this TCP port.
11.In the Installation Summary window, review the chosen parameters. Click
Next to continue the installation.
Note: The progress bar will move during installation, although at times it may
appear to have stopped. Do not terminate the install, which is continuing. The
progress bar will resume moving when system resources permit.
Install the Fix Pack by following the instructions of the readme, taking care to
define the correct classpath.
For AIX we have build a script that does all three things and that even checks if
the application server for the Payment Manager servlets inside WebSphere
Application Server is up and running. The script is run as root and also makes
use of the DB2 user (in our example, db2inst1).
Three files are needed. One is the shell script that controls the starting, checking
and stopping of processes as shown in Example 3-1 on page 51.This should be
edited to use the actual directories where all the products are installed. The other
two shown in Example 3-2 and Example 3-3 on page 53 are TCL script files used
for WebSphere Application Server to stop and start the Payment Manager
application server. These two also need to be edited to use the node name of
your WebSphere Application Server. These two scripts must be placed in the bin
directory of WebSphere Application Server.
If you choose to start all the Payment Manager services manually, points to note
include:
The Payment Manager environment for IHS must be loaded before starting
IHS. If it is not loaded, the servlets won’t be able to connect to the database.
This is done with the command
. <WPM_directory>/SetupWebServerEnvironment
Make sure to run this command with the same user that starts the IHS.
The database must be running before starting Payment Manager or
WebSphere Application Server.
Use nohup to start the Payment Engine:
nohup <WPM_directory>/IBMPayServer
The order in which we recommend you start all the services is as follows:
1. Make sure IHS is stopped.
2. Start DB2.
3. Start Payment Manager.
4. Start WebSphere Application Server and the Payment Manager application
server.
5. Load the Payment Manager environment for the HTTP server.
6. Start IHS.
50 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Example 3-1 Code for rc.wpm. Before using it, be sure to edit the directories and user
names
#!/bin/sh
#
# Start, Stop and Check Payment Manager related services
case $1 in
start)
CURDIR=$PWD
echo
cd /usr/HTTPServer/bin
./apachectl stop > /dev/null 2>&1
cd $CURDIR
echo
echo "Servers Started"
echo
;;
stop)
CURDIR=$PWD
echo
cd $CURDIR
echo
echo "Servers stoped"
echo
;;
check)
PROC=$(ps -ef | grep java | grep framework.ETill | awk '{print $2}')
if [ -n "$PROC" ]; then
echo "OK: Payment Manager Active"
else
echo "ERROR: Payment Manager Stoped"
fi
if [ -n "$PROC" ]; then
echo "OK: WebSphere Application Server Active"
else
echo "ERROR: WebSphere Application Server Stoped"
fi
if [ -n "$PROC" ]; then
echo "OK: Apache Web Server Active"
else
echo "ERROR: Apache Web Server Stoped"
fi
;;
*)
echo " Usage: /etc/rc.wpm [ start | stop | check ]"
esac
exit
Example 3-2 shows a TCL script that can be used to start the WebSphere
Payment Manager application server.
52 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Example 3-2 Code for startWAS.tcl
ApplicationServer start {/Node:<your_node_name>/ApplicationServer:WebSphere
Payment Manager/}
Example 3-3 shows a TCL script that can be used to stop the WebSphere
Payment Manager application server.
Example 3-3 Code for stopWAS.tcl
ApplicationServer stop {/Node:<your_node_name>/ApplicationServer:WebSphere
Payment Manager/}
In preparing these detailed instructions, we used the install instructions from the
redbook WebSphere Commerce Suite V5.1 Handbook, SG24-6167, because
this provided us with detailed information about running WebSphere Application
Server on Solaris.
During the installation, except when noted otherwise, you have to be logged in as
root.
The basic steps to complete before starting the WebSphere Payment Manager
install are:
1. Configure Solaris and apply the recommended fixes.
2. Install Netscape Communicator (prerequisite for iPlanet). Note: Don’t run the
install command from the directory that the iPlanet document specifies, but
from the parent of that directory.
3. Install iPlanet.
4. Configure SSL for iPlanet:
– Request certificate
– Download it
– Install it
5. Change the parameters of the operating system as described in the IBM
WebSphere Payment Manager for Multiplatforms Install Guide Version 2.2,
especially semmsl and semmns. Otherwise, Oracle won’t have enough
processes and memory available and it won’t let you create databases.
6. Install Oracle.
7. Create databases for WebSphere Application Server and Payment Manager.
You can use any name for the SID (the user that owns the database), but
preferably limit it to names up to 4 characters long (Oracle recommendation).
In the creation windows don’t accept the default values; this won’t work. You
must changes some directories and variable values.
54 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
8. Install WebSphere Application Server 3.5.1 to avoid a problem with the
prerequisites check that occurs when checking supported versions of iPlanet.
(WebSphere Application Server does support iPlanet 4.1 SP7 when Fix Pack
4 is applied, but since we want to install the base WebSphere Application
Server 3.5 before upgrading to 3.5.4, it is necessary to turn off prerequisite
checking).
9. Confirm changes to the iPlanet server.
56 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Install iPlanet Web Server
This section provides detailed instructions for installing, configuring, and verifying
the Netscape iPlanet Web Server, Enterprise Edition V4.1 SP7 (4.17).
Note: For more detailed information on iPlanet Web Server refer to:
http://developer.iplanet.com/docs/manuals/enterprise.html
Tips: The following tips are used for navigation during the install.
Press Enter to choose the default and go to the next window.
Type Ctrl+B to back to the previous window.
Type Ctrl+C to cancel the installation program.
You can enter multiple items using commas to separate them, for example
1,2,3.
4. When you are prompted with the message Do you agree to license terms?
[No]: type Yes, and then press Enter.
5. When you are prompted with the message Choose the installation type
[2], press Enter to accept the default (Typical installation).
6. When you are prompted with the message Install location
[/usr/netscape/server4], press Enter to accept the default.
7. When you are prompted with the message Specify the components you
wish to install [All], press Enter to accept the default.
8. When you are prompted with the message Specify the components you
wish to install [1,2,3,4,5,6,8]: type 1,2,3,4,5 and then press Enter.
58 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
9. When you are prompted with the message Computer name
[your_hostname.domain], press Enter.
10.When you are prompted with the message System User [nobody], type the
user created in the pre-installation steps, for example iplanet, and then
press Enter.
11.When you are prompted with the message System Group [nobody], type the
group created in the pre-installation steps, for example iplanet, and then
press Enter.
12.When you are prompted with the message Run iWS Administration Server
as [root], press Enter.
13.When you are prompted with the message iWS Administration Server User
Name [admin], press Enter. You will be prompted for a password.
14.When you are prompted with the message iWS Admin Server Port [8888],
press Enter.
15.When you are prompted with the message Web Server Port [80], press
Enter.
16.When you are prompted with the message Do want to register this with
an existing Directory Server [No], press Enter.
17.When you are prompted with the message Web Server Content Root
[/usr/netscape/server4/docs], press Enter.
18.When you are prompted with the message Do you want to use your own JDK
[No], press Enter.
19.Review messages to make sure everything extracted and installed
successfully. Press Enter to continue and return to the command prompt.
The iPlanet Web Server SSL enablement is divided into the following steps:
Create a server for SSL transactions
Create a certificate trust database
Request a server certificate
Install the server certificate
Turn SSL encryption on
60 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Note: You can configure your server at any time from the Manage Server
window of the iPlanet Administration server by completing the following steps:
– Enter URL: http://<host>:8888/https-admserv/bin/index.
– In the Select a Server pull-down, select the server you want to
configure, for example SSL (the server name added for SSL in previous
steps).
– Click Manage.
7. In the Server Manager window, click the Security tab to create a Certificate
Trust database.
8. Enter and re-enter a password to use for this database, then click OK to
create the database.
9. A pop-up window should appear, indicating that a database was successfully
created.
10.The next step is to generate a certificate request. Click the Request a
Certificate link in the left navigation pane.
11.Generate your request as follows:
a. Select the New Certificate radio button.
b. In the CA-email address field, enter your e-mail address.
c. Select internal (software) in the Cryptographic module pull-down.
d. Enter you certificate trust database password in the Key pair file password
field.
e. In the Common Name field, enter the URL by which your host will be
known. This is normally the fully qualified host name, for example:
sun4.itso.ral.ibm.com.
f. In the remaining fields, enter your contact information.
g. Click OK to generate the certificate request.
12.The next window will inform you that your request has been sent. Take note of
the file name specified by the line:
A copy of the certificate request has been saved in the file:
<file_name>.
13.Proceed to a Certificate Authority Web site to submit your request. Follow the
instructions provided there for the completion of your request.
14.When you receive the certificate, go to the Security section of the server
manager for the SSL server (if you are not already there), by doing the
following:
a. Enter URL: http://<host>:8888/https-admserv/bin/index.
b. In the Select a Server pull-down, select the server you want to configure,
for example sun4_SSL (the server name added for SSL in previous steps).
c. Click Manage.
d. Click the Security tab.
15.Click the Install Certificate to install your new certificate. Figure 3-4 shows
the certificate installation window.
62 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-4 Certificate installation
Note: Alternatively, you can save the certificate to a file, and specify the
file name in the Message is in this file: text area.
18.A success window will pop up, as well as a window warning you that the
server will need to be restarted for the changes to take effect.
64 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
19.In order to activate SSL encryption, go to the Preferences section of the
server manager for the SSL server (if you are not already there), by doing the
following:
a. Enter URL: http://<host>:8888/https-admserv/bin/index.
b. In the Select a Server pull-down select the server you want to configure,
for example SSL (the server name added for SSL in previous steps).
c. Click Manage.
d. Click the Preferences tab.
20.Click Encryption On/Off in the left navigation pane.
21.Under Encryption, select the On radio button, verify the port number is 443
(or as previously defined), and then click OK.
22.When the warning message Security changes require shutdown and
restart appears ,click OK.
23.When the Save and Apply window appears, click Save and Apply.
24.When the Warning window message The security information that you
entered below will be sent in the clear, and may be exposed to
network snooping appears, enter the password for internal (software):
<trust_database_password>.
25.A success window should appear. Click OK.
26.Configuration is now complete. Both the HTTP and HTTPS servers will need
to be restarted for changes to take effect.
The iPlanet Web Server install, configuration, and verification section is now
complete.
We have organized the Oracle8i Enterprise Edition database server install into
the following phases:
Oracle8i install prerequisites
Install Oracle8i Enterprise Edition Database Server
Oracle8i post install configuration
Oracle8i post install configuration
Prepare the Oracle8i databases
66 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Oracle8i Client 8.1.7
Requires 450 MB of free disk space.
We allowed for this space when we installed Solaris 7 by allocating space to the
/opt file system.
Solaris 7 Required or
patch ID Description Recommended
2. Verify the following Oracle8i (JRE 1.1.8_10) required patches are installed by
typing the following command:
# showrev -p | grep <patch_name>
Where <patch_name> is included without -<level> listed above.
For example:
# showrev -p | grep 107636
Solaris 7
package name Description
2. Verify the following Solaris 7 packages are installed by typing the following
command:
# pkginfo -i <package_name>
Where the <package_name> is one listed in Table 3-4.
For example:
# pkginfo -i SUNWarc
The which command returns you to the executable path. The path search order is
determined by the location of the path in the path environment variable of the
shell.
The required directory for the executable is /usr/ccs/bin. If this is not already in
your path or not in the beginning of the path, you will need to add /usr/ccs/bin to
the beginning of the path of the current shell.
To configure the UNIX kernel for Oracle8i, complete the following steps:
1. Start a Solaris Console window and log in as user root.
2. Back up the system file:
# cd /etc
68 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
# cp system system.bak
3. Add or modify the Solaris kernel configuration parameters as explained in the
IBM WebSphere Payment Manager for Multiplatforms Install Guide. In our
case, for 1024 MB of physical memory the kernel parameters are:
set msgsys:msginfo_msgmax=65535
set msgsys:msginfo_msgmnb=65535
set msgsys:msginfo_msgmap=258
set msgsys:msginfo_msgmni=256
set msgsys:msginfo_msgssz=16
set msgsys:msginfo_msgtql=1024
set msgsys:msginfo_msgmax=65535
set msgsys:msginfo_msgseg=32768
set semsys:seminfo_semmni=1024
set semsys:seminfo_semmap=1026
set semsys:seminfo_semmns=2048
set semsys:seminfo_semmnu=2048
set semsys:seminfo_semume=200
set semsys:seminfo_semopm=200
Add also this extra kernel configuration parameters needed for Oracle:
set shmsys:shminfo_shmmin=1
set shmsys:shminfo_shmmni=100
set semsys:seminfo_semmsl=2048
set semsys:seminfo_semvmx=32767
Syntax:
# useradd -d <path_home_dir> -m -g <primary_group> -G <secondary_group> -s
<path_shell> <username>
Where:
• -d <path_home_dir> is the home directory of the user
• -m creates the directory of the user and .profile
• -g is the primary group to add the user to
• -G is the secondary group to add the user to
• -s <path_shell> is the path of the shell used by this user
• <username> is the user name to create
70 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
3. Create password for user oracle by typing the following:
# passwd oracle
This will prompt the user for the password.
4. Verify login with user:
# su - oracle
$ su - oracle
You will be prompted for your password.
Complete the following steps to install the Oracle8i Enterprise Edition server:
1. Start a Solaris Console window, and log in as user oracle.
# su - oracle
2. Insert the Oracle8i Enterprise Edition Release 2 (8.1.7) for Sun SPARC
Solaris CD-ROM on the database server.
3. To start the Oracle8i install, type the following:
# xhost +
access control disabled, clients can connect as any host
# su - oracle
$ /cdrom/oracle8i/runInstaller
4. When the Oracle8i Welcome window appears, click Next.
5. When the File Locations window appears, verify that the paths are as follows
and then click Next:
– Source: /cdrom/oracle8i/stage/products.jar
– Destination: /opt/oracle8/u01/app/oracle/product/8.1.7
6. When the UNIX Group Name window appears, enter the group oinstall
defined above, and then click Next.
7. When the Oracle Universal Installer window appears, you will be prompted to
run a script as user root in another Solaris Console window.
72 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
a. Start a Solaris Console window and log in as root.
b. Execute the script by typing the following:
# /tmp/OraInstall/orainstRoot.sh
c. You should see a message that states the following:
Creating Oracle Inventory pointer file (/var/opt/oracle/orainst.loc).
Changing groupname of /opt/oracle8/u01/oraInventory to dba.
8. Click the Oracle Universal Install window to bring it back to the foreground,
and then click Retry.
9. When the Available Products window appears, select Oracle8i Enterprise
Edition 8.1.7.0.0, and then click Next.
10.When the Installation Types window appears, select Custom, and then click
Next.
11.When the Available Product Components window appears, do the following:
– Deselect Legato Storage Manager
– Deselect Oracle HTTP Server 1.3.12.0.1a
– Deselect Oracle Product Options 8.1.7.0.0
– Deselect Development Tools 8.1.7.0.0
– Select Oracle Java Products 8.1.7.0.0 -> Oracle JDBC drivers and
select all the available drivers:
• Select Oracle JDBC/OCI Driver for JDK 1.1 8 1.7.0.0
• Select Oracle JDBC/OCI Driver for JDK 1.2 8.1.7.0.0
• Select Oracle JDBC Thin Driver for JDK 1.1 8 1.7.0.0
• Select Oracle JDBC Thin Driver for JDK 1.2 8.1.7.0.0
– Click Product Languages and verify that English is selected.
– Click Next.
You should see the status bar indicating the components are loading.
12.When the Component Locations window appears, accept the default and click
Next.
You should see the status bar indicating the components are loading.
13.When Privileged Operating System Groups window appears, accept the
default and click Next.
In our example, the Database Administrator and Database Operator are in
group dba.
You should see the status bar indicating the components are loading.
16.When the Summary window appears, review all the information. You can click
Back to change any selection. When everything is OK, click Install.
The installation will begin. It cannot be left unattended because it requires
some scripts to be run as root during the process.
17.When the Setup Privileges window appears, a message will be displayed to
run the following script:
a. Start a Solaris Console window and log in as root.
b. Execute the script by typing:
# /opt/oracle8/u01/app/oracle/product/8.1.7/root.sh
c. You will be prompted to enter the full path to the local bin directory. We
entered /usr/bin. Press Enter.
d. Click the Setup Privileges window to bring it to the foreground, and then
click OK.
18.When the Net8 Configuration Assistant Welcome window appears, click Next.
19.When the Net8 Configuration Assistant: Directory Service Access window
appears, click No, I want to defer directory service access configuration
to another type.
20.When the Net8 Configuration Assistant: Listener Configuration Listener Name
window appears, accept the default (LISTENER) and click Next.
21.When the Net8 Configuration Assistant: Listener Configuration Select
Protocols window appears, accept the default (TCP in selected protocols) and
click Next.
22.When the Net8 Configuration Assistant: Listener Configuration TCP/IP
Protocols window appears, accept the default (use the standard port number
of 1521)) and click Next.
23.When the Net8 Configuration Assistant: Listener Configuration More
Listeners window appears, accept the default (No additional listeners) and
click Next.
74 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
24.When the Net8 Configuration Assistant: Listener Configuration Done window
appears, click Next.
This configuration is saved in a tnsnames.ora file.
25.When the Net8 Configuration Assistant: Naming Methods Configuration
window appears, select No, I do not want to change the naming methods
configured, and then click Next.
26.When the Net8 Configuration Assistant Done window appears, click Finish.
27.When the End of Installation window appears, click Exit.
28.Confirm the Exit window prompt with Yes.
29.The Oracle8i Enterprise Edition server installation is now complete.
ORACLE_SID=oracle
ORAENV_ASK=NO
. /usr/bin/oraenv
export ORACLE_HOME
Net8 configuration
This section describes the required configuration for Net8 after the Oracle8i
installation.
1. Start a Solaris Console window and log in as root.
2. Update the /etc/services file with the listener. The listener name and port were
defined during the Oracle8i installation (Net8).
We added the following line to our services file:
LISTENER 1521/tcp
3. Save the services file.
76 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Oracle8i database verification
Database tuning
Configure autostart of database
Create Oracle ID and tablespace
Create Payment Manager Oracle ID and tablespace
Configure Net8 on Oracle8i Server
15.When the Review the SYSTEM tablespace information window appears, look
for the directories where it will save the database data, correct them if
necessary, and click Next as shown in Figure 3-7.
78 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-7 Check that the correct paths are used
16.When the Review the redo log file parameter information window appears,
carefully review the paths and click Next. See example in Figure 3-8.
Figure 3-8 The path for the Redo log files must be changed
Figure 3-9 Check if the number of processes is too high for your system or not
19.When the Review the directory path information window appears, accept the
defaults and click Next. See Figure 3-10.
