1751

Reference Architecture for Commerce

Книга

Информатика, кибернетика и программирование

Introduction to the Reference Architecture. Installing the Prerequisite Software. Installing the Reference Architecture Application. Business Requirements and Design Model. Reference Architecture Application Business Requirements. The MSF Application Model. Debugging a Custom Site Built on the Reference Architecture.

Английский

2013-01-06

1.46 MB

9 чел.



Reference Architecture for Commerce
Version 2.0
Developer’s Guide

ISBN: 0-7356-1826-7
The information contained in this document represents the current view of
Microsoft Corporation on the issues discussed as of the date of publication.
Because Microsoft must respond to changing market conditions, it should not be
interpreted to be a commitment on the part of Microsoft, and Microsoft cannot
guarantee the accuracy of any information presented after the date of publication.
This Documentation is for informational purposes only.  MICROSOFT MAKES NO
WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCU-
MENT.
Complying with all applicable copyright laws is the responsibility of the user.
Without limiting the rights under copyright, no part of this document may be
reproduced, stored in or introduced into a retrieval system, or transmitted in any
form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Microsoft
Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other
intellectual property rights covering subject matter in this document. Except as
expressly provided in any written license agreement from Microsoft, the furnishing
of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
The example companies, organizations, products, people and events depicted
herein are fictitious. No association with any real company, organization, product,
person or event is intended or should be inferred.
© 2001 Microsoft Corporation.  All rights reser ved.
Microsoft, FrontPage, MSDN, Outlook, PowerPoint, SideWinder, The Age of Kings,
Visual Basic, Visual C++, Visual InterDev, Visual Studio, Windows, and Windows NT
are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
The names of actual companies and products mentioned herein may be the
trademarks of their respective owners.

Contents
Part 1
Getting Started
1
Chapter 1
Introduction to the Reference Architecture
3
What Is the Reference Architecture? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
What’s New in this Version? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
What Is the Developer’s Guide? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  5
Who Should Read this Guide? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  5
Document Roadmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  6
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  8
Support for the Reference Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  8
Chapter 2
Installing the Software
9
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  9
Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  9
Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  10
Installing the Prerequisite Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  10
Install Microsoft Windows 2000 Server and MSMQ . . . . . . . . . . . . . . . . . . . . . . . .  10
Install Commerce Server 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  11
Install Microsoft XML Parser 3.0 SP 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  11
Install the Developer Tools (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  11
After You Install the Prerequisite Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  12
Installing the Reference Architecture Application . . . . . . . . . . . . . . . . . . . . . . . . . . . .  12
Download the Reference Architecture Application . . . . . . . . . . . . . . . . . . . . . . . . . .  12
Create and Configure the Business Desk Folder . . . . . . . . . . . . . . . . . . . . . . . . . . .  12
Create and Configure the Web Site Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  12
Create a New Web Site to Host the Application . . . . . . . . . . . . . . . . . . . . . . . . . . .  13
Create a New Web Site to Host the Commerce Server 2000 Business Desk . . . . . .  14
Start the Application Installer Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  14
Install and Configure the XSL ISAPI Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  15
Unpack the Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  16
Import the Predictor Modeling Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  18
Configure the Business Desk Web Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  18
Configure the Pipeline Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  19
Configure the Queued E-mail Component . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  19
Create the Business Desk Console for the Application . . . . . . . . . . . . . . . . . . . . . .  20

iv
Contents
Configuring the Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  20
Import, Modify, or Delete Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  20
Configure Tax Rates and Shipping Information . . . . . . . . . . . . . . . . . . . . . . . . . . . .  22
Test the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  22
Distributed Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  22
Testing the Application in a Distributed Environment . . . . . . . . . . . . . . . . . . . . . . .  22
Production Environment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  23
Part 2
System Architecture
25
Chapter 3
Business Requirements and Design Model
27
Requirements That Affect Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  27
Ease of Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  28
Performance Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  28
Anonymous Shopping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  30
User Profiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  30
Strong Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  31
Support for Multiple Device Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  31
Manageability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  32
Reference Architecture Application Business Requirements . . . . . . . . . . . . . . . . . . . .  32
Functional Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  32
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  38
Production Environment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  38
Documenting the Business Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  39
The MSF Application Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  39
Why Use the MSF Application Model? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  40
MSF Application Design Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  40
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  41
Chapter 6
Physical Design Phase
61
The Research Effort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  61
Identifying Physical Solution Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  62
Identifying Existing Candidate Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  68
Analysis and Rationalization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  71
Using Existing Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  71
Meeting the Business Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  78
Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  82
Identifying the Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  82
Creating the Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  82
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  82