80 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-10 Directory path settings must be kept under u01
Database tuning
1. Start a Solaris Console window and log in as user oracle.
# su - oracle
2. In the $ORACLE_HOME/dbs/init<your_SID>.ora initialization file, modify the
values of the parameters shown in Table 3-6 on page 82. In this table we
show the recommended minimum values for these parameters, but our
Solaris system we kept the highest values of the two values: the
recommended and the default.
Table 3-6 Oracle8i database tuning parameters
Parameters WebSphere Application
Server database value
open_cursors 200
db_block_buffers 2000
shared_pool_size 20000000
processes 100
3. Stop and start the Oracle8i Server for database tuning changes to take effect:
# su - oracle
$ dbshut
$ dbstart
Note: The Oracle8i dbshut and dbstart scripts will stop and start all
databases. This behavior is desired in this example, but may not be
appropriate in other situations.
Using svrmgrl is another option for stopping and starting the databases.
4. If your Oracle8i Server database instances do not start, check the tuning
parameters entered for errors. Changing the tuning values beyond the
physical memory available on the system will result in the database instance
not starting.
82 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Configure autostart of database
The following procedure will automate the startup and shutdown of the Oracle8i
database server.
1. Edit the /var/opt/oracle/oratab file.
Database entries in the oratab file appear in the following format:
ORACLE_SID:ORACLE_HOME:{Y|N}
Where Y or N specifies whether you want the dbstart and dbshut scripts to
start up and shut down the database. Find the entries for all the databases
that you want to start up. They are identified by the SID in the first field.
Change the last field for each to Y to enable the database to start when the
dbstart command is run.
For example:
wpm:/opt/oracle8/u01/app/oracle/product/8.1.7:Y
2. Create a dbora file.
This procedure only needs to be completed once on the Oracle8i database
server.
a. Change to the /etc/init.d directory:
# cd /etc/init.d
b. Create a file called dbora.
Example 3-5 provides a sample dbora file. We changed the ORA_HOME
to reflect the directory specified during the Oracle8i server installation.
Example 3-5 Sample dbora
#!/bin/sh
# Set ORA_HOME to be equivalent to the ORACLE_HOME
# from which you wish to execute dbstart and
# dbshut
# set ORA_OWNER to the user id of the owner of the
# Oracle database in ORA_HOME
ORA_HOME=/opt/oracle8/u01/app/oracle/product/8.1.7
ORA_OWNER=oracle
case "$1" in
’start’)
# Start the Oracle databases:
# The following command assumes that the oracle login will not prompt the
# user for any values
su - $ORA_OWNER -c $ORA_HOME/bin/dbstart &
;;
’stop’)
# Stop the Oracle databases:
# The following command assumes that the oracle login will not prompt the
# user for any values
84 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
/
alter user ejsadmin temporary tablespace temp
/
create user ejb
identified by ejb
default tablespace was
quota unlimited on was
/
grant dba to ejb
/
alter user ejb temporary tablespace temp
/
86 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
# su - oracle
4. Start Net8 Assistant:
# netasst
5. Verify that Service Names exist for the following:
– was
• Service Name: was
• Protocol: TCP/IP
• Host Name: sun4
• Port Number: 1521
– wcs
• Service Name: wpm
• Protocol: TCP/IP
• Host Name: sun4
• Port Number: 1521
See Figure 3-11 for an example.
Note: All listeners’ statuses will be displayed if the listener name is omitted.
88 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Note: All listeners will be started if the listener name is omitted.
to:
prereq_checker=0
90 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-12 We will install everything except the IBM HTTP Server, because we have already installed an
HTTP server
9. When the Location of Configuration files window appears, enter the path for
each Web server. The paths are normally in the form:
/usr/netscape/server4/<name_of_HTTP_server>/config
Figure 3-14 shows the paths we used for our example installation on Solaris.
Click Next.
92 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-14 The directory name where the configuration files are stored varies with the name of your
iPlanet server
10.When the Database Options window appears enter the following information:
– Database Type: Oracle
– Database Name: was
– DB Home: /opt/oracle8/u01/app/oracle/product/8.1.7
– DB URL: jdbc:oracle:thin@<hostname>:<server_port>:<db_SID>
For example: jdbc:oracle:thin@sun2:1521:was
– Database User ID: ejsadmin
– Database Password: <your_password>
– Confirm Password: <your_password>
11.When the Security Information window appears enter root as the user ID and
fill in the password fields. This password won’t be kept. It’s just for the
installation process. Choose Use dummy key ring file as shown in
Figure 3-16. Click Next.
94 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-16 The WebSphere Application Server installation program needs the root password
12.When the Select Destination Directory window appears, accept the default
/opt/WebSphere/AppServer and click Next.
13.When the Install Options Selected window appears, revise the options. Use
the Back button if you need to change something. If everything is OK, click
Next.
14.Click Yes to begin the installation of files.
96 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-18 Click Load Configuration Files
3. After a success message confirms that all the changes found in the
configuration files are consistent, a new window appears where you can apply
the changes found. Click Apply Changes as shown in Figure 3-19.
4. If you are applying the changes, you must provide the password to the
certificate database before proceeding.
The HTTP servers have to be restarted for these changes to take effect.
98 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
a. Search for the following:
DB_INSTANCE_HOME=fully_qualified_path_to_your_Oracle_home_directory
export DB_INSTANCE_HOME
If the path ends in a slash (..../.), remove it from the path.
b. Search for the following:
if ["${DB_TYPE}"!="DB2"]
then
{
LD_LIBRARY_PATH=$WAS_HOME/lib/odbc/lib:$WAS_HOME/bin:
$WAS_HOME/lib:$JAVA_HOME/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
${JAVA_EXE?}\
-classpath $CLASSPATH \
-DDER_DRIVER_PATH=$DER_DRIVER_PATH \
com.ibm.ejs.sm.util.process.Nanny admin.config
}
c. Change this section as shown below. New parts are indicated in bold text.
if ["${DB_TYPE}"!="DB2"]
then
{
ORACLE_HOME=Oracle_home_directory
export ORACLE_HOME
LD_LIBRARY_PATH=$WAS_HOME/lib/odbc/lib:$WAS_HOME/bin:
$WAS_HOME/lib:$JAVA_HOME/lib:$LD_LIBRARY_PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:$LD_LIBRARY_PATH
export LD_LIBRARY_PATH
LIBPATH=$LD_LIBRARY_PATH
export LIBPATH
NLS_LANG=AMERICAN_AMERICA.UTF8
export NLS_LANG
${JAVA_EXE?}\
-classpath $CLASSPATH \
-DDER_DRIVER_PATH=$DER_DRIVER_PATH \
com.ibm.ejs.sm.util.process.Nanny admin.config
}
Where Oracle_home_directory is the fully qualified path to your Oracle
home directory. For example,
/opt/oracle8/u01/app/oracle/product/8.1.7 .
d. Save your changes.
Note: Ensure the resolution on your display is set to 800 by 600 pixels or
higher to best view the Payment Manager installation program.
The database, the HTTP server and WebSphere Application Server must be
running during the installation.
2. Insert the Payment Manager for Solaris CD-ROM, and mount the CD-ROM
file system, if necessary. Run the Install command.
3. In the Payment Manager Install window, click Next.
4. Accept the license agreement and click Next.
5. Accept the default destination directory or enter another directory. Do not
include blanks or spaces in the destination directory name. Figure 3-20
shows an example using the default Payment Manager install directory. Click
Next.
100 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-20 Payment Manager install directory
6. If your Web server is already installed, you will be asked for the location of the
publish directory. If the location displayed is correct, click Next. If not, enter
the correct location and click Next. The publish directory is the directory out of
which your Web server serves documents. Figure 3-21 shows an example
using the default publish directory the iPlanet Web Server.
102 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-22 Payment Manager install using Oracle database
9. The install then attempts to find JDBC driver information for your database.
As we have not yet specified the correct location of the JDBC classes, the
JDBC Driver Information window will advise that the JDBC driver class could
not be loaded. This is shown in Figure 3-23.
10., Enter the name of the file where the JDBC classes can be found and click
Next. The location of the JDBC classes for Oracle 8.1.7 is
$ORACLE_HOME/jdbc/lib/classes12.zip where the default value of
$ORACLE_HOME is /opt/oracle8/u01/app/oracle/product/8.1.7
Figure 3-24 shows an example of this. Note that no entry is required for the
JDBC shared load library path.
104 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 3-24 Location of ORacle JDBC driver classes
11.In the Payment Manager Database Access Information window, enter your
values for the database owner user ID, administrator’s user ID, administrator’s
password, Payment Manager database name, and the DB2 instance name.
See Figure 3-25 for an example. Click Next.
12.In the Payment Manager Configuration Information window, take the default of
8611 for the Payment API port number or enter a new value if another
application on your system uses this TCP port. Click Next.
13.In the Payment Manager WebSphere Configuration Information window, enter
your WebSphere Administrative Node Name and click Next.
14.In the Installation Summary window, review the chosen parameters. Click
Next to continue the installation.
15.Note: The progress bar will move during installation, although at times it may
appear to have stopped. Do not terminate the install, which is continuing. The
progress bar will resume moving when system resources permit.
After the installation is complete you can verify that WebSphere Payment
Manager has been correctly installed by taking the following steps:
1. Start the Payment Engine:
a. Change to the Payment Manager install directory
cd /opt/PaymentManager
b. Enter ./IBMPayServer
2. Using the WebSphere Administrative Console start the Payment Manager
application server. Note: Before starting the Payment Manager application
106 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
server use the WebSphere Administrative Console to check that the virtual
hosts entries for the default host still have aliases that include the SSL port
443, because these aliases may be removed by the Payment Manager install.
3. Launch the Payment Manager user interface in a Web browser using the
URL:
http://<hostname>/webapp/PaymentManager/PaymentServletUI/Start
4. Check that you can log on to Payment Manager using the default
administration user ID of admin.
The SET protocol was designed to address the problems of authentication and
trust across an e-commerce transaction on the Internet. When you purchase
goods from the Internet you do not really know the credentials of the merchant
you are buying from. You supply the merchant your credit card details, but you
don’t know if the merchant might mis-use the information you provide.
In turn the merchant does not really know who you are. The merchant only
knows that you are using a credit card for an e-commerce transaction. The
merchant trusts the details provided by the purchaser and really has no way of
identifying the consumer with any confidence.
The card issuer also has no real method of confirming the credentials of either
the consumer or the merchant.
The SET protocol has been designed to provide a secure solution to the
challenges provided by Internet-based transactions. The following sections
discuss how the SET protocol works and outlines the IBM products that support
the protocol. For a full definition of SET and the low-level protocol specifications
please refer to:
http://www.setco.org
The protocol also prescribes how payment data should be handled so that, for
example, merchants never see a consumer’s credit card details.
The usual method of transferring the value across the Internet in today’s
e-commerce transactions is via credit or debit card. The merchant usually passes
the buyer’s card details on to an acquirer organization. The acquirer provides the
merchant with the capability of accepting and authorizing multiple credit card
brands in return for a percentage fee on all transactions dealt with by the
acquirer. This avoids the merchant having to deal directly with the credit card
issuers. The processing of the financial transaction is then the acquirer’s
responsibility. The financial transaction is then submitted to the card issuer for
authorization, who uses validation rules to authorize or deny the payment.
Figure 4-1 outlines the key players in an e-commerce payment transaction flow
and also shows the use of certificates for authentication.
110 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Payment Payment
Promise Authorization Transaction
CREDIT CARD
Fee
1234 5678 9012
VALI D FROM G OOD THRU
XX/XX/XX
XX/XX/XX XX/XX/XX
XX/XX/XX
PAUL FISCHER
PAUL FISCHER
Payment
Network
Certificate
Authority
Credit Card Bill
Ultimately it is the financial institution (the card issuer) that is responsible for
collecting the card holder’s debt. However certain credit card issuers are
beginning to shift the liability from card issuer to acquirer for non-SET secure
transactions.
With SET, all the above require a secure method of authentication. SET
mandates that all parties (with the exception of the card issuer) use digital
certificates in order to securely identify each party involved in a financial
transaction.
IBM provides a solution for SET certificate issuing authorities (known as CAs) in
the form of IBM Payment Registry software. The high-level function of this
software is to handle certification management, routing, decrypting and
encrypting as well as other validation activities. The certificate issuing authority is
a critical component of the SET architecture.
http://ibm.com/software/webservers/commerce/paymentregistry/features.ht
ml
At the time of writing this book IBM is to withdraw the current client-based IBM
Consumer Wallet software from marketing. A possible replacement product is a
server-based wallet. This allows for portability of the wallet so that consumers
are able to activate the credit card details when not using their regular
workstation. For more information on this product see:
http://ibm.com/webservers/commerce/payment/
112 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
4.1.3 Merchant certificates
The merchant uses a payment server to store certificates. The payment server
accepts all e-commerce financial transactions directly from the consumer’s
electronic wallet, stores and passes the financial information for the transaction
directly on to the financial institutions for authorization. All transactions going
through the payment server are logged for audit purposes. IBM’s solution for the
payment server in this scenario is WebSphere Payment Manager using the
Cassette for SET.
IBM’s solution for acquirers is the IBM Payment Gateway product. For more
information on this product see:
http://ibm.com/software/webservers/commerce/payment/paymentgateway/featur
es.html
Figure 4-2 outlines the various IBM products that support the SET protocol.
IBM
Payment
Commerce Suite Cassettes Gateway
Credit SET
Card OTHERS
Details Financial
IBM Payment
Consumer IBM WebSphere
Network
Wallet Payment Manager
4.2.1 MIA
Merchant Initiated Authorization (or MIA) is an SET extension that permits
merchants to processes order payments from card holders where the payment
request from the consumer has not been captured using the SET protocol, that is
when no SET certificate was used during the exchange of details between the
consumer and merchant. It does requires that a secure transport protocol (SSL)
must have been used by both parties.
The merchant must, however, process the transaction with the acquirer using the
SET protocol. The acquirer must also have a policy of accepting these requests
from merchants by indicating that purchasers without certificates are supported.
MIA is sometimes referred to as half SET (since only half the parties involved in a
regular SET transaction use the full SET certificate exchange). The MIA
message flow between the parties is also sometimes referred to as a 2KP (two
key pairs) message flow, the key pairs being the certificates exchanged during
the payment transaction. The message flow for full SET is also sometimes
referred to 3KP (since consumer, merchant and acquirer all exchange certificates
to process the payment).
Figure 4-3 outlines the difference between full SET and MIA.
114 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Consumer Merchant Acquirer
CERTIFICATE
SET CERTIFICATE
SET CERTIFICATE
SET
MIA
CERTIFICATE
SSL CERTIFICATE
SSL CERTIFICATE
Full
SSL
For more detailed technical information on the MIA extensions and others please
refer to the following:
WebSphere Payment Manager Guide - Cassette for SET supplement, found
at:
http://www.ibm.com/webservers/commerce/payments/lib/
http://www.setco.org/extensions.html
116 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
4.2.6 Other SET extensions
A comprehensive list of SET extensions is available at:
http://www.setco.org/extensions.html
With the 3D model, it is the responsibility of each owner of the domain to verify
the other party. For example, the acquirer needs to satisfy himself that the
merchant is genuine. Similarly the issuer is required to verify the card holder. The
interchange domain is a safe area where authentication and payment transaction
details can be exchanged once authentication has been passed.
Figure 4-4 shows the welcome page of the SET demo site.
118 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Before registering with the IBM demo site, you can use an ID generator to
provide information that is required when completing SET registration. If you are
doing this with a genuine acquirer, the organization should have given you the
necessary details in order to obtain the SET certificates. Substitute these real
values for the values in the following sections.
The details that were registered for the purposes of this book are shown in
Figure 4-5.
You can use either using the Payment Manager administrator interface or the
Commerce Suite administrator interface to do the SET cassette configuration.
Figure 4-6 Select Merchant Settings from Commerce Suite admin console
120 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 4-7 Select the SET cassette for merchant wcsadmin
Note: The SET Acquirer Profile attribute in the account object defines how
the acquirer uses the SET protocol. In our example we define a value of 3
to denote a Customized profile (since it is the demonstration environment).
Since the SET profile value is defined with the account object this means
Payment Manager can easily support multiple acquirer profiles (by defining
new account objects). For more information on the Payment Manager SET
cassette support of SET acquirer profiles please refer to the URL:
http://ibm.com/software/webservers/commerce/paymentmanager/support/acqpro
file.html
122 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 4-9 SET account successfully created
Once an account is defined for the merchant we need to define a brand for the
account. A brand is a credit card type such as Visa, MasterCard and Diners Club.
In our example the brand ROBO will be added as a brand to the SET account.
The full URL for the Certificate Authority used in this example is
http://setca-demo.ebiz.ca.ibm.com:5065/ROBOMCA.
5. Click Create Brand. The window shown in Figure 4-11 appears.
124 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 4-11 Fill out the acquirer-specific information
6. Enter the acquirer details and click Continue Request.... This initiates
Payment Manager SET message pairs Me-AqCInitReq and Me-AqCInitRes.
These message pairs are SET protocol-defined messages and work in the
following way:
– The BIN and Merchant ID are sent by Payment Manager to the certificate
issuing authority in the MeAqCInitReq message.
– The Certificate Authority sends back a MeAqInitRes containing the
registration and policy statement, which the merchant then fills in and
accepts the policy statement.
7. Payment Manager then returns the completed application form in a CertReq
message to the Certificate Authority. If you are renewing certificates, these
are also included in the CertReq message.
8. The Certificate Authority then generates the certificates using the information
supplied. These are then sent back to Payment Manager. The Payment
Manager certificates by default are kept in a file called key.db in the Payment
Manager data directory.
732 <KeyDetails::trace()
732 SETUnexpectedConditionException thrown
732 ModuleName : ./src/cmswrapper/cmswrapper.cpp
732 LineNumber : 183
732 PrimaryRC : 7
732 SecondaryRC: 18015
732 ErrorText : Certificate searched for is not found
To fix this problem we used CertUtil to remove all certificates in the Payment
Manager database and deleted the brand created for the SET cassette.
Recreating the brand and requesting the certificates again removed the
problem.
126 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Important: The removal of all certificates in the database was only
possible since this was a test environment and we had no other working
certificates. If this happens in your environment and you have other
working certificates, you must contact support to resolve the problem.
9. Successful definition of the brand and the acquisition of the SET certificates
results in an information window shown in Figure 4-12. Note: IP
communication is required for this process to work successfully.
10.If you now go back to the brand link, you can verify that the brand was created
successfully and a table will be displayed showing the certificate validity as
well as the expiration date. This is shown in Figure 4-13.
128 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Obtaining a consumer certificate
Make sure that:
You have Internet connectivity.
If you are working on a secure network, valid proxy settings have been
defined in your browser.
The domain setca-demo.ebiz.ca.ibm.com is pointing at the correct IP address
- (the SET demo site contains the correct IP addresses that should be used).
You have installed wallet software (for example the IBM Consumer Wallet
V2.1 was used for the purposes of obtaining the consumer certificates in this
book).
5. The wallet application then shows a window saying that it is initiating the
certificate request.
Note: The first time you request a certificate for a credit card using the wallet
application you will be prompted for the URL of the Certificate Authority.
Figure 4-15 shows the URL that we used with the IBM SET demonstration
site.
A root hash is also required. This information was given in the IBM SET demo
registration response. For example the root hash value shown in Figure 4-16
was used in our setup.
130 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 4-16 Prompt for the root hash
6. The wallet application now has sufficient information to converse directly with
the IBM demo SET registry authority software. If the initiation of the
conversation is successful, you will see a policy agreement prompt. In the
IBM Demo system this has no text. In a real-life situation this window will
contain the terms and conditions of the certificate issuing authority. Click
Accept to continue.
7. Now the certificate registration windows will appear. These consists of three
pages of consumer registration information required by the SET issuing
authority. Enter in the details requested and click Finish to continue the
certificate request.
8. The wallet then passes this information back to the SET certificate issuing
authority. If the request is successful a message window as shown in
Figure 4-17 will be displayed.
9. Click Close. This will show the wallet application and the credit card details.
Note: The certificate status should be shown as Valid and the credit card logo
should appear with the credit card details. An example of this is shown in
Figure 4-18.
10.In the Web browser where you entered the original credit card (SET brand)
certificate request you will see a window detailing that the certificate request
was successful.
Remember that in order to purchase goods using the SET architecture, both
merchant and consumer require certificates from the same SET issuing authority.
We used the Payment Manager merchant settings to request and obtain the
merchant certificate. With the SET certificate request completing successfully,
we can now use the Sample Checkout tool to verify that these certificates have
been installed correctly and can be used in an SET Internet online purchase.
We now need to configure the application to use the SET cassette. This is often
an Internet online shop such as a shop created using Commerce Suite. For
simple verification, the Payment Manager Cassette for SET also supplies a tool
called Sample Checkout to simulate a merchant’s online Internet shop and
enable the creation of orders that require payment processing by the cassette.
Using the Sample Checkout helps verify the configuration works correctly before
getting involved with the complexities of a real e-commerce application. The
following sections discuss how to ensure that the cassette is running correctly
using the Sample Checkout tool.
132 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
4.4.4 Sample Checkout
The sample checkout is supplied with the SET cassette. Configuration of the
SampleCheckout.xml is required before you can successfully use the tool.
To do this:
1. Change to the directory
<payment_Manager_Install_directory>/Samples/SampleCheckout/.
Note: If you kept to the supplied defaults when installing Payment Manager,
the directory is <drive>:\Program
Files\IBM\PaymentManager\samples\SampleCheckout.
2. Edit the file SampleCheckout.xml
a. Add the MIA and SET (with wallet) options to the XML file.
Add two additional payment option ids to the PaymentOptionList as
follows:
<PaymentOptionList>
<PaymentOption id="SET" profile="SampleCheckoutSET">SET </PaymentOption>
<PaymentOption id="SETWallet"
profile="SampleCheckoutSETWallet">SETWallet</PaymentOption>
Note: The text for each option ID should be on a single line.
b. Configure merchant information
SampleCheckout acts as a application that creates orders for specific
Payment Manager merchants. Since it mimics the merchant, Payment
Manager details on the merchant are required. It uses these details to
pass on to Payment Manager when creating the order. The supplied XML
file assumes a user ID of admin with a password of admin.
This is the default Payment Manager setup when using the supplied
Payment Manager realm. If you have changed Payment Manager to use
another realm, make sure that the realm has this specific user ID and
password or alternatively change the user ID and password values in the
XML file to reflect users that will be able to log on to Payment Manager as
an administrators. In our test environment the user ID and password
values were changed to wcsadmin.
merchantNumber="123456789"
Change this value to the merchant number associated with the merchant
specified in the userid= field. This number can be found in the Payment
Manager merchant settings option.
<!--
============================================================================
PaymentOptionList specifies which payment options are available in
SampleCheckout.
Each payment option idenfies a profile to be used when creating Payment
Manager
orders with that payment option. The value of the PaymentOption will be
displayed as the descriptive text of that payment option. You can use
plain text
or an image escaped with <![CDATA[...]]> tags.
============================================================================
-->
<PaymentOptionList>
<PaymentOption id="SET" profile="SampleCheckoutSET">{SET}
</PaymentOption>
<PaymentOption id="SETWallet" profile="SampleCheckoutSETWallet">{SETWallet}
</PaymentOption>
<PaymentOption id="Offline" profile="SampleCheckoutOfflineCard"
default="1">{OFFLINECARD}
</PaymentOption>
<PaymentOption id="COD"
profile="SampleCheckoutCustomOfflineCOD">{CASHONDELIVERY}
</PaymentOption>
<PaymentOption id="BillMe"
profile="SampleCheckoutCustomOfflineBillMe">{BILLME}
134 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
</PaymentOption>
</PaymentOptionList>
136 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Tip: Out of the box the Sample Checkout supports only two currencies, US
and Canadian Dollars, even though you are able to select other currencies
using the GUI interface. If the currency is not defined in the properties file
for SET (for the language you are using) the SETWallet request will fail. if
you want to test your SET environment using other currencies add the
required currency code to the file SampleCheckoutSET_en.properties file.
A list of valid currencies can be found in the file
SampleCheckout.properties file. To get the above example working with
the Euro currency, the currency code “CURCODE.978=Euro” was added to
the SampleCheckoutSET_en.properties file.
5. Click Buy. The Sample Checkout formulates an order and passes the
information on to Payment Manager. If any errors occur at this stage (for
example the order already exists for this merchant) then they are passed back
to the SampleCheckout GUI interface. If the order is created successfully, the
SET Consumer Wallet software is triggered. If you are not already logged on,
then sign on to the consumer wallet software.
6. Once successfully logged on to the Consumer Wallet you will be presented
with a window showing the details of your purchase including the amount
being requested, the order number and a description of the order. You now
have the choice of cancelling the order or paying with the SET card.
7. Click Pay to continue with the purchase as shown in Figure 4-21.
138 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
9. Another dialog takes place with the Payment Manager and the order is
successfully placed. A message detailing that the order was successfully
placed is written to the SampleCheckout window, as shown in Figure 4-23.
Note that the consumer has not been required to enter any credit card number or
expiration date and has also been able to verify the credentials of the merchant.
If you log on directly to Payment Manager as the wcsadmin merchant, you can
see the order in the list of orders ready for the merchant to process. If you open
this order (by clicking the order number) you will see that the merchant does not
see the credit card details. They are kept in the Payment Manager database fully
encrypted (128-bit encryption is used to save the details).
140 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
5
More than 14,000 U.S. financial institutions rely on VisaNet as their processing
system, to facilitate over $765 billion in annual transaction volume.
Although the name VisaNet might suggest that it is only limited to one credit card
type for payment, it in fact supports all the common credit cards such as Visa,
MasterCard, American Express, Diners Club and Novus card types. For an
actual list of supported credit and debit cards, please consult the Vital
Processing Services Web site at:
http://www.vitalps.com
Visa partners with IBM and other global firms to develop and test Visa
Authenticated Payment. Together they speed up e-commerce programs to
ensure safe and secure online payment transactions. With Visa Authenticated
Payment, Visa is providing the same level of security in the virtual world as Visa
has in the physical world.
VisaNet is often chosen as the favorite solution for electronic payment service,
because the transaction connection can be established quickly. This is mainly
because VisaNet uses frame relay and no certification software has to be
installed on the client workstations.
142 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
5.1.2 Architecture
To establish a connection between your payment server and the Visa VirtualNet
Internet Payment Gateway (VIPG), your server requires an IP-based connection
from a frame relay Internet to VisaNet. When authorizations are performed on
the payment gateway, results are sent back to your payment server in real time.
Visa 2nd Generation is the required format for all transactions being processed
by VisaNet.
Authorization and data capture messages are formatted in accordance with the
following specifications”
EIS 1080 Authorization Protocol Version 6.0
EIS 1081 Data Capture Protocol Version 6.0
Details about these specifications can be read on the Vital Processing Services
Web site at:
http://www.vitalps.com
http://www.ibm.com/news/usalet
Search for “Announcement Letters” and use the key word “VisaNet”.
Detailed technical information about the VisaNet cassette can be found in the
Cassette for VisaNet supplement at:
http://ibm.com/software/webservers/commerce/payment/docs/paymgr221visane
t.pdf
Payment
UI Servlet
Servlet
Merchant
Web Browser
Internet
Payment
Manager
Data
VirtualNet IP
Financial
Institution
VisaNet Host
144 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
5.2.2 Class certification
WebSphere Payment Manager cassette for VisaNet is Class B certified, which
indicates that you will get support from IBM as your payment system integrator,
and not from Vital Processing Services.
The merchant must work through an acquiring bank to establish an account with
Vital Processing Services. It is recommended that the merchant inform the
acquiring bank that he'll also need a test account. The acquiring bank will work
with Vital to create both accounts and provide you with the necessary
configuration parameters (store number, bin, etc.), which go into the Payment
Manager/VisaNet configuration.
If a merchant does not have a bank relationship yet, he can refer to the Vital
Processing Networks Web site, select Merchant and find a list of acquiring banks
complete with contacts and phone numbers.
The merchant is responsible for setting up a frame relay Internet link (PVC) into
the UUNet VirtualNet IP router. UUNet controls the router, and you should
contact their local representative for details. UUNet also supports a PPP
connection (56 kbps dialup). For the PPP connection, they will send you software
to install and it makes the connection. The connection can last all day or be
dynamic, depending on the volume. One UUNet customer does 200,000
transactions/day using the PPP connection. The data streams are small, so PPP
is definitely a possibility.
Make sure that before starting the installation of the cassette for VisaNet v2.2,
the following software prerequisites are met:
WebSphere Application Server, Advanced Edition v3.5
WebSphere Payment Manager v2.2 or later
Java Development Kit 1.1.8
If your current installation does not meet the required level, please visit the IBM
Payment Web site and download the new framework or PTF (Program
Temporary Fix):
http://www.software.ibm.com/commerce/payment/support/serv/index.html
1. On AIX and Solaris, you must log on as root. On Windows NT and Windows
2000, you must log on as a user who is a member of the administrator group.
2. Change to the cassette install directory.
3. Enter InstallVisaNetCassette to start the installation.
4. A Java window will appear, guiding you through the installation process. Make
sure that WebSphere Application Server, Advanced Edition is running and
WebSphere Payment Manager is stopped before you continue with the
installation. If one of these conditions is not met, the installation will prompt
you to either start or stop the service.
5. Before the installation process starts, you will be prompted to enter the
password to access the WebSphere Payment Manager database. The
password will be immediately validated and the install process will only
continue if the password entered is correct.
6. Enter the information requested on the installation windows.
7. The IBM Cassette for VisaNet Readme window, as shown Figure 5-2,
indicates that the configuration of the Cassette for VisaNet has successfully
completed and displays the README file, if desired.
146 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 5-2 Cassette for VisaNet installation
http://ibm.com/software/webservers/commerce/paymentmanager/support/index.
html
Payment Manager PTFs are shipped as Java class files. These class files will
install the PTF when run. Each ptf.class file includes the version number, the
product and the platform in the name. For example
IBMPayMgr_aix_VisaNetCassette_2.2.1_ptf.class would be the name of the
Payment Manager Cassette for VisaNet PTF, Version 2.2.1 for AIX. The
instructions below use the generic name ptf.class.
1. Log on as a user who is a member of the Administrator's group (on Windows
NT) or as root (on Solaris or AIX).
2. Download the ptf.class file from the Web site or copy it from the CD to a
directory that you have write access to.
3. Stop your Web server, WebSphere Application Server, and Payment Engine.
4. Make sure the JDK classes.zip file is in the CLASSPATH environment
variable. The classes.zip file is usually located in:
On Windows NT: <JDK_HOME>\lib\classes.zip
On Solaris or AIX: <JDK_HOME>/lib/classes.zip
where <JDK_HOME> is the directory where the JDK is installed.
5. Make sure the location of the directory containing the ptf.class file is in the
CLASSPATH environment variable.
6. To start the PTF installer, enter
java <ptf>.
where <ptf> is the actual class name of the PTF to be installed. Figure 5-3
shows an example of installing the cassette PTF.
148 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Important: It is mandatory to launch the PTF from a path that is in your
classpath! If you forget to do that, installation will work but Payment Engine will
fail to load after that. You are then forced to re-install WebSphere Payment
Manager and the cassette for VisaNet.
Tip: When installing the PTF, be sure not to include ‘.class’ when executing
the Java command.
It is recommended that the merchant informs the acquiring bank that he'll also
need a test account.
150 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
• Store Number
• Terminal Number
– Merchant cassette settings:
• VisaNet Merchant Number
• Merchant Category Code
– Payment information
• Test card numbers for Visa, MasterCard, Discovery Card, American
Express etc.
• CVV value
• Expiration date rules
• Test Street Address
• Test Zip
Additionally you will receive host name and port information of the Vital Test
Server as well as sample amounts, which would result in different responses
from the server.
5.6.2 SampleCheckout
We will use the SampleCheckout for use with the test merchant account. Sample
Checkout provides an XML test page that can be used in every browser for
placing a test payment. The SampleCheckout Web site can be accessed at:
http://localhost/SampleCheckout
You might only have -D options within that file, if you have used
PaymentManager for other test scenarios before.
Open your preferred Web browser and access the Payment Manager site at:
http://localhost/PaymentManager/index.html
152 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 5-4 VisaNet test account - creating a test merchant
2. Enter the test merchant data for VisaNet cassette. You will need to fill in the
Merchant Number and Category Code as provided in the test merchant
profile. This is shown in Figure 5-6.
154 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 5-7 VisaNet test account, account configuration
4. The only thing left to configure now is the gateway settings of the Vital Test
Server. This can be done by selecting Cassettes -> VisaNet. Enter the host
name and port as provided within the test merchant profile. See Figure 5-8 for
an example.
in your preferred Web browser. You are ready to send test orders to the Vital
Test Server and receive responses according to the amount and the credit card
information you have entered. See Figure 5-9.
156 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 5-9 VisaNet test account, submitting a sample order
For example, if you place an order for $0.11, the Vital Test server would generate
a DECLINE and store further details about the reason why the order has been
declined. If you place an order for $0.50, the Vital test server would generate an
ACCEPT. All this data is stored within the Payment Manager trace log file (see
5.6.8, “Consult the trace log files” on page 158).
Click the checkbox next to the order and select Approve Selected.
Every order you place will be traced in the log files. Create some test orders and
look how the test server responds to them. Be sure to have the word wrap option
disabled in whatever editor/viewer you are using to look at the log files. If you use
word wrap, the log file will become unreadable. The following example out of the
log file would show a request that was declined by the test server:
MerchantName = 123456789
OrderNumber = 1001
TransactionNumber = 1
approvalCode = null
authResponseCode = 61
authResponseText = DECLINE
Now that you successfully used the test merchant profile, you are ready to
configure your WebSphere Payment Manager to connect to a production Vital
gateway. This will allow your merchant to use VisaNet for electronic transactions
from his Web site.
158 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
6
The framework just gives support. Without a cassette, the framework can not do
any electronic payment. That’s why along with the framework the WebSphere
Payment Manager installs two cassettes for testing purposes. It’s the only way
Payment Manager can have functionality right out of the box.
The cassettes define all or part of a payment protocol. For example, the
cassettes that include the use of a card (credit, debit, exclusive) define the PAN
and the checks associated with this PAN. This is not defined by the framework.
This data is cassette dependent, since there are cassettes that don’t use a card
to carry out an electronic payment. If communication is needed, the cassettes will
format the messages.
The protocol usually includes security: SET certificates, private network, SSL or
any other security defined in the payment protocol. Figure 6-1 shows the way in
which a cassette typically interacts with the WebSphere Payment Manager
framework.
160 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 6-1 An example of how a cassette is integrated with WebSphere Payment
Manager.
Also, this is the best way to create an efficient code that manages payments: the
core of the Payment Manager takes care of processing messages with a unique
format. The plug-ins will handle the task of translating everything and
communicate with other systems.
IBM currently ships a cassette for SET with the base Payment Manager software.
Most of the other IBM developed and owned cassettes are available free of
charge. Contact your local IBM representative for more information. Cassettes
from third parties must be obtained from the cassette developers and terms and
conditions may vary. Some cassettes are not publicly available, because they
were written as custom engagements.
You can consult the full list of cassettes in Table 6-1 on page 167.
http://ibm.com/software/webservers/commerce/payment/paymentcards.htm
l
APACS
The Association for Payment Clearing Services (APACS) is the United Kingdom
bank consortium that owns the standards for all inter-bank transfer related items.
The APACS cassette connects to financial networks that process requests
according to APACS standards. For authorization the cassette uses APACS
162 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Standard 30, “Specification for a Credit Authorization Terminal”. For data capture
and settlement, the APACS cassette is designed to process two standards:
APACS Standard 29B (“Flexible File Format for Card Companies and Retail”)
and APACS Standard 40 (“Acquirers' Interface Requirements for Electronic Data
Capture Terminal”).
The physical communication for all APACS messaging is X.25. Most acquirers
still only support an X.25 environment. All the major acquirers are in the process
of creating Internet support for their merchants. The APACS cassette uses
acquirer configuration files to support the needs of today as well as future
environments. A configuration file defines the protocol and connection used by
the acquirer. In addition, the configuration file references a specific connection
implementation.
Atos IPS
The IPS cassette, available from Atos, provides full functional access to Atos
Poseidon Internet Payment System (IPS), a SSL gateway with support of
international credit cards (Visa, MasterCard, American Express, JCB), debit
cards, direct debit, and stored value cards (for example, German Geldkarte). For
the transmission of sensitive financial data, IPS offers a direct SSL
communication to the consumer (thin wallet). Beyond this the IPS gateway can
be integrated with the IBM SET solution so it provides the back-end connection
to IBM Payment Gateway (via Atos customization).
BankServACH
This cassette, available from IBM, does not need a card for payments. It admits
electronic checks and ACH funds transfers. The electronic check is a version of
ACH funds where the electronic media substitute for the traditional paper check.
The account information is encrypted and sent to the server, which compares it
with a huge database for real-time authorization.
ClearCommerce
The ClearCommerce cassette, from CSI, allows merchant applications to
integrate with ClearCommerce's Payment module. The cassette uses
ClearCommerce's JLink 3.8 libraries to connect securely and transact with their
servers. The JLink API uses Secure Sockets Layer (SSL) to encrypt data
transmission during processing.
The idea behind this cassette is that the customer can define (customize) what
each function of the cassette means, which provides complete freedom of
personalization without the need for developing a cassette.
164 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
CyberCash
The IBM cassette for CyberCash provides access to the CyberCash
CashRegister processing service in US English and US dollars. Currently, only
the North American CashRegister service supports the CyberCash Merchant
Connection Kit (MCK) Version 3.2 protocol. This service enables merchant
access to the set of North American acquirers listed at
http://www.cybercash.com/. While CyberCash CashRegister services may be
available in other countries, they may not support the Version 3 interface.
The cassette for CyberCash admits payments with credit cards, electronic
checks and micro payments. Payments are made using merchant-collected
information, where merchant software asks for card information over a secured
connection or an electronic wallet. The merchant must already have an account
with an acquiring financial institution and authorization as a credit card merchant.
http://ibm.com/software/webservers/commerce/payment/docs/paymgr221cyber.
pdf
CyberSource
Available from CyberSource, this cassette communicates with the CyberSource
Transaction Server (CTS) in real time to authorize and settle credit card and
other payment transactions. The payment is done through pre-built connections
with third-party processors and merchant banks.
FDMS
The IBM Cassette for First Data Merchant Services (FDMS) North provides
access through a leased-line connection to First Data's North platform through
SSL. This is available through an IBM Services engagement only.
It uses the standard ISO 8583 message format for authorization requests and
responses. The FDMS protocol can handle authorizations for credit cards,
electronic checks and debit cards, but the cassette is developed to support credit
cards only. Also, although FDMS supports authorization reversals for Visa credit
cards only, the cassette does not currently implement this facility.
FDMS does not work with real-time transactions. Instead, all the transactions
done in a day are sent in a “settlement” file and processed at the end of the day.
RiTA
Available from Go Software, this cassette is certified with most major North
American processors. The RiTA Payment Cassette for IBM offers credit card,
ACH processing and fraud protection features.
PaylinX
Available from Lynk Systems, the PaylinX cassette processes card and check
payments. It is valid only for North American credit and debit cards, corporate
procurement cards, private label gift cards, and check transactions. Apart from
the cassette Lynk also provides optional fraud-scoring and risk management
services.
Payflow Pro
Available from VeriSign Payment Services, the Payflow Pro cassette supports
online payment processing for merchants to all major North American payment
processors. Fraud screening and ACH processing are optional services also
offered by VeriSign. The Signio cassette is now part of VeriSign.
SET
Chapter 4, “Integration with SET” on page 109 provides a detailed explanation of
this cassette.
166 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
VisaNet
Chapter 5, “Integration with VisaNet” on page 141 provides a detailed
explanation of this cassette
Table 6-1 Cassettes available for Payment Manager, in alphabetical order
Cassette OS Version(s) How to obtain it
Atos IPS AIX Payment Contact your local IBM Sales Representative
NT Manager
Solaris 2.1
WIN2K Payment
Manager
2.2
SET AIX eTill 1.0 Ask your local IBM Sales Representative
AS400 eTill 1.2
NT Payment
OS/390 Manager
Solaris 2.1
WIN2K(*) Payment
Manager
2.2
168 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
7
http://ibm.com/software/webservers/commerce/epit/mpepm.html
Note: Each Payment Manager installation can use only one realm at a time. The
integration between Commerce Suite and Payment Manager in terms of user ID
support is supplied already written and only needs to be activated using
customization of the supplied Payment Manager configuration files.
Note: The realm support is not exclusively open to Commerce Suite installations.
It is possible to write your own plug-in realm that will allow (for example) user IDs
to be stored in another format, or for Payment Manager to use the same user ID
repository of a different e-commerce engine.
170 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
After restarting the Payment Manager application server, the users defined within
Commerce Suite will also be defined in Payment Manager. The users are kept
once in Commerce Suite. Payment Manager is given access to the same user
IDs that Commerce Suite has defined. If this is the first time you have installed
Payment Manager with Commerce Suite, use the default-supplied wcsadmin
user ID to access the Payment Manager merchant administration interface. By
default this ID has also been given the Payment Manager administrator role.
For more detailed instructions, please refer to the Commerce Suite installation
guide.
This informs Payment Manager where Commerce Suite is installed so the class
files defined in PMRealm.jar can obtain information on the users defined by the
Commerce Suite administration interface. An IP connection to this host is
required in order for Payment Manager to find the Commerce Suite installation.
Figure 7-1 outlines this architecture.
IBM WebSphere
Commerce Suite Payment Manager
PMRealm.jar
WCSHostName = <WCS_host_name>
(from PaymentServlet.properties)
Machine A Machine B
DB2 Client
Machine C
DB2 Payment
Manager
DB2
Figure 7-2 Split Commerce Suite Payment Manager and DB2 configuration
172 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-3 Payment Manager install error with a remote DB2
It was clear from our previous successful installs of Commerce Suite and
Payment Manager on the same machine that the only difference with this attempt
was that the DB2 was remote to the machine where Payment Manager was
being installed. We had already installed the DB2 client and cataloged the
Payment Manager database on the machine where Payment Manager was being
installed. To quickly get around the problem, we decided to install a DB2 server
environment on the Payment Manager machine. When we did this, the
installation of Payment Manager using the remote DB2 completed successfully
so it appears that the Payment Manager installation verification checks required
a full installation of DB2 on the machine where it was being installed.
For more information on the V2.2.1 PTF please go to the following URL, which
will give information on how to download the PTFs for all platforms:
http://ibm.com/software/webservers/commerce/paymentmanager/support/sbu
ll2.html
For the specific V2.2.1 PTF upgrade that we installed in the Windows 2000
environment, go to the following URL:
http://www.software.ibm.com/dl/paymgr/srvupdts-p
174 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
7.4 Commerce Suite-supplied payment resources
WebSphere Commerce Suite V5.1 supplies resources (class files, commands,
and JSPs) for use with WebSphere Payment Manager 2.2. The following
sections give detail of these resources.
DoPaymentMPFCmdImpl class
This Commerce Suite-supplied class uses the DoPaymentCmd (task) command
interface to instruct Payment Manager to initiate the payment process for an
order via the Payment Manager 2.2 cashier function. Please refer to the
Commerce Suite documentation for more information on this supplied class file.
GetOrderDescCmdImpl class
This class file uses the Commerce Suite GetOrderDescCmd (task) command
interface. It formats the order description for use by wallet applications. In
Commerce Suite, this task command is called by a cashier extension function
specified in the cashier profiles used for the Payment Manager Cassette for SET.
The default install of Commerce Suite sets up all stores (storeEnt_id of 0) in the
VIEWREG table to use the PayStatusPM.jsp for the PaySuccessView,
PayCancelView and PayFailureView. PayService.jsp is used for the
PayServiceView. If you want to customize the use of any of these JSPs you can
modify the VIEWREG table.
176 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The PayStatusPM.jsp is an all-purpose sample JSP file that many of the views
related to payment processing could specify. In addition to the SET Wallet
specific views set up by Commerce Suite mentioned above, the OrderOKView
could also be set up to specify this JSP file. To do this the process is currently
manual, because the default page for the OrderOKView is a simple static page
named OrderOK.jsp. The OrderOKView could also be mapped to the
PayStatusPM.jsp file if Payment Manager is used to process payment for the
store.
ViewName OrderOKView
interfacename com.ibm.commerce.command.RedirectViewCommand or
com.ibm.commerce.command.HttpForwardViewCommand
classname com.ibm.commerce.command.HttpRedirectViewCommandImpl or
com.ibm.com.commerce.command.HttpForwardViewCommandImpl
devicefmt_id -1
You may also want to customize the default views by, for example, adding your
own store banner, logo or changing the color scheme and fonts. Customization of
these views is outside of the scope of this redbook, so we used the default views
and their default JSP specifications.
For more information on how cashier profiles are defined, please refer to the IBM
WebSphere Payment Manager for Multiplatforms Programmer’s Guide and
Reference Version 2.2. For the integration of Commerce Suite and Payment
Manager - Commerce Suite supplies relevant profiles for all the IBM-supplied
cassettes, so it is unlikely that you would be required to change any of these
profiles.
Example 7-1 shows the supplied cashier profile for SET Wallet purchases. It can
be found in <wcs_install_directory>\instances\<instance_name>\xml\payment\.
Example 7-1 Default Commerce Suite-supplied SET Wallet Cashier profile
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Profile SYSTEM "../../../../xml/PaymentManager/profile.dtd">
<!--
//*-------------------------------------------------------------------
178 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
//* Licensed Materials - Property of IBM
//*
//* 5724-A18
//*
//* (c) Copyright IBM Corp. 2000
//*
//* US Government Users Restricted Rights - Use, duplication or
//* disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
//*
//*---------------------------------------------------------------- -->
<!-- ==================================================================
This is the Standard WCS 5.1 cashier profile for the Payment Manager
Cassette for SET
================================================================== -->
<CollectPayment>
<BuyPageInformation reference="WCS51_SET_Wallet"></BuyPageInformation>
<!-- ==================================================================
Parameters required by Payment Manager for order creation
================================================================== -->
<Parameter name="PAYMENTTYPE"><CharacterText>SET</CharacterText></Parameter>
<Parameter name="MERCHANTNUMBER"><CharacterText>{storeId}</CharacterText></Parameter>
<Parameter name="ORDERNUMBER"><CharacterText>{orderId}</CharacterText></Parameter>
<Parameter name="CURRENCY"><CharacterText>{CURRENCY}</CharacterText></Parameter>
<Parameter name="AMOUNT"><CharacterText>{AMOUNT}</CharacterText></Parameter>
<Parameter name="AMOUNTEXP10"><CharacterText>{AMOUNTEXP10}</CharacterText></Parameter>
<!-- ==================================================================
Optional parameters for Payment Manager
================================================================== -->
Since a Wallet application is used, the Payment Manager has to return a wakeup
message to WCS to send to the shopper. This completes the DoPayment command.
Specifying an APPROVEFLAG of 1 means the Wallet application would receive the
Purchase Response from the Payment Manager after the Authorization response is
received from the Payment Gateway.
<!-- The amount which should be used when approving an order. Usually
this will be the same as the order amount. This field is required
if the APPROVEFLAG is set to 1 or 2. -->
<Parameter name="PAYMENTAMOUNT"><CharacterText>{AMOUNT}</CharacterText></Parameter>
<!-- The payment number which should be used when approving an order.
Usually this will be 1. This field is required if the APPROVEFLAG
is set to 1 or 2. -->
<Parameter name="PAYMENTNUMBER"><CharacterText>1</CharacterText></Parameter>
<!-- ==================================================================
Parameters required by the cassette
================================================================== -->
<Parameter
name="$SUCCESSURL"><CharacterText>http://{WCSHostName}{WebPath}/PaySuccessView?storeId={storeId
}&orderId={orderId}&langId={buyer_language_id}</CharacterText></Parameter>
<Parameter
name="$FAILUREURL"><CharacterText>http://{WCSHostName}{WebPath}/PayResetPM?storeId={storeId}&am
p;orderId={orderId}&fail=1&langId={buyer_language_id}&URL=PayFailureView</Character
Text></Parameter>
<Parameter name="$CANCELURL"
><CharacterText>http://{WCSHostName}{WebPath}/PayResetPM?storeId={storeId}&orderId={orderId
}&cancel=1&langId={buyer_language_id}&URL=PayCancelView</CharacterText></Parameter>
<Parameter
name="$SERVICEURL"><CharacterText>http://{WCSHostName}{WebPath}/PayServiceView?storeId={storeId
}&orderId={orderId}&langId={buyer_language_id}</CharacterText></Parameter>
<!-- The encoding attribute indicates to the Cashier that the bytes for the
OrderDescription can be obtained from the returned String using the 8859_1
character encoding because that was how the GenericExtension class encodes
the bytes. The resulting bytes are in the language of the requester. -->
<Parameter name="$ORDERDESCRIPTION" encoding="8859_1" >
<ExtensionValue name="com.ibm.commerce.payment.extensions.GenericExtension" />
</Parameter>
<!-- ==================================================================
Optional parameters for the cassette
180 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
================================================================== -->
<!-- The cardholder's street address. 1 to 128 ASCII characters. -->
<Parameter name="$AVS.STREETADDRESS"><CharacterText></CharacterText></Parameter>
<!-- The cardholder's ISO 3166 (3 digits) country code. This field is
required if any other AVS data is passed. -->
<Parameter name="$AVS.COUNTRYCODE"><CharacterText></CharacterText></Parameter>
<!-- An identifier that the merchant uses to specify one of its locations.
The value is specified as a String. 1 to 10 ASCII characters. -->
<Parameter name="$AVS.LOCATIONID"><CharacterText></CharacterText></Parameter>
<!-- Indicates the content type and character set of the $ORDERDESCRIPTION
parameter. -->
<Parameter name="$CHARSET"><CharacterText></CharacterText></Parameter>
<!-- One of two fields in the merchData structure; when specified, the
Cassette will use it. Value must be a 4-character numeric string.
Note: The requirement to use this field will come from the acquirer. -->
<Parameter name="$MERCHCATCODE"><CharacterText></CharacterText></Parameter>
</CollectPayment>
</Profile>
The PAYMENTTYPE parameter specifies the actual name of the cassette that
the profile is use for.
Note: Commerce Suite requires that this name also appear as part of the file
name of the profile.
182 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
command to obtain a value for the $ORDERDESCRIPTION parameter. This
allows different stores to have different GetOrderDescCmd command
implementations but the same cashier profile can still be used for all Commerce
Suite stores.)
For more information on the parameters required by the Cassette for SET refer to
IBM WebSphere Payment Manager for Multiplatforms, Cassette for SET
Supplement, Version 2.2.
Note: The Commerce Suite and Payment Manager in our environment both
shared the Commerce Suite realm so this has the effect of sharing user IDs
between the two systems. However, Commerce Suite is the owner of the
users so if you need to add a user to administer Payment Manager you add
the user ID through the Commerce Suite admin console and not through the
supplied Payment Manager PSDefaultRealm <add> command.
In the above example even though the Payment Manager role for wcsadmin
has effectively been downgraded for Payment Manager tasks the Commerce
Suite role for wcsadmin remains unchanged.
If you choose not to implement the above policy, this should have little effect.
However, in practice the wcsadmin user will be able to administer all aspects
of Payment Manager.
184 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-4 Authorize merchant for an additional cassette
186 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Note: Cassette authorization for a merchant enables the merchant to choose
which cassettes they use. It is not mandatory that the merchant uses all
cassettes for which he/she is authorized.
7.6.3 Enabling the Commerce Suite sample store for SET purchases
The sample WebSphere Commerce Suite V5.1 store InFashion is configured to
use the offline card by default. This will enable you to process payments without
using any automatic processing by a back-end financial institution. As well as
using the offline card cassette for demonstration purposes, a merchant may
choose to use this cassette in a production store. For example if they already had
a card swipe system in their bricks and mortar shop, it could make sense for a
merchant to use offline card with their e-commerce store. However, a merchant
may require payments to be processed by a back-end financial institution if they
need additional payment processing features such as credit card authorization
and approval checking. In this case the merchant would want to opt for a
commercial cassette. Chapter 6, “Integration using other payment cassettes” on
page 159 details the commercially available cassettes.
Use credit card number 2222222222222224 with any future expiration date to
get an order through to Payment Manager. Using Commerce Suite
Accelerator, check that the order appears in Commerce Suite and that the
order has been created in Payment Manager.
If the InFashion store works with the offline card, you can begin to configure
the store to work with the SET cassette.
The paymthd_id value maps to a profile name and the profile names match to
Payment Manager cashier profiles that are supplied by WebSphere
Commerce Suite V5.1.
188 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The brand display logic in OrderDisplayPending.jsp for the credit card type
also requires changing, since by default it has OfflineCard hard coded in the
JSP as shown in Example 7-4.
Example 7-4 Default display logic in OrderDisplayPending.jsp
//Display brands for OfflineCard and for the currency presently
//being used.
for (int i = 0; i < acctInfo.length; ++i)
{
if (acctInfo[i].getCassetteName().trim().equals("OfflineCard") &&
acctInfo[i].getCurrencyCode().trim().equals(currentCurrency))
{
%>
<option
value="<%=acctInfo[i].getBrand()%>"><%=acctInfo[i].getBrand()%></option>
<%
}
}
%>
Change the above OfflineCard code to use SET. This value matches the
value of the parameter name PAYMENTTYPE in the relevant cashier profile.
See Example 7-5.
Example 7-5 Specify SET in credit card brand display logic
//Display brands for OfflineCard and for the currency presently
//being used.
for (int i = 0; i < acctInfo.length; ++i)
{
if (acctInfo[i].getCassetteName().trim().equals("SET"))
{
%>
<option value="<%=acctInfo[i].getBrand()%>"><%=acctInfo[i].getBrand()%>
</option>
<%
}
}
%>
190 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
In order to verify that the wallet application works correctly and to obtain
consumer certificates, follow the steps outlined in Chapter 4, “Integration with
SET” on page 109. Also test the wallet application and the SET setup using
the Payment Manager SampleCheckout tool.
Note: The IBM Consumer Wallet application requests proxy details for
Internet communication. The environment used to write this chapter
already had a SOCKS client configured and running. To avoid having to
configure the DNS settings for the IBM Demo SET environment, the IBM
Consumer Wallet was configured to use no proxy, instead using the system
default SOCKS settings for Internet communication. The system’s HOSTS
file also contained the domain and corresponding IP address given with the
IBM Demo SET registration. Without this communication between the
wallet and the back-end financial institution, the wallet application will fail
while processing the order.
7. Create an order
You are now ready to test SET wallet purchases using the Commerce Suite
V5.1 sample store. Use the sample store to create a Commerce Suite
shopping basket. The Commerce Suite InFashion sample store allows you to:
– Choose items to add to the shopping basket
– Create a name and address book entry used for shipping information
– Choose the relevant shipping options
– Proceed to check out
The sample store requires the consumer to enter credit card details,
expiration date and the credit card brand (choice from a drop-down box).
Since the store has been developed for collecting credit card values we
are forced to enter a valid credit card number and expiration date here.
However, in a wallet purchase this is not required, since the wallet is used
to pass the credit card details on to the Payment Engine.
Tip: If you create a store that will use only SET wallet purchases, no credit
card information would be collected at any HTML-based Web pages. The
credit card information section in the InFashion store should be removed
and the logic for credit card checking be removed from the store. The
cassette for SET, Payment Manager and the back-end financial institution
would have the responsibility of checking these details.
You might also want to add logic to your store so that either SET wallet or
MIA purchases could be made from your store. This would avoid losing
any potential orders from customers without wallet software. This option is
only open to you if your back-end financial institution supports SET
Merchant Initiated Authorization as well as SET.
Figure 7-7 shows the InFashion sample store checkout and the credit card
information. Click Order Now to start the SET purchase.
192 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-7 Electronic checkout area provided by InFashion store
Once the SET wallet order process starts, the first thing to happen is that the
wallet will be triggered into action. When it appears sign on to the wallet
application.
The purchase details list in the middle of the window shows the granularity of
the order details. In our example, details from the Commerce Suite shopping
basket are shown, enabling the consumer to verify what they are paying for.
This is shown in Example 7-6.
Example 7-6 Commerce Suite Shopping basket details in wallet application
Purchase amount : 76.25 USD
Order description:
Order #10460
194 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
SKU# Description Quantity Price/Unit Price
-------------------------------------------------------------------------------
sku-105 Cords 1 25.00 25.00
sku-194 Casual shirt 1 25.00 25.00
sku-239 Bodysuit 1 15.00 15.00
-------------------------------------------------------------------------------
Sub-Total 65.00
Tax 3.25
Shipping 8.00
Shipping Tax 0.00
---------------
Grand Total 76.25
The credit card choice section allows the purchaser to choose which credit
card to use with the merchant. However, the Cassette for SET application has
already informed the wallet software of the credit card brand to be used in the
purchase.
Click Pay. This will show a window as in Figure 7-9.
The consumer now has the chance to verify the merchant details as defined
with the back-end financial institution. This uses the Verify Merchant window
shown in Figure 7-10.
Figure 7-10 Verify the merchant’s registered details before you confirm the order
196 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-12 Default consumer PaySuccessView page
The default PayStatusPM.jsp file has a Continue Shopping button that works
only if you have a Commerce Suite MallFrontView and a corresponding JSP
created. You can avoid having to do this by removing the reference to
MallFrontView and adding the code shown in Example 7-7 to the JSP file.
Example 7-7 Activating the Continue Shopping button
remove
<form action="/webapp/wcs/stores/servlet/MallFrontView">
replace with
<form action="/index_infashion.html">
When prompted, choose the store and language you ordered from.
198 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Note: wcsadmin stills hold its Commerce Suite administrator role even
though it has been given a downgraded Payment Manager role so you will
see other stores that are available on the Commerce Suite system. If you
do choose the incorrect store, then you will not be able to perform any
Payment Manager actions using the wcsadmin user.
You will see the standard WebSphere Commerce Suite Accelerator order
view window, which contains details of the order including the SKU’s, billing
address, order status, and so on. Note that the payment status is Approved.
This means that the order has automatically been approved, but no money
has been exchanged yet. An authorization for the amount of the order has
Figure 7-15 Select order 10460 and choose process payment option
A new window will appear with the payment details as shown in Figure 7-16.
200 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-16 Deposit for order 10460
The window shows the payment details for the order. Note that the payment
type is defined as SET and the PAN and expiration date has been partially
hidden since we are using the Payment Manager 221 directive
“MinSensitiveAccessRole=psadmin” in the PaymentServlet.properties file.
This means that only Payment Manager administrators are allowed to see the
credit card information. The user wcsadmin who is the owner of our store is
defined as a merchant administrator so it does not therefore see the sensitive
information.
Let us now imagine a scenario where the order can only be partially fulfilled
and the merchant will need to wait a couple of weeks before the rest of the
order can be completed. The merchant can deposit an amount for the items
he is ready to ship to the consumer. To do this, click Deposit.
The Payment Manager deposit window will appear as shown in Figure 7-18.
Enter 25.00 dollars in the deposit amount box and click Deposit. This would
be an example of the merchant being able to send the consumer the casual
shirt (at 25 dollars).
202 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 7-18 Deposit partial amount
When the Deposit button in this window is clicked, the order is assigned a
batch number when passed to the back-end financial institution. This
prepares the order for settlement at a later stage. If this process is successful,
a window similar to that in Figure 7-19 will be shown with all the relevant SET
message and approval codes. Once you have reviewed the details in this
window use the Payment Manager back button (the green arrow circled in
Figure 7-18) to return to the previous page.
If you decide you want to void the deposit it is possible to do this using the
Void Deposit button at the bottom of the window. This removes the deposited
amount from the payment batch set up with the financial institution. You can
then deposit a different (partial or full) amount.
Important: If you settle the partial deposited amount, you will only be able
to issue a credit for that order. You will not be able to issue the deposit for
the full amount without recreating an order on behalf of the customer.
However, the merchant does not have the user’s wallet !!!!!
If the approval amount total equals the whole amount of the order, then
multiple deposits can only be performed within the approved amount and you
are forced into reversing any previously deposited amounts and then
re-issuing the deposit.
204 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
To avoid this, it is necessary to approve partial amounts. You would do this if,
for example, you (as a merchant) did not have all the goods available for
dispatch to the customer and you needed to order the goods yourself from
your supplier, but you did have some of the order that you could dispatch
immediately. You would approve the value of the amount that you had in stock
(a partial amount) and deposit the same amount. This would then allow you to
issue another partial approval when you received the (delayed) goods from
your supplier.
For example, Figure 7-20 shows an order (number 5558), with a value of 565
German Marks (note the automatic Euro conversion for this currency).
206 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
2. Payment 2 has an approved amount of 165 and corresponding deposit for the
same amount.
3. Payment 3 has an approved amount of 100 and corresponding deposit
amount
4. Payment 4 has an approval of 265 DEM but no corresponding deposit
amount.
The following windows show the process of adding another (final) payment to
the order
For example, click Approve and specify a final amount of 35 German Marks
as shown in Figure 7-21.
The details of the order now show the deposited amount equal to the value of
the order.
208 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
7.6.4 Payment Manager set up with the InFashion Sample store
When you install the Commerce Suite sample store using the InFashion store
archive, certain payment assets are automatically defined in Payment Manager.
These include which cassette the merchant owner of the InFashion store is
authorized to use, as well as corresponding accounts and brands supported by
the store.
The definition of these elements is done using a payments asset file. The
supplied sample store archive file contains a predefined payment asset file called
paymentinfo.xml. If you look in the InFashion SAR using a zip extraction utility,
you will see this XML file.
The payments asset file is used by the Commerce Suite publish process to
define
If the store will use Payment Manager
The type of cassette used by the store
An account for each currency supported by the store
A brand for each account.
Example 7-9 shows the supplied paymentinfo.xml file with the InFashion SAR
file.
Example 7-9 paymentinfo.xml supplied with Infashion_en_US_fr_FR.sar
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE paymentinfo SYSTEM "paymentinfo.dtd">
<!-- Payment information to configure Payment Manager -->
<paymentinfo>
<!-- yes if user wants to use Payment Manager -->
<!-- no if user does not want to use Payment Manager -->
<PaymentManager enable="yes"/>
<!-- user can specify more than one type of cassettes,Commerce Models
supports OfflineCard -->
<Cassette type="OfflineCard">
<!-- The currency has to be 3 character iso code currstr -->
<Account currency="USD">
<Brand type="MasterCard"/>
<Brand type="VISA"/>
<Brand type="American Express"/>
</Account>
<Account currency="FRF">
<Brand type="MasterCard"/>
<Brand type="VISA"/>
For more information on the contents of this file, please refer to the
paymentinfo.dtd file.
210 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
8
212 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Your Java properties files may be located wherever you wish, but they must be
pointed to in the classpath that is set for the WebSphere Application Server. It is
usually created in the root directory of the Payment Manager program. These
files must be in unicode.
The information you need is an identifier that is associated with the object in the
HTML. Each comment begins with PMTID, followed by the type of the object, then
the object's identifier as shown in Figure 8-1.
Figure 8-1 Example of browser source code showing PMTID comment fields
admin.PSUserInfoSearch.us.userNamer
Note: There are no spaces and the parts of the identifier are separated by
periods. The comment field should appear in the source code like this:
<!-- PMTID FIELD=admin.PSUserInfoSearch.us.userNamer -->
214 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-2 Display before PMCustomUI.properties file invoked
After the PMCustomUI.properties file was invoked, it looked like Figure 8-3.
216 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-4 The WebSphere Administrative Console
Highlight the Payment Manager application and click the Stop button to stop it.
After it shows the application has stopped, click the Start button to restart it.
Once this operation completes, the PMCustomUI.properties file will take effect
the next time you refresh the Payment Manager windows(s).
The highest level of object is the component and changes all windows within the
component. There are three components in Payment Manager: admin, payment,
and reports. Therefore, there is no single line that can be written in a properties
file to make a change throughout all of Payment Manager. You must write at least
one line per component. The list of items that can be changed for a component
are:
Name Appears in the title bar of the browser
Header Appears at the top of every window in the component; often contains
an image
Trailer Appears at the bottom of every window in the component; may
include an image or text
The next level of object is the fieldgroup and the list of items that can be changed
for a fieldgroup are:
Name Appears centered on the banner above the fieldgroup name
Header Appears left-aligned above the fields of a fieldgroup
Trailer Appears left-aligned below the fields of a fieldgroup
An example of changing the trailer for all the fields that use trailers in a particular
fieldgroup is:
payment.screen1.fieldgroup3.TRAILER=new_trailer
The lowest object level is the field. The list of items that can be changed for a
field are:
Name Appears to the left of the field in a colored box
Shorthelp Appears to the right of the field to provide help information
for the field content
Defaultvalue Appears in the text box as the default text
Preferredwidth Width of the field defined as whole number of pixels or
percent
Preferredheight Height of the field defined as whole number of pixels or
percent
Maximumlength Sets maximum number of characters for the field
218 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Without the percent sign, the column width would be set to 15 pixels.
To change the text associated with an action, such as a push button, use the
following as an example:
payment.screen.ACTION=Next
In this example, the text on the button will be changed to "Next". You can do the
same with radio buttons.
Remember that in order to make changes for individual languages, you must
create a complete set of files for all the languages. To make changes to the
French version only of your Payment Manager, you must put your changes in the
PMCustomUI_fr.properties and leave the files for the other languages blank.
Your Java properties files may be located wherever you wish, but they must be
pointed to in the classpath that is set through WebSphere Application Server.
These files must be in unicode.
The current list of languages and their assigned character values is included
below.
Language Language Code
Brazilian Portuguese pt
Dutch nl
English en
French fr
German de
Japanese ja
Korean ko
Simplified Chinese zh
Spanish es
Traditional Chinese zh_TW
Note: If a single quote is needed within double quotes, you must use two single
quotes.
Rather than edit this file, you should copy it, make your changes to the copy, and
then point to the copy in your properties file. This protects you from overwriting
your changes when you apply service.
To use a particular stylesheet, use the identifier stylesheet in your properties file,
followed by the location and name of the new stylesheet. For example, if your
new stylesheet is located at
<webserverdirectory>/myStyleSheets/newStyleSheet.css, then the line in your
properties file would be:
styleSheet=/myStyleSheets/newStyleSheet.css
Note: If you upgrade or reinstall Payment Manager, it's a good idea to have your
branding properties files and stylesheets backed up.
220 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
8.3 Customizing the CustomOffline cassette
If you are the provider of a hosted Payment Manager, you will probably want to
customize the Payment Manager user interface to ensure that all of your
merchants have a fixed set of payment method names from which to select
during account creation. This provides consistency across all merchants. If you
are running a Payment Manager as a single merchant, then you need not worry
about performing this step.
After you decided which methods to use for manually collecting payments, you
can update the Payment Manager user interface to seamlessly support your
chosen methods. After the user interface is updated, the payment methods are
selectable when an account is being created for the CustomOffline cassette.
To update the user interface with your payment method names, update the
PMCustomUI.properties file. PMCustomUI.properties is the properties file that
must be modified to do branding (customization) of the Payment Manager user
interface. This file is not provided during the Payment Manager installation, so
you will need to create it if you have not already done so. See 8.2.2, “Creating
your properties files” on page 214 for more information. Any changes that you
make to PMCustomUI.properties will appear in all languages supported by the
user interface.
If you wish to provide language-specific changes, you will need to create (or edit
your existing) PMCustomUI_xx.properties files, where xx represents a supported
language. See 8.2.3, “Naming your properties files” on page 219 for the list of
supported options. For example, if you want “Cash On Delivery" to appear when
the user interface is viewed in English, edit PMCustomUI_en.properties.
For each payment method that you want to support, you make an entry in the
properties file. The entry will specify the text to display in the user interface and
the value that will be passed for the "$METHOD" parameter of the
CreateAccount API call. The format of these entries is as follows:
CustomOffline.CustomOfflineAccount.CustomOfflineAccountDetails.Method.
index=apiValue:displayValue
where:
apiValue is the value used on the CreateAccount API call. This value must
correspond to the $METHOD value used for AcceptPayment commands for
this payment method. The apiValue must not contain any colons.
displayValue is the value displayed in the user interface.
index is a unique index of the method name used to order the method names
in the user interface. The index value for your first payment method should be
1 and other entries should be numbered consecutively.
After you have made your changes to the properties files, you must restart
Payment Manager using the WebSphere Administrative Console (as shown in
Figure 8-4) for the changes to take effect.
Examples of realm types include LDAP realms and operating system realms. A
user must be defined in a realm before being granted access to resources in that
realm. Therefore, a user is a valid Payment Manager user if, and only if, he is
both:
In the realm
Assigned a role in the Payment Manager
Payment Manager employs a role-based access control scheme that defines four
Payment Manager roles:
1. Payment Manager administrator (see Figure 8-2 on page 215)
2. Merchant administrator
3. Supervisor
4. Clerk
222 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The Payment Manager administrator can use the Payment Manager user
interface window to assign access (based on a role) to a user defined in a realm.
Though other realms can be created, the following are provided with the Payment
Manager:
PSDefaultRealm:
This is a simple realm implementation provided by the Payment Manager that
uses a flat file to hold a list of realm users and their corresponding passwords.
Use this realm when you are using Payment Manager with Version 3.x of
WebSphere Application Server.
PSWAS2Realm:
This is the default realm of WebSphere Application Server, Version 2.0.x.
Users are added and deleted from the PSWAS2Realm through the
WebSphere Application Server administration client. Use this realm when you
are using Payment Manager with Version 2.0.x of WebSphere Application
Server. Apart from this mention, this realm will not be discussed in this
redbook.
As previously noted, these are not the only mechanisms for authenticating and
authorizing users. Other applications that use the Payment Manager may
override our realm implementation and use their own support.
8.4.1 PSDefaultRealm
For users with an installation of WebSphere Application Server, Version 3.x,
Payment Manager provides realm support in the form of the PSDefaultRealm.
The PSDefaultRealm is a simple realm implementation that uses flat files to hold
a list of realm users and their corresponding passwords. Each entry in this file is
Base64 encoded to provide a basic level of security.
The list command will display the users defined in the PSDefaultRealm.
224 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Change the RealmFile setting in PaymentServlet.properties to reflect the new
realm.
You must ensure that the user admin (or any other user currently defined to the
Payment Manager with Payment Manager administrator authority) is defined in
the new RealmFile prior to changing the RealmFile setting in
PaymentServlet.properties. You can then use this user ID to log on to Payment
Manager and assign user roles to other users in the new realm.
Note: To invoke the newly created realm, you need to switch from the realm
currently employed by the Payment Manager to the new realm. For information
on switching realms, see “Switching from one Payment Manager realm to
another” on page 225.
Note: The slashes in the previous example must be forward slashes, rather than
back slashes, even on the Windows NT operating system.
If the merchant software and the Payment Manager both share the same realm,
this double login problem can be removed by coding the merchant software links
to pass authentication information through the Payment Manager user interface
and into the realm code. Single sign-on is often an important reason for wanting
to write a Payment Manager plug-in realm.
226 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Implement a PaymentServletRealm subclass
Use the trace facility to enable easy problem determination
Implement single sign-on between another user interface and the Payment
Manager user interface (that is, provide links between your Web pages and
the Payment Manager Web pages using the single sign-on function)
Test the realm
Design points
To write a realm for Payment Manager you must provide a new class that
extends the com.ibm.etill.framework.payserverapi.PSDefaultRealm class. You
can find it in the eTillClasses.zip file in the Payment Manager root directory. You
should consider the following design points when writing your new Payment
Manager realm.
Realm name
One of the functions your new realm class will provide is getRealmName().
Payment Manager administrators can determine which realm is currently in use
by looking at the Realm field of the Payment Manager settings window in the user
interface. This realm name is determined by querying the realm using the
getRealmName() method. The result is passed to the user interface via the
QueryPaymentServer API response. You should provide a getRealmName()
method in your realm class that returns a string that can be used by the Payment
Manager administrator to understand which realm is in use and, therefore, how
he can manage that particular realm.
Realm properties
Your new realm may require specific configuration values. You will determine
what these new configuration values are and create new property keywords for
them. Your documentation should instruct your users to place these properties in
the PaymentServlet.properties file. For example, you may need a new property
for the host name of the system where your user registry is held. At startup time,
Payment Manager will read PaymentServlet.properties, instantiate your realm,
and pass all the realm configuration values in PaymentServlet.properties to your
realm’s init() method.
Authentication mechanism
The Payment Manager API uses HTTP post requests to transfer information. The
HTTP request will be made available to your realm’s getAuthenticatedUser()
method so that you can find the authentication information from the request and
determine whether the user issuing the API command is an authenticated
member of the realm or not. You must decide how your realm is going to get this
authentication information. There are three possible mechanisms for
authentication that your realm may use:
If your realm requires only basic authentication (that is, user ID and password),
then Payment Manager supports this via the HTTP authorization header.
PaymentServletRealm contains a convenience method,
getFromHTTPAuthorizationString(), that can be used to read the user ID and
password from this HTTP header.
If user ID and password are not sufficient, you can use Payment Manager’s
PMAUTHOBJECT keyword to pass arbitrary authentication information to the
realm. Again, PaymentServletRealm provides a convenience method,
getPMAuthenticationString(), to allow your realm to retrieve this object from the
HTTP request.
Lastly, it is important to note that Payment Manager does not provide any
restriction on the mechanism a realm uses to authenticate any HTTP request, so
you can decide to implement any authentication method you like.
There are two ways that merchant software links can be coded to achieve single
sign-on:
1. By passing the user ID and password on the link
2. By passing a PMAUTHOBJECT string containing authentication information
Note that passing the user ID and password can often be seen as a security risk,
particularly if this information is not protected by SSL. You should choose
whether you want to achieve single sign-on and, if so, which method you want to
support.
Realm scalability
The Payment Manager user interface will scale to support very large user
registries, providing that the realm is also capable of scaling. When Payment
Manager receives a QueryUsers command, the realm’s getUserNames() method
is called to get the users from the registry. If an inexperienced user queries
Payment Manager for all users in a very large realm, it is possible that:
The query may take a very long time
228 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The Payment Manager JVM may run out of memory while processing the
command. There are two methods that realms can make use of to control
queries for very large numbers of users:
a. The first method is for the realm to limit the number of users it returns to
Payment Manager. A UserList object is provided that is basically a Vector
of user names along with a count of the total number of users that
matched the query. You should decide whether or not you want to limit the
number of users returned in response to a call to the getUserNames()
method.
b. The second method is to make use of the userFilter passed via the
QueryUsers API to the realm’s getUserNames() method. The user filter
should be used to search for a subset of users in the realm. However, its
exact meaning is determined by the realm. The realms provided with
Payment Manager all use this filter as a case-insensitive substring (that is,
getUserNames() will return only user names that contain the filter string).
The filter is made available on the Payment Manager user interface on the
User Search window. You should decide whether you want to follow
Payment Manager’s convention of using this filter as a substring to search
for, or to define this filter in another way.
Realm case-sensitivity
By default all Payment Manager realms are case-sensitive (that is, the user ID
admin is different from the user ID Admin. If you want to provide a
case-insensitive realm, you should override PaymentServletRealm’s
isCaseSensitive() method and return false.
Realm implementation
To write a realm, you must create a subclass of PaymentServletRealm. You can
find the Javadoc for the PaymentServletRealm class and the other classes it
uses in the docs/realmapi directory where Payment Manager is installed. The
subclass you create must provide implementations for the following methods:
getRealmName()
init()
getAuthenticatedUser()
isUserInRealm()
getUserNames()
If you throw a RealmException, the API response will contain a primary return
code of 1062 and a secondary return code of 1068, indicating to the calling
program that the realm could not be initialized. You should ensure that you use
the trace facility so that the exact problem can be diagnosed and corrected.
If you throw a RealmException, the API response will contain a primary return
code of 1062 and a secondary return code of 1069, indicating to the calling
program that a realm error occurred. You should ensure that you use the trace
facility so that the exact problem can be diagnosed and corrected.
230 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Payment Manager ensures that each user it returns on the QueryUsers response
is a valid member of the realm. To do this, it uses the realm’s isUserInRealm()
method. You should return true if the user is a valid member of the realm and any
optional following criteria is met. Otherwise, return false.
If you throwa RealmException, the API response will contain a primary return
code of 1062 and a secondary return code of 1069, indicating to the calling
program that a realm error occurred. You should ensure that you use the trace
facility so that the exact problem can be diagnosed and corrected.
If you throw a RealmException, the API response will contain a primary return
code of 1062 and a secondary return code of 1069, indicating to the calling
program that a realm error occurred. You should ensure that you use the trace
facility so that the exact problem can be diagnosed and corrected.
Tracing
You can enable realm tracing by adding the following line to the
PaymentServlet.properties file and restarting your Web server and WebSphere
Application Server:
RealmTraceFlag=1
Note: You can disable tracing again by removing this line or by setting the value
to ’0’ (zero) and restarting your Web server and WebSphere Application Server.
Trace output is sent to the PSTraceX.log files, which can be formatted with the
provided FormatServletTrace command file. The realm trace output lines can be
identified in the formatted log file by the prefix REALM.
The realm class can trace any information it chooses by using the following code
segment:
if (isTracing()) trace("Hello World!");
For performance reasons, it is good practice to include the test for isTracing(),
since this will avoid making the Java runtime code evaluate the argument of the
trace() method when tracing is disabled.
The field data information that you provide to the user interface is passed to the
PaymentServlet on all Payment Manager commands performed by the user
interface. The realm gets the authentication information from the HTTP request it
receives from the PaymentServlet.
The user interface servlet performs Payment Manager user interface functions
only for authenticated users with proper authorization. To determine whether or
not a user is authenticated, the user interface servlet needs authentication data.
There are multiple sources where the user interface can find authentication data.
Below is a list of sources and the order in which the user interface servlet
accesses them once an HTTP POST is received from a user:
Note: The user interface servlet uses the first authentication data found.
1. If the user has previously logged in during this session, the authentication
data saved when the user logged in originally is used on Payment Manager
commands sent to the PaymentServlet.
2. If a Payment Manager Authentication Object is passed in the FORM data
(using the f_pmauthobject keyword), the authentication data is used on
Payment Manager commands sent to the PaymentServlet.
3. If a username/password is passed in the FORM data, (f_userid and
f_password fields), the authentication data is used on Payment Manager
commands sent to the PaymentServlet.
4. If a username/password is passed in through the Authorization header of the
HTTP POST to the user interface servlet, the authentication data is used on
Payment Manager commands sent to the PaymentServlet.
232 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
When an authentication failure occurs while linking directly to one of Payment
Manager’s user interface Web pages, the sign-on Web page appears and
displays a login prompt. An authentication failure occurs if the PMAUTHOBJECT
value is considered not valid according to the realm.
Testing
To test your realm, you will need to:
Compile the realm
Switch Payment Manager to use the realm
Use the Payment Manager user interface and other programs to test the
realm
Note that information on switching to use the new realm you created can be
found in “How to deploy the new realm” on page 235.
SampleRealm
A sample realm class is provided with Payment Manager with its corresponding
Java source file, SampleRealm.java, in the samples subdirectory. This realm
uses a database table called USERTABLE to hold a list of users along with their
passwords. Since this is only a sample realm, all information is held unencrypted
in the database. The first time SampleRealm is used, it will automatically create
USERTABLE with three users (admin, fred and bob - all with the same
passwords as user names).
When you restart your Web server and WebSphere Application Server, this class
will be enabled.
<HTML>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
<HEAD>
<STYLE TYPE="text/css">
<!--
H1 {font-weight: bold;
color: maroon}
H2 {font-weight: bold;
color: blue}
P {color: black}
-->
</STYLE>
<TITLE>Sample web page linking into Payment Manager's Approve web
page</TITLE>
</HEAD>
<BODY>
<H1>Sample web page linking into Payment Manager UI</H1>
<P>This page shows several examples of how one can link directly to one of
Payment Manager's web pages without going through the logon page. View the
source to see how it is done.</P>
<P><STRONG>Note:</STRONG> You must copy this HTML file to your web server's
234 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
publish directory and point your browser at
http://<hostname>/SampleSingleSignon.html
to test these links.</P>
<HR>
<H2>Example #1</H2>
<p>A text link to the Approve screen using userid/password authentication.
Notice that the userid and password show up as part of the URL.</P>
<P><A
href="/webapp/PaymentManager/PaymentServerUI/Approve?f_userid=admin&f_password=
admin">Click here</A></P>
<HR>
<H2>Example #2</H2>
<P>A FORM (using POST) to go to the Approve screen using userid/password
authentication.
Click the image below to go to the Approve screen:</P>
<HR>
<H2>Example #3</H2>
<p>A FORM (using POST) to go to the Approve screen using PMAUTHOBJECT
authentication.
This example only works when the Payment Manager is setup to run under the
SampleRealm
with a properly setup configuration as described in SampleRealm.java.</P>
</BODY>
</HTML>
To specify which realm should be used, change the RealmClass setting in the
PaymentServlet.properties file to reflect the realm you want to deploy. After
changing the RealmClass setting in the PaymentServlet.properties file, you will
also need to add the realm-specific properties for the realm you just specified.
The following is an example of the PaymentServlet.properties setting needed to
configure the PSDefaultRealm:
RealmClass=com.ibm.etill.framework.payserverapi.PSDefaultRealm
RealmFile=<drive>/myPSRealm
Ensure that the realm class is in the WebSphere Application Server classpath.
When the PaymentServlet is next initialized, your realm class will be loaded and
start being used. If you package your realm into a file called PMRealm.jar, then it
will not be necessary to change the Payment Manager classpath, because this
file name is already included in the classpath.
After updating the RealmClass setting and the realm-specific properties in the
PaymentServlet.properties file, you must restart your Web server and
WebSphere Application Server for these changes to take effect. For information
on restarting your Web server and WebSphere Application Server, see
“Maintaining Payment Manager Security” in IBM WebSphere Payment Manager
for Multiplatforms Administrator’s Guide Version 2.2.
236 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
8.5.1 Exercise software components
During this exercise, you will install from a download zip file the software
components needed to build the Web application. This consists of a set of files
representing a set of HTML pages, some GIF files, two servlets and a file needed
to populate a new database table in the Payment database. The functions of the
main components are described below:
MIACashier1.html
This page creates a simple merchant order page requesting an order number
from the user,. This page calls the first servlet in the Web application
(MIACashier1).
MIACashier1 servlet
This servlet builds the Buy Page and then collects the user input (Order
Number), and passes this as an argument to the second servlet (MIACashier)
in the Web application.
MIACashier servlet
This servlet retrieves the order information from a DB2 table (PM_STORE),
including 100 records about fictitious orders, inserts a record into another
table (PM_ORDSTAT) where the order status is tracked, and calls the
CollectPayment() method to the Cashier using the following parameters for an
automatic approval. The PM_ORDSTAT table columns are:
MERCHANTNBR Merchant number
ORDERNBR Order number
APPROVEAMOUNT The amount approved
DEPOSITAMOUNT The amount deposited
STATUS P - pending (initial status)
A - Approved
D - Deposited
F - Payment declined (Negative Authorization reply)
V - Void (successful AuthRev)
CHECKED 0 initial status, 1 the order status has been updated by
EventDemo1 servlet
The record will be inserted with STATUS = P and CHECKED = 0.
The servlet then issues the CollectPayment() method call to Payment
Manager, passing over to it the required purchase parameters. It then
requests a response to the purchase using the CheckPayment() method.
As you can see in this figure, we used a database called Payman. If you have a
different database name, you will have to substitute this name wherever you see
<db-name>. This database will now have a new table created and this table will be
populated with a number of dummy orders and items. Use the DB2 Control
Center to check that you don’t already have a table called dati.db2 that you will
overwrite.
238 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-5 DB2 Control Center application
240 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
.
4. Expand the Default Server. The Default Server contains the Default Servlet
Engine.
5. Expand the Default Servlet Engine. The servlet engine includes some Web
applications (default_app, admin and examples). We are going to add our
Web application under the servlet engine of the Default Server.
6. To add the Web application we will use the Task Wizard.
Choose the console menu Tasks -> Create a Web Application.
7. Enter Merchant in the Web Application Name text field.
8. Check Serve Servlets By Classname as shown in Figure 8-9.
9. Click Next.
242 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-9 Display showing Create Web Application entries
10.In the resultant window, expand Nodes (there is only one node).
11.Expand the Server Node (your host name).
12.Expand the Default Server Application Server.
13.Select Default Servlet Engine and click Next (see Figure 8-10).
14.in the Web Application Web Path text field, Enter /Merchant (see
Figure 8-11).
15.Click Next.
16.Verify that the document root is
<drive>\WebSphere\AppServer\hosts\default_host\Merchant\web (see
Figure 8-12).
244 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-12 Display showing new Merchant Web application structure
17.Enter
<drive>\WebSphere\AppServer\hosts\default_host\Merchant\servlets
as the first line of ClassPath.
18.Add another ClassPath line <drive>\Program Files\IBM\PaymentManager\ to
the Merchant Web Application definition (see Figure 8-13).
19.Add another ClassPath line <drive>\PROGRA~2\IBM\PAYMEN~1\ to the
Merchant Web Application definition (see Figure 8-13).
20.Click Finish.
21.Expand Default Server then Default Servlet Engine. You will find your
Merchant Web application that you have just created (see Figure 8-12).
246 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Testing the Merchant Web application
To test that the Web application is working, we will create a test servlet within the
application and check that we can execute this from a browser window. Use the
following procedure to do this:
1. Use the WebSphere Administrative Console.
2. Define a servlet under the Merchant Web application. Right-click the mouse
button on the Web Application Merchant, and select Create -> Servlet (see
Figure 8-15).
3. In the Create Servlet window, enter SnoopServlet as the Servlet Name and
Servlet Class Name. Click OK.
4. Restart the Merchant Web application. Right-click Merchant and select
Restart Web App (see Figure 8-16).
248 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-17 Display showing Merchant and SnoopServlet
250 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
userid="admin"
password="admin"
useSSL="false"
/>
2. Replace the parameter SET in the PAYMENTTYPE line in the CollectPayment
section with OfflineCard.
<Parameter
name="PAYMENTTYPE"><CharacterText>SET</CharacterText></Parameter>
becomes
<Parameter
name="PAYMENTTYPE"><CharacterText>OfflineCard</CharacterText></Parameter>
3. While you are making these changes, examine the profile file to understand
the different parameters that are contained within it.
4. Save the file and exit.
4. When you see the Buy page (see Figure 8-19 on the right side) select a
payment option and click Buy. This display collects the data for the Payment
Manager and represents internal workings of the Payment Manager. The
display will finish each time after the buy operation with a browser window
saying: Order Complete. If it displays the message Order Incomplete, you
have not entered the correct configuration data to operate, and you will need
to re-check your settings.
5. Repeat this procedure to create more orders.
252 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
8.6 Merchant integration using Sample Checkout
This is a sample application that allows you to create Payment Manager orders
using any cassette. Source code is included to demonstrate techniques for
integrating storefront software with the Payment Manager in
cassette-independent fashion using the cashier module that is included with
Payment Manager.
Repeat these steps two more times so that you have three orders for which to
process payments.
254 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-21 Display showing Payment Manager Payment Processing menu
2. From the Approve window (see Figure 8-22), check the box next to the order
you want to approve (select only one order for this exercise) and click
Approve Selected.
3. At the Approve Results window, you will see the status of your approve
request. When processing is complete, success or failure status will appear
next to each order submitted for approval. When your approval is complete,
click Return to go back to the Approve window.
256 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The following information displays:
Currency The type of currency used to place this order. This is a
read-only field.
Order Amount The total amount of the order expressed in the
currency used to place the order. This is a read-only
field.
Approved Amount This field displays zeros since no amount of the order
has yet been approved. This is a read-only field.
Deposited Amount This field displays zeros since no amount has yet been
approved or deposited. This is a read-only field.
Approval Amount This is the total amount of the order.
Authorization Code The authorization code returned from the manual
off-line authorization request process. The payment
state is changed to “Approved”.
Decline Reason The decline reason returned from the manual offline
authorization process. The payment state is changed
to “Declined”.
Change the approval amount to 3.00 and click Approve to approve this order for
three dollars.
When approval processing has completed, you will be returned to the Order
window and notified of approval success or failure (see Figure 8-24). You will
notice in the order details that the approved amount has been updated to reflect
the three dollars we specified in the previous step.
The sale function allows you to approve an order and move it directly into
Deposited state, bypassing the Approved state. The sale function automatically
performs an Approve and a Deposit on your order payment (thus, you can think
of the sale function as Approve with auto-deposit). Use the sale function when
you want to expedite the delivery of goods to the buyer and guarantee your
capture of funds (for example, when you are selling downloadable software or
electronic information). However, with the sale function, you lose the ability to set
the authorization or decline reason on the approval. Because the sale function
provides you with the mechanism to merge Approve and Deposit into one
transaction, the sale function is also useful when you are charged on a
per-transaction basis.
258 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Failure status will appear next to each order submitted for sale (see
Figure 8-25).
Figure 8-25 Display showing Approve Results from a ‘Sale All’ operation
2. Check the box next to one of the payments listed and click Deposit Selected.
3. When processing is complete, a Success or Failure status will appear in the
Deposit Results window next to the payment submitted for deposit (see
Figure 8-27).
260 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
4. When your sale is complete, click Return to the Deposit screen.
Note: You can deposit only part of a payment, in much the same way you
approved part of an order:
a. From the Deposit window, click the Payment number for one of the
payments awaiting deposit.
b. The next window is the Payment window. From the Payment window, you
can view payment details. Click Deposit to deposit this payment.
a. On the Order Payment window (see Figure 8-28), change the deposit
amount to 2.00.
a. Click Deposit to deposit this payment for two dollars.
Settling batches
A batch is a collection of payments and credits that are processed as a unit by a
financial institution. A batch is associated with a merchant and an account.
Individual fund transfers are not performed for each individual payment, but
rather a group of transfers is processed so that both the merchant and the
financial institution can agree on the funds that are to be transferred. Before a
batch is closed (that is, the funds are exchanged) there is usually some type of
reconciliation process so that both sides agree on the amounts. The payments
that you deposited in the previous exercise will now appear in a batch. You must
settle this batch in order to initiate processing by the financial institution. To settle
a batch:
262 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
3. Click Search to initiate a batch search (see Figure 8-29).
Note: In addition to using the after and before fields to specify a time range
for the batch search (such as 08/01/99 to 08/15/99), these fields can also be
used to narrow search results by excluding certain batches from the search.
For example, you could search on all batches opened before 08/01/99 and all
batches opened after 08/15/99, thus excluding batches opened between
08/02/99 and 08/14/99.
4. Click the batch number to view information about the batch (see Figure 8-30).
5. From the Batch window (see Figure 8-31), you can view useful batch
information, including the total number and amount of both payments and
credits in the batch. Click Batch Details to see a detailed listing of all
payments and credits in this batch.
264 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-31 Display showing batch summary
6. Click Settle to settle the batch, a Batch Settlement window will appear (see
Figure 8-32).
266 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-33 Display showing Batch Settle Results window
9. When the success message displays, the settle command is complete. The
financial institution is now responsible for the transfer of funds.
Note: You also have the option to delete the settled batch by clicking Delete on
the Settle Results window. When a batch is deleted, all ancillary information
about that batch (that is, payments, credits, and cassette-specific data) is
deleted, as well. If you need to retain all payment data (for example, for audit
purposes), then you should not delete a batch. But if you need to prune outdated
information, you can exercise the Delete Batch option.
In Figure 8-31 you will see the Purge button. This button removes all associated
payments and credits from a Batch object, treating it as if it has just been
created.
Issuing a credit
Credits are issued against orders and can be given for any amount. To issue a
credit, you need to find the order against which you are issuing the credit:
1. In the navigation pane, click Order Search under the Payment Processing
section (see Figure 8-21 on page 255).
268 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Note: In addition to using the after and before fields to specify a time range for
the order search (such as 08/01/99 to 08/15/99). These fields can also be
used to narrow search results by excluding certain orders from the search.
For example, you could search on all orders opened before 08/01/99 and all
orders opened after 08/15/99, thus excluding orders opened between
08/02/99 and 08/14/99.
4. From the order list, click an order number for an order in Refundable state to
view the details of that order.
5. From the Order window (see Figure 8-24 on page 258), click Credit to create
a credit against this order.
6. At the Create Credit window, the following information displays:
Currency The type of currency used to place this order. This is a
read-only field.
Order Amount The total amount of the order expressed in the
currency used to place the order. This is a read-only
field.
Approved Amount The total amount of the order that has been approved
expressed in the currency used to place the order.
This is a read-only field.
Deposited Amount The total amount of the order that has been deposited
expressed in the currency used to place the order.
This is a read-only field.
Credit Amount This field must be completed by the merchant
administrator with the total amount to be credited to
the shopper.
Authorization Reason The authorization code returned from the manual
off-line authorization request process. The credit state
is changed to “Refunded”.
Decline Reason The decline reason returned from the manual off-line
authorization process. The credit state is changed to
“Declined”.
7. Enter the credit amount (can be any amount) and click Credit.
When credit processing has completed, you will be returned to the Order
window (see Figure 8-29 on page 263), and notified of credit success or
failure. You will notice on the Order window that the newly created credit
appears under Credits at the bottom of the window (see Figure 8-34).
The Daily Batch Totals report computes the totals for all batches that were closed
on the date specified in the Search window (see Figure 8-35). Since you did not
specify a search date, the report that was generated contains the current day’s
batch totals. These totals are computed on a per-currency basis, so there is one
line per currency. Note that these totals cover all payments and credits made for
all payment types (not just those made through the CustomOffline cassette).
270 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 8-35 Display showing Daily Batch Totals Report window
You have just completed a day in the life of a Payment Manager administrator
and a Merchant administrator. While individual business models may vary, this
tutorial outlines the basic path to establishing a working Payment Manager and
demonstrates fundamental payment processing implemented through the
Payment Manager. For more information on specific fields in the Payment
Manager user interface, see the online help.
However, be very careful. If you don’t spend the time and effort to fully develop a
cassette to cater for all of Payment Manager’s functions, you are asking for
trouble. Software engineers call this exporting the cost to the customer. In this
case, the merchant will need to justify the effort to do the research, design, and
development necessary to customize their installation to utilize your cassette.
The following details are extracts from the Cassette Developer Cookbook. The
cookbook and related code are available for download through the Cassette
Developers Toolkit link at:
http://ibm.com/software/webservers/commerce/payment/download.html
You will have to sign up for the cassette development program and you will need
the download key available from your local IBM account manager.
After you download the Cookbook.exe, run the file to install it. By default it asks if
you want to extract it to the D:\ drive. You can change this to the root directory of
any drive on your computer and it will create a !pmcassette file to extract into, but
it will mean additional changes to your Payment Manager cassette files.
However, these changes are simple and they are documented in this redbook.
274 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The cookbook is an excellent document and easy to follow. However, with the
release of Payment Manager 2.2, some of the details have been changed. We
have reproduced the first part of the cookbook as a prelude to data shown later in
this redbook.
This naming convention is based on Java rules to avoid name conflicts. These
rules avoid naming conflicts by utilizing the Internet domain name assigned to
your company. The Java system is case sensitive and, by convention, package
names are always lowercase and class names are mixed case with the first
character capitalized.
276 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The properties file is QSIPay.properties (mixed case).
The name of the file containing the XML document used to display and modify
cassette-dependent information on the user interface windows is
QSIPay.en.pspl (for an English version).
The name of the cassette class is QSIPayCassette (mixed case) or, as a fully
qualified name, com.qsi.ibmetill.qsipaycassette.QSIPayCassette.
The name of the cassette query class is QSIPayCassetteQuery (mixed case)
or, as a fully qualified name,
com.qsi.ibmetill.qsipaycassette.QSIPayCassetteQuery.
278 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
9.2.4 Prepare the base files
This section describes the steps required to prepare the base files for your new
cassette. It assumes that you have installed Payment Manager and that it is
working. Furthermore, the cookbook assumes that you have installed the
cookbook materials on your D: drive in a directory named D:\!PMCassette. This
is not essential, but if you wish to install the base files elsewhere you must make
some configuration changes.
The only purpose of the exclamation point in the directory name is to cause the
directory name to float to the top of an alphabetical directory list.
Throughout the following steps, windows from Visual SlickEdit show how each
step is carried out. However, you do not have to use this editor program to write
you own cassette. The Visual SlickEdit windows will help you no matter what
editor program you use, since the principles are exactly the same. You are
basically using the Search and Replace function for the editor you have chosen
to use to update the raw LdbCard files with your own data.
1. Use your favorite text editor and edit D:\!PMCassette\CreateCassette.cmd.
Note that near the beginning of this script, the working directory is set to
D:\!PMCassette.
D:
CD D:\!PMCassette
SET OLDDIR=com\ibm\etill\ldbcardcassette
SET NEWDIR=com\ibm\etill\ldbtestcassette
SET NEWCASSETTE=LdbTest
We did not have a D drive, so cookbook files were put into C:\!PMCassette
directory.
2. Change com.ibm.etill.ldbcardcassette to your package name.
3. Change NEWCASSETTE to your cassette name.
Using the name convention outlined in “Cassette developed by a third party”
on page 276, we changed the CreateCassette.cmd file to:
C:
CD C:\!PMCassette
SET OLDDIR=com\ibm\etill\ldbcardcassette
SET NEWDIR=com\qsi\ibmetill\qsipaycassette
SET NEWCASSETTE=QSIPay
4. Save the updated CreateCassette.cmd.
5. Execute the updated the CreateCassette.cmd, which will create the raw base
files for your new cassette and copy them into your new cassette directory. If
all goes well, the result should look like Figure 9-1.
6. If you are using Visual SlickEdit, this is a good time to create a project file for
your cassette. The Compile, Build, Rebuild, Make JAR, and Install tools in the
Build menu list will operate on your base cassette files. These tools all
assume that the editor’s current directory is the directory that contains your
base files. The instructions are for Visual SlickEdit Version 5.
a. From the Visual SlickEdit menu bar, select Project -> Open Workspace.
b. In the open Workspace window, navigate to D:\!PMCassette and select
!PMCassette.vpw. Click Open.
c. From the Visual SlickEdit menu bar, select Project -> Workspace
Properties.
d. In the Workspace Properties window, click Add.
e. In the Add files to Workspace window, navigate to D:\!PMCassette, select
the file with the file name that matches your cassette name and the file
type of .vpj, and click Open.
f. Back in the Workspace Properties window, select the project file you have
just added and click Set Active, then close the Workspace Properties
window.
g. From the Visual SlickEdit menu bar, select Project -> Project Properties.
h. In the Project Properties window, select the Open Command tab. You will
see Figure 9-2.
280 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 9-2 Display of Open Command window
i. On the line that begins set target, replace the LdbCard file name prefix
with the name of your cassette.
j. On the line that begins set jdkdir, check and adjust the directory path to
your JDK if necessary.
k. On the line that begins set workdir, change the
com\ibm\etill\ldbcardcassette directory with the directory name that
contains your new base files. Click OK to save the changes and close the
window.
Note: The remaining steps are required to assure that the changes made on
the Open Command tab take effect.
l. From the Visual SlickEdit menu bar, select Project -> Close Workspace.
m. From the Visual SlickEdit menu bar, select Project -> Open Workspace.
In the Open Workspace window, navigate to D:\!PMCassette and select
!PMCassette.vpw and click Open.
7. Change to the directory that holds all your cassette files (see Figure 9-3).
Change all occurrences of LdbCard (be sure to use this exact case) to the
name of your cassette (be sure to specify the exact case of your cassette
name) in every base file. Remember, your cassette name was determined in
the “Cassette developed by IBM” on page 276 or the “Cassette developed by
a third party” on page 276.
One way to do this is to open all your cassette files in your cassette directory
with an editing tool that allows you to do a Replace All operation in all open
files.
If you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3) by double clicking it and then
clicking OK.
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers >> to get the expanded
Replace window
d. In the expanded Replace window, enter LdbCard in the Search for: text
box, enter your cassette name in the Replace with: text box, select the
Match case option, enter *.* in the Files: text box, and click Replace All
(see Figure 9-4).
282 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 9-4 Display showing replacing cassette name (mixed case)
8. Using your favorite editing tool, change all occurrences of LDBCARD (be sure
to use this exact case) to the name of your cassette name in uppercase (be
sure to specify the exact case) in every base file. Remember, your cassette
name was determined in the , “Cassette developed by IBM” on page 276 or
the Section , “Cassette developed by a third party” on page 276.
One way to do this is to open all your cassette files in your cassette directory
with an editing tool that allows you to do a Replace All operation in all open
files.
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers >> to get the expanded
Replace window
d. In the expanded Replace window, enter LDBCARD in the Search for: text
box, enter your cassette name in uppercase in the Replace with: text box,
select the Match case option, enter *.* in the Files: text box, and click
Replace All (see Figure 9-5).
9. Using your favorite editing tool, change all occurrences of the Payment
Manager database name PSADMIN (be sure to use this exact case) with the
database name for your Payment Manager installation (be sure to specify the
exact case) in every base file.
One way to do this is to open all your cassette files in your cassette directory
with an editing tool that allows you to do a Replace All operation in all open
files.
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers >> to get the expanded
Replace window.
d. In the expanded Replace window, enter PSADMIN in the Search for: text
box, enter your Payment Manager database name in the Replace with:
text box, select the Match case option, enter *.* in the Files: text box, and
click Replace All (see Figure 9-6).
284 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 9-6 Display showing replacing database name
10.Using your favorite editing tool, change all occurrences of the directory name
com\ibm\etill\ldbcardcassette (be sure to use this exact case) with the name
of the directory for your cassette (be sure to specify the exact case) in every
base file. Remember, your directory name was determined in the “Cassette
developed by IBM” on page 276 or the “Cassette developed by a third party”
on page 276.
One way to do this is to open all your cassette files in your cassette directory
with an editing tool that allows you to do a Replace All operation in all open
files.
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers to get the expanded
Replace window.
d. In the expanded Replace window, enter com\ibm\etill\ldbcardcassette
in the Search for: text box, enter your directory name in the Replace with:
text box, select the Match case option, enter *.* in the Files: text box, and
click Replace All (see Figure 9-7).
11.Using your favorite editing tool, change all occurrences of the package name
com.ibm.etill.ldbcardcassette (be sure to use this exact case) with the
package name for your cassette (be sure to specify the exact case) in every
base file. Remember, your package name was determined in“Cassette
developed by IBM” on page 276 or in“Cassette developed by a third party” on
page 276.
One way to do this is to open all your cassette files in your cassette directory
with an editing tool that allows you to do a Replace All operation in all open
files.
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers to get the expanded
Replace window.
d. In the expanded Replace window, enter com.ibm.etill.ldbcardcassette
in the Search for: text box, enter your package name in the Replace with:
text box, select the Match case option, enter *.* in the Files: text box, and
click Replace All (see Figure 9-8).
286 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 9-8 Display showing replacing package name
12.If you are using the default drive of D: for your !pmcassette directory then skip
this step. If you are using some other drive, then you will have to make these
changes.
Using your favorite editing tool, change all occurrences of the drive name D:
with the drive name for your cassette. You only need to change
YourCassetteName#Build.cmd and YourCassetteName#Install.cmd files. All
other command files will remain unchanged.
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
c. In the Replace window, click Files -> Buffers to get the expanded
Replace window.
d. In the expanded Replace window, enter D: in the Search for: text box,
enter your directory name in the Replace with: text box. There is no need
to select the Match case option. Enter *.* in the Files: text box, and click
Replace All (see Figure 9-9).
Caution: If your !pmcassette directory resides on your C: drive, this is a
one-way step, because there are other occurrence of C: in your .cmd files.
If you try to change it back using this method, you will make incorrect
changes to your files.
13.If you are using the default JDK directory of C:\jdk1.1.8, then skip this step. If
you are using some other directory, then you will have to make these
changes.
Using your favorite editing tool, change all occurrences of the default JDK
directory location C:\jdk1.1.8 with the JDK directory location for your
computer. You only need to change YourCassetteName#Build.cmd file. All
other command files will remain unchanged.
Note: In your directory path do not use directory paths with spaces in them.
Example:
SET JDKDIR=C:\Program Files\SQLLIB\Java\jdk
will produce errors and needs to be:
SET JDKDIR=C:\Progra~1\SQLLIB\Java\jdk
On the other hand if you are using Visual SlickEdit, you can use these steps:
a. If necessary, navigate to the directory that contains your cassette files and
make it the current directory (see Figure 9-3).
b. From the menu bar, select Search -> Replace.
288 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
c. In the Replace window, click Files -> Buffers to get the expanded
Replace window.
d. In the expanded Replace window, enter C:\jdk1.1.8 in the Search for:
text box, enter your JDK directory location in the Replace with: text box.
There is no need to select the Match case option. Enter *.* in the Files:
text box, and click Replace All (see Figure 9-10).
290 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
18.Repeat step e above, for each of the following methods:
– capturePayment()
– voidPayment()
– captureCredit()
– voidCredit()
– settleBatch()
19.Build your cassette and copy the updated files into the Payment Manager
directories using your cassette’s YourCassetteName#Build.cmd script. Do this
by opening a DOS window and navigating to your !pmcassette directory.
Enter YourCassetteName#Build.
Note:The first time you run this script, there are no .class files to delete and
an error message will appear. Just ignore this message in this case (see
Figure 9-11).
If you get other errors you have made a mistake with either your naming
conventions or your previous steps. Remember you can always add
additional echo commands into the YourCassetteName#Build.cmd
parameters to track down what is failing.
21.If you find it convenient to use shortcuts to execute command scripts, you will
need to modify a few of the provided shortcuts so they will execute your
cassette’s command scripts instead of the LdbCard command scripts.
a. Select Start -> Programs -> Windows -> Windows Explorer.
b. In the Exploring window, navigate to the directory that contains your
cassette and open the Shortcuts directory.
c. In the right-hand file list, right-click your cassette’s Build shortcut and
select Properties on the pop-up menu.
d. In the resulting Properties window, select the Shortcut tab. In the Target:
text field, find and replace LdbCard with the name of your cassette.
Note: Do not change the working directory. By convention, your command
scripts assume that the Payment Manager directory is the current
directory.
Click OK.
e. Repeat step d for each of the following shortcuts:
i. Get Engine Trace
ii. Get Servlet Trace
292 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
iii. Install - the original path for the Target specified for this shortcut is
incorrect for PM2.2 and will have to be changed from:
"C:\Program Files\IBM\PaymentManager\SQLLIB\bin\db2cmd.exe"
To the path for DB2cmd.exe file in your computer. For example:
"C:\Program Files\SQLLIB\bin\db2cmd.exe"
iv. Remove - the original path specified for this shortcut is incorrect for
PM2.2 and will have to be modified as above.
v. Restore PostInstall - the original path specified for this shortcut is
incorrect for PM2.2 and will have to be modified.
vi. Restore PreInstall - the original path specified for this shortcut is
incorrect for PM2.2 and will have to be modified as above.
vii. Start Payment Manager - In addition, add a space and then your
password you use when you log on to the workstation to the end of the
Target. For example:
"C:\Program Files\IBM\PaymentManager\QSIPay#StartManager.cmd"
password
viii.Wipe Out - the original path specified for this shortcut is incorrect for
PM2.2 and will have to be modified to be the same as above.
ix. Save DB - the original path specified for this shortcut is incorrect for
PM2.2 and will have to be modified to be the same as above. You will
also have to change the Payment Manager database name from
PSADMIN to the name of your database name. For example:
"C:\Program Files\SQLLIB\bin\db2cmd.exe" db2 BACKUP DATABASE PAYMAN
TO C:\QSIPay\TestStart
As well as the Target directory, the Start In: directory will also have to
be modified to correspond with the above directory. However, this must
be in short DOS format - for example:
C:\Progra~1\SQLLIB\bin\
x. Test DB - the original path specified for this shortcut is incorrect for
PM2.2 and will have to be modified to be the same as above. You will
also have to change the Payment Manager database name from
PSADMIN to the name of your database name. In addition, delete the &
character and all characters from there to the end of the line. For
example:
"C:\Program Files\SQLLIB\bin\db2cmd.exe" db2 RESTORE DATABASE PAYMAN
FROM C:\QSIPay\TestStart REPLACE EXISTING
f. For convenience, you may want to copy these shortcuts or the ShortCuts
directory to your desktop.
Verify the Classpath in Use is the fully qualified classpath for the
eTillClasses.zip file. In most cases this will be the case.
Note: Short DOS names are used for directory names in this classpath.
If this is not the case, place the cursor on the end of the string in the
Classpath text field and enter a semi-colon (;). Then add the classpath of the
eTillClasses.zip file in short DOS format.
Click Apply and then right-click PaymentManagerApplication. Choose
Restart Web App to cause the changes to take effect.
25.In the navigation pane, click Log Off.
26.Close the browser, shut down, and restart your workstation.
294 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
27.Install your cassette into the Payment Manager and create your cassette’s
database tables using your cassette’s #Install script or its associated shortcut.
Note: This script will automatically back up the Payment Manager database
before it creates this version of the cassette database tables. When your
cassette tables are incrementally refined, this backup must be restored with
the #RestorePreInstall script or its associated shortcut.
28.You now have a primitive cassette. To start the Payment Manager with your
cassette, use your cassette’s #StartManager script or its associated shortcut.
Use the Payment Manager user interface to create a new merchant (by
convention, use merchant number 100) that is authorized to use your
cassette. Then create an new account (by convention, use account number
1000) for that merchant to use your cassette). Follow the directions in 8.6,
“Merchant integration using Sample Checkout” on page 253 or Appendix D of
the cookbook to set up a sample store and create a few orders. Use the
Payment Manager user interface to approve them, deposit them, reverse
them, refund them, settle the batch, and so on.
Run the file payGenInstall.exe and extract it to your !pmcassette directory. In the
following instructions the directory will be labeled X: where X is the value of your
drive where your !pmcassette directory is located.
296 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
The directory X:\!PMCassette\PayGenTestCases contains all the payGen test
scripts used to perform regression testing on the LdbCardCassette. Although
there are only eight scripts that exercise the cassette, over 70% of the cassettes
code is tested. Note that the file type of a payGen script is .ps . To execute a
given script, you simply pass its file name as a parameter to the customized
batch file.
1. Using your favorite text editor, edit
X:\!PMCassette\PayGen\LdbCardTest0.bat. If necessary, modify the path to
java.exe and the classpath values so they are suitable for your environment.
Save the file using a file name that you will recognize. For example, if your
cassette name is QSIPay you could choose a name such as
QSIPayTest0.bat. The 0 (zero) suffix is convenient because, to run multiple
independent test scenarios at the same time, you will need a unique batch file
for each active scenario.
2. Using your favorite text editor, edit
X:\!PMCassette\PayGen\LdbCardTest0.properties. Modify the HOSTNAME
property value to match the host name where your Payment Manager test
system is running. Save the file using the same file name that you used in the
step above with a file type of .properties. PayGen finds the correct properties
file by matching the name of the batch file that invokes the payGen
application.
3. Test your batch file and your properties file by running the test script named
About.ps. Open a command prompt, change to the payGen directory, and
enter:
java -DFILE=LdbCardTest0.properties payGen about.ps
The usage for the payGen command is:
java -DFILE=fff payGen [[[testfilename] | [testdirname]] ... ]
where fff is the properties file that contains all the settings
or
java -Dxxx=yyy payGen [[[testfilename] | [testdirname]] ... ]
where xxx can be:
HOSTNAME, PORT, USER, PASSWORD, SERVLET, BRAND, $BRAND,
MERCHANTNUMBER, ACCOUNTNUMBER, ETAPIVERSION, THREAD, LOGPATH,
LOOP, INTERFACE, FILE, STATEFILE, BUYER, DEBUG, CALUSINGSSL,
CALSOCKSSERVERHOSTNAME, CALSOCKSSERVERPORT, VALIDATE, DELAY,
DELAYPERSCRIPT, DELAYPERLOOP, MAXHOURS, STARTBROWSER, KEEPALIVE,
HTTPVERSION, HTTPMETHOD, USINGSSL, PAUSEIFTESTFAILED,
STOPIFTESTFAILED, RETRYIFTESTFAILED, SAVEOUTPUTIFTESTFAILED
MIN$COUNT CURRENT$COUNT MAX$COUNT
298 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
X:\PMCassette\PayGen\Readme.txt. This file contains all the payGen
documentation.
– Be sure to validate that the database tables are updated correctly. Since
the Query command examines the database, not the objects in memory, it
can be used to automate this test.
– Be sure to validate the primary and secondary return code values
returned.
– Be sure to validate that the framework object states change correctly.
– Be sure to validate that the state checks are performed correctly.
– Be sure to test every supported platform.
6. There are also two other shortcuts that have not been mentioned until now.
These are YourCassetteName Get Engine Trace and YourCassetteName Get
Servlet Trace. These are both command scripts that convert the binary trace
outputs from Payment Manager to ASCII so you can follow them. You will
have to change the classpaths and other parameters to use them on your
computer.
At present the scripts are set up for the editor program of Visual SlickEdit.
However, you can change this to your favorite editor, such as EditPlus. Simply
change the vs in vs %DST% and vs %SRC%\PSError to an editor that allows
you to nominate a file. If it is not in your path you will have to add your path to
the command, for example, c:\Progra~1\EditPl~1\editplus.exe %DST%.
If you would like to use LdbCard as a practice cassette, the following steps
describe how modify to the LdbAccount class to make it independent of the
payment appliance so you can use it.
300 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
%JDKDIR%\bin\javac %WORKDIR%\LdbCardCassette.java
%JDKDIR%\bin\javac %WORKDIR%\LdbCardCassetteQuery.java
4. Rebuild the LdbCardCassette.jar using the Make JAR tool in the Visual
SlickEdit project or with the following commands, with the appropriate
changes to the code, for example JDKDIR and WORKDIR locations, etc.
X:
CD X:\!PMCassette
SET JDKDIR=C:\jdk1.1.8
SET WORKDIR=com\ibm\etill\ldbcardcassette
SET TARGET=LdbCardCassette.jar
XCOPY %WORKDIR%\*.properties .\
%JDKDIR%\bin\jar cf0 %TARGET% %WORKDIR%*.class *.properties
ERASE *.properties
COPY %TARGET% %WORKDIR%\lib
5. Use your favorite text editor to edit LdbCard#StartManager.cmd. Find all
instances of the string “ldbader” and replace them with the workstation user
ID used to install the Payment Manager. Note that this command file takes
one parameter (find “%1”), the password used to authenticate this user ID.
6. Copy the LdbCard files into the production system using the Install tool in the
Visual SlickEdit project or with the following commands, with the appropriate
changes to the code, for example JDKDIR and WORKDIR locations, etc.
X:
CD X:\!PMCassette
SET WORKDIR=com\ibm\etill\ldbcardcassette
SET ETILLDIR=C:\Program Files\IBM\PaymentManager
XCOPY %WORKDIR%\*.cmd "%ETILLDIR%"
XCOPY %WORKDIR%\*.sql "%ETILLDIR%\Archive"
XCOPY %WORKDIR%\*.PSPL "%ETILLDIR%\pspl"
XCOPY %WORKDIR%\lib\*.* "%ETILLDIR%"
7. Install the LdbCard cassette into your production system by opening a DB2
command window and executing the LdbCard#Install.cmd script that was
copied into your production system in step 6 in the resulting command
window.
8. Start the Payment Manager using the LdbCard#StartManager.cmd script. Be
sure to specify a parameter, namely the password necessary to authenticate
the user ID you placed into the command file.
9. Use the Payment Manager user interface and log on to Payment Manager
(the default user ID and password are both admin), create a merchant that is
authorized to use LdbCard, and create an LdbCard account for the merchant
(the values specified for account parameters won’t matter).
10.Make some purchases with the sample store.
The Sample Store provided with the cookbook materials overcomes these
limitations and can be used to generate Payment Manager orders to help you
test your cassette. The index.html file included in the Sample Store contains a
sample buy page containing an HTML form that uses an HTTP POST request to
invoke the Sample Store servlet. In turn, the servlet uses the parameters passed
on the POST request to issue an AcceptPayment command to the Payment
Manager. See Table 9-1 to understand the relationship between the form and the
servlet’s actions.
Table 9-1 Cookbook servlet actions
HTML form parameter Servlet action
302 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
HTML form parameter Servlet action
Any parameter that begins with $ The keyword and its value are passed as
cassette dependent protocol data.
304 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
http://www.ibm.com/software/webservers/commerce/payment/download.
html
In the Cassette Kit Programmer’s Guide (the PDF version), see pages
103-104 in Chapter 2 to understand the differences in the document
styles.
See pages 107-109 in Chapter 2 to learn how to create the external
properties file. Note file names are case sensitive and must follow the
naming conventions documented.
See pages 109-129 in Chapter 2 to learn how to code the PSPL tags. For
each tag that permits external properties, pay special attention to the
textid= attribute, which references strings in the external properties file.
See pages 129 for information on how to debug PSPL problems.
Two example files LdbCardUI.properties and LdbCard.PSPL are provided
in our redbook additional material for you to use. See Appendix A,
“Additional material” on page 317 for details on obtaining sample code.
If no cassette dependent fields are displayed, the most likely cause is
invalid PSPL introduced by the cassette developer. The cassette
developer should first look in the C:\Program
Files\IBM\PaymentManager\log\PSError file for error messages that
describe the problem. If the information there is insufficient to find the
problem, follow the instructions on page 129 in the Cassette Kit
Programmer’s Guide.
The next most likely cause is an invalid file name, either for the PSPL or
for the external properties files. Remember, property file names are case
sensitive. Furthermore, the files must be placed in the correct directory. Be
sure you follow the naming conventions documented in the Cassette Kit
Programmer’s Guide. Check each name three times.
Cashier
The cashier is a Java class library that allows the integration of merchant
application software with Payment Manager without having to write any code that
is specific to any given cassette. This allows the addition of new cassettes into
the merchant environment without having to rewrite any of the merchant
application software. Cassette independence is accomplished by creating
XML-based cashier profiles that describe all the cassette-specific parameters
that are needed to create a Payment Manager order. Once this profile is
available, the merchant software calls the cashier (instead of calling the Payment
Manager directly) to interpret the profile, build the appropriate AcceptPayment or
ReceivePayment command, and then send that command to the Payment
Manager. In addition, merchant applications can profile information to
dynamically build checkout/buy pages that present the list of available payment
options to the buyer.
306 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Branding
The user interface is enhanced so that you can change the appearance of the
IBM WebSphere Payment Manager 2.2 user interface by supplying customized
files. See 8.1, “Customization” on page 212 of this redbook. The user interface
appearance can be altered in several ways. Customization includes the ability to:
Change the masthead banner.
Add HTML links to other pages. This technique can be used to attach
customized reports to the Payment Manager user interface.
Change the stylesheet (colors, fonts, sizes, etc.).
Change certain text within the user interface.
You can retrieve the LdbCard cassette and its accompanying documentation
from the same Web site from which you downloaded this Cassette Kit
Programmer’s Guide. The LdbCard code is explained in this chapter, and we help
you through the process of modifying the LdbCard code to implement your own
cassette. For many people, this documentation will provide most of what you
308 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
need. In other cases, however, LdbCard’s simplifying assumptions may not apply
to the given payment protocol. Other cassettes may need to use framework
features that are not used in LdbCard. In these cases, you should still use
LdbCard’s infrastructure as your starting point, augmenting its design as
necessary to suit your needs.
LdbCard is a complete and fully functioning cassette upon which you can build
your own cassette. The number of extensions and modifications to the LdbCard
design will vary according to the needs of your cassette.
For full details about the KitCash cassette, see the Cassette for KitCash
Supplement which is included in the KitCash download files.
Test harness
The KitCash card is implemented in software by a KitCashDriver class. No
special hardware is required to run the sample code. The KitCash test harness
allows you to see how the cassette interacts with other Internet payment
software. The KitCash test harness includes:
KitCash wallet (Java applet)
Merchant Web site with products for sale
Merchant code (Java servlet) to process consumer purchase requests
KitCash bank (Java application) to receive deposits from a merchant
310 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Ensure that you comply with the specifications in Table 9-2 on page 312.
To install the cassette for KitCash with Payment Manager, do the following:
1. Copy the KitCash compressed file to a directory and uncompress it. You
should name this directory /kitcashcassette (for AIX and Solaris) and
c:\kitcashcassette (for Windows NT and Windows 2000), since this example
uses these directory names.
312 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
WebSphere Application Server WebSphere Application Server 3.x
2.0.3
None of the following programs should be The WebSphere Administrative Console
running during the cassette installation: should be running at cassette installation.
WebSphere Application Server
Any other Web server products
3. Copy the KitCash JAR file to the Payment Manager install directory.
– On AIX and Solaris:
Copy /kitcashcassette/lib/eTillKitCashClasses.jar to
<PaymentManagerInstallDirectory>
– On Windows NT and Windows 2000:
Copy c:\kitcashcassette\lib\eTillKitCashClasses.jar to
<PaymentManagerInstallDirectory> (see Figure 9-19).
4. Copy the Cassette for the KitCash PSPL file to the Payment Manager PSPL
directory.
– On AIX and Solaris:
314 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Figure 9-20 Display showing new merchant directory with KitCash files
Select the Additional materials and open the directory that corresponds with
the redbook form number, SG246177.
318 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Related publications
The publications listed in this section are considered particularly suitable for a
more detailed discussion of the topics covered in this redbook.
IBM Redbooks
For information on ordering these publications, see “How to get IBM Redbooks”
on page 323.
WebSphere Commerce Suite V5.1 Handbook, SG24-6167
WebSphere Commerce Suite V5.1 Customization and Transition Guide,
SG24-6174
Mobile Commerce Solutions Guide using WebSphere Commerce Suite V5.1,
SG24-6171
WebSphere Scalability: WLM and Clustering Using WebSphere Application
Server Advanced Edition, SG24-6153
Other resources
These publications are also relevant as further information sources:
IBM WebSphere Payment Manager for Multiplatforms Programmer’s Guide
and Reference Version 2.2
This product document is shipped with WebSphere Payment Manager or can
be downloaded from:
http://ibm.com/software/webservers/commerce/paymentmanager/lib.html
IBM WebSphere Payment Manager for Multiplatforms Install Guide Version
2.2
This product document is shipped with WebSphere Payment Manager or can
be downloaded from:
http://ibm.com/software/webservers/commerce/paymentmanager/lib.html
IBM WebSphere Payment Manager for Multiplatforms Administrator’s Guide
Version 2.2
This product document is shipped with WebSphere Payment Manager or can
be downloaded from:
http://ibm.com/software/webservers/commerce/paymentmanager/lib.html
Payment Registry
http://ibm.com/software/webservers/commerce/paymentregistry/features
.html
Payment overview
http://ibm.com/software/webservers/commerce/payment/
Payment Gateway
http://ibm.com/software/webservers/commerce/payment/paymentgateway/fe
atures.html
Vital Processing Services
http://www.vitalps.com
320 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
IBM Announcements
http://www.ibm.com/news/usalet
Cassette for VisaNet supplement
http://ibm.com/software/webservers/commerce/payment/docs/paymgr221vis
anet.pdf
Payment Manager support
http://ibm.com/software/webservers/commerce/paymentmanager/support/ind
ex.html
Payment Manager payment cards (cassettes) list
http://ibm.com/software/webservers/commerce/payment/paymentcards.htm
l
Bankserv
http://www.bankserv.com
ClearCommerce
http://www.clearcommerce.com
CyberCash
http://www.cybercash.com/
CyberSource
http://www.cybersource.com
GlobalCollect
http://www.globalcollect.nl
GO Software
http://www.pccharge.com
Lynk Systems
http://www.lynksystems.com
Verisign payment processing services
http://www.verisign.com/products/payment.html
Payment Manager 2.1 support
http://ibm.com/software/webservers/paymgr/support/sbull.html
Integrating Payment Manager and WebSphere Commerce Suite Marketplace
Edition
http://ibm.com/software/webservers/commerce/epit/mpepm.html
322 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
How to get IBM Redbooks
You can order hardcopy Redbooks, as well as view, download, or search for
Redbooks at the following Web site:
ibm.com/redbooks
Information in this book was developed in conjunction with use of the equipment
specified, and is limited in application to those specific hardware and software
products and levels.
IBM may have patents or pending patent applications covering subject matter in
this document. The furnishing of this document does not give you any license to
these patents. You can send license inquiries, in writing, to the IBM Director of
Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785.
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact IBM Corporation, Dept.
600A, Mail Drop 1329, Somers, NY 10589 USA.
The information contained in this document has not been submitted to any formal
IBM test and is distributed AS IS. The use of this information or the
implementation of any of these techniques is a customer responsibility and
depends on the customer's ability to evaluate and integrate them into the
customer's operational environment. While each item may have been reviewed
by IBM for accuracy in a specific situation, there is no guarantee that the same or
similar results will be obtained elsewhere. Customers attempting to adapt these
techniques to their own environments do so at their own risk.
Any pointers in this publication to external Web sites are provided for
convenience only and do not in any manner serve as an endorsement of these
Web sites.
Java and all Java-based trademarks and logos are trademarks or registered
trademarks of Sun Microsystems, Inc. in the United States and/or other
countries.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of
Microsoft Corporation in the United States and/or other countries.
UNIX is a registered trademark in the United States and other countries licensed
exclusively through The Open Group.
SET, SET Secure Electronic Transaction, and the SET Logo are trademarks
owned by SET Secure Electronic Transaction LLC.
326 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
Abbreviations and acronyms
2KP 2 key pairs JTA Java transaction API
3KP 3 key pairs LDAP Lightweight Directory Access
API Application Programming Protocol
Interface MCK Merchant Connection Kit
ASP Application Service Provider MIA Merchant Initiated
AVS Address Validation Service Authorisation
Numerics C
CA 111
1-tier 32, 38
CAL 22
2KP 114
card issuer 111
2-tier 32
cashier 306
3-Domain SET 117
cashier framework 236
3KP 114
cashier profile 178, 250
3-tier 34
cashier profile for Set wallet 178
cassette 7, 13, 17, 25, 43, 159, 184
A account class 295
AcceptPayment 307 batch class 296
account class 295 credit class 296
ACH 163, 166 data model 295
acquirer 110, 111, 113 design 308
acquirer domain 117 development 273
Address Verification Service 308 order class 296
administration 7 payment class 296
AIX 41 testing 296
APACS 162 Cassette Developer Cookbook 274
Application Service Provider 3 Cassette Developer Toolkit 278
architecture 16, 30, 32 cassette for VisaNet 141, 143
ASP 3, 6 Cassette Kit Programmer’s Guide 305
Association for Payment Clearing Services 162 certificate 6, 61, 110, 111
asynchronous approvals 307 certificate authority 111
Atos IPS 163 ClearCommerce 164
Atos Poseidon Internet Payment System 163 Commerce Suite realm 170, 184
authentication 6, 17, 109, 110, 111 confidentiality 110
authorization 185 consumer certificate 128
AVS 308 consumer wallet 112
controller commands 175
coupons 12
B
B2B 11 credit cards 3, 12
B2C 11 credit class 296
BankServ 163 credit issuing 267
BankServACH 163 CTS 165
batch 261 currency 142
settle 261 CustomerOffline 184
batch class 296 customization 212
batch totals 270 CustomOffline 164
brand 123 CyberCash 7, 165
branding 212, 307 CyberSource 165
brands 13 CyberSource Transaction Server 165
E K
ECML 15 KitCash cassette 273, 309
Electronic commerce modelling language 15
encryption 65, 145
e-Visa 142 L
EXTSHM 47 LDAP 222
LdbCard 274, 278, 299
luhn check 13
F Lynk Systems 166
FDMS 165
First Data Merchant Services 165
frame relay 143, 145 M
framework 13, 23 MasterCard 109, 123
full SET 114 MCK 165
merchant 5, 17, 32, 110, 111, 113, 142, 145, 150
merchant administrator 184
G merchant certificate 128
GlobalCollect 166 Merchant Initiated Authorization 114, 128
Merchant Originated Payment 115
H merchant profile 150
HACMP 33 MIA 114, 128
half SET 114 MIACashier 250
MOP 115
I
IBM HTTP Server 6, 16, 31, 277 N
InFashion 183 Net8 86
installation 29 Netscape Communicator 55
AIX 41 network dispatcher 34
planning 30 ntservice 40
SET cassette 117
Solaris 53
Windows 37
O
OfflineCard 43, 164, 184
installments 12 Oracle 16, 54
integrity 110 Oracle8i 66
interchange domain 117 order class 296
iPlanet 54 orders 254
iPlanet Web Server 57 approving 254
330 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
P services 40
Payflow Pro 166 SET 3, 6, 7, 14, 109, 162, 166
PayGen 278 architecture 110
PaylinX 166 SET extension 114, 116
payment class 296 SET wallet 178, 192
Payment Engine 20, 21, 23 shopping basket 13
payment gateway 113 Signio 166
Payment Manager API 13, 15, 18 Single sign-on 226
Payment Manager framework 308 SOCKS 191
Payment Manager Presentation Language 19 SSL 3, 19, 29, 59, 107, 114
Payment Manager Query engine 21, 24 stylesheet 212, 220
Payment Manager role 183
Payment Manager servlet 20
Payment Manager user interface 19
T
tablespace 84
payment protocol 14, 17, 159 TCL 50
Payment Registry 111 tracing 231
payment server 113 transaction 5, 110
Payment Server Presentation Language 275 trust 109
PMCustomUI.properties 212, 219
PPP 145
prerequisites 31 U
PSDefaultRealm 223 UDB 7, 16
PSPL 19, 23, 275 UI servlet 21, 22
PSWAS2Realm 223 Universal DataBase 7
purchase orders 11 users 222
PVC 145 UUNET 145
R V
realm 170, 222 VeriSign 109, 166
ReceivePayment 307 VIPG 143
Redbooks Web site virtual hosts 35, 107
Contact us xiii Virtual Private Network 145
remote database 40 VirtualNet IP Gateway 145
remote HTTP server 41 Visa 109, 117, 123
RiTA 166 Visa 2nd Generation 143
Visa Authenticated Payment 142
Visa VirtualNet Internet Payment Gateway 143
S VisaNet 141, 167
sale function 258 Vital Processing Services 142
Sample Checkout 253
sample checkout 133
Sample Store 302 W
SampleCheckout 151, 306 wallet 14, 128
SampleRealm 233 wcsadmin 183
Secure Electronic Transaction 3, 109 WebSphere Application Server 16, 30, 277
Secure Socket Layer 3 WebSphere Application Server, Advanced Edition
security 5 7
server-based wallet 112 WebSphere Commerce Suite 6, 13, 20, 169, 274
service providers 17 WebSphere Commerce Suite Marketplace Edition
Index 331
169
wireless payments 10
X
XML 16, 19, 24
332 e-commerce Payment Solutions Implementation and Integration using IBM WebSphere Payment Manager
e-commerce Payment Solutions Implementation and Integration Using IBM WebSphere Payment Manager
(0.5” spine)
0.475”<->0.875”
250 <-> 459 pages
Back cover ®