Contents
v
Part 3
Solution Implementation
83
Chapter 7
Implementation Overview
85
Implementation Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  85
Recommended Background Knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  85
Technology Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  86
XML in the ConsolidatedRetail.com Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  86
ASP Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  87
Commerce Server Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  88
Stored Procedures in the Data Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  88
Client-Side Scripting for Input Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  88
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  89
Chapter 8
Solution Roadmap
91
PASP Files and the XSL ISAPI Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  93
A Simple Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  93
Web Site Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  95
Initialization Pages and Include Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  95
Catalog Browsing Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  96
User Authentication and Profile Management Pages . . . . . . . . . . . . . . . . . . . . . . . .  97
Order Management Pages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  97
Commerce Server Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  98
Utility and Configuration Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  98
Catalog Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  100
User Management Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  101
Shopping Basket Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  102
The Predictor Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  102
Pipelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  103
Pipeline Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  103
Custom Business Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  104
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  104
Chapter 9
ConsolidatedRetail.com Functionality
105
Presentation Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  105
XML Output from the PASP Files in ConsolidatedRetail.com . . . . . . . . . . . . . . . . .  106
XML Helper Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  107
XSL Style Sheets in the ConsolidatedRetail.com Site . . . . . . . . . . . . . . . . . . . . . .  108
Rendering Index.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  110
Caching Commonly Used Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  115

vi
Contents
User Authentication and Profiling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  120
Registering a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  121
Authenticating a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  123
Using Passport Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  126
Retrieving and Updating Profile Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  128
Product Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  133
Catalog Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  133
Browsing the Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  135
Searching the Catalogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  148
Adding a New Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  151
Shopping Basket Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  151
Adding Products to the Shopping Basket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  152
Viewing the Shopping Cart or Save for Later Basket . . . . . . . . . . . . . . . . . . . . . . .  154
Order Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  166
Specifying a Shipping Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  166
Specifying a Shipping Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  169
Specifying Multiple Shipping Addresses and Methods . . . . . . . . . . . . . . . . . . . . .  171
Specifying Payment Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  173
Confirming the Order Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  176
Completing the Order Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  181
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  184
Chapter 10
Debugging and Testing
185
Debugging the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  185
Debugging XML Output from PASP Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  186
Debugging a Custom Site Built on the Reference Architecture . . . . . . . . . . . . . . . . . .  192
Developing a Test Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  193
Possible Test Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  193
Possible Test Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  194
Functional Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  196
Testing Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  196
Performance Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  199
Response Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  199
Throughput . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  200
Performance Testing Tools and Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  200
Performance Testing Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  201
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  208

Contents
vii
Part 4
Appendices
209
Appendix A
XML Output from ConsolidatedRetail.com
211
Acct.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  212
AddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  213
AddtoList.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  214
AddtoListResp.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  214
Basket.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  215
Category.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  216
ChangePasswd.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  218
CreditCards.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  219
DeleteAddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  220
EditAddressBook.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  222
EditCreditCard.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  227
ForgotPasswd.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  232
Index.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  233
ListBase.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  234
ListSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  235
Login.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  236
MultiShipping.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  238
OrderHistory.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  239
OrderHistoryDetail.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  240
OrderSummary.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  242
Payment.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  244
Product.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  246
Registration.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  248
SearchResults.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  249
Shipping.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  253
ShippingMethod.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  254
StepSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  255
ThankYou.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  261
UserProfile.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  263
Appendix B
Data Field Validation
265
Data Fields That Require Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  265
How Validation Is Performed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  267
ListSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  271
StepSearch.pasp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  272
Search Text Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  272

viii
Contents
Appendix C
Sample Detailed Test Plan
273
Assumptions and Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  273
Test Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  275
Registration and Authentication Tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  275
Access Privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  279
Banner Advertisement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  281
Appendix D
Sample Detailed Test Cases
283
Index
291

Part 1
Getting Started
Part 1 of the Developer’s Guide for the Microsoft® Reference Architecture for
Commerce, version 2.0, describes the Reference Architecture components and
objectives, the appropriate audience for this guide, and the document conventions
used. Most importantly, it provides a roadmap to the remainder of the guide,
segmented by audience role, as well as procedures for installing the Reference
Architecture application and other required software.
Part 1, “Getting Started,” consists of the following:
G Chapter 1, “Introduction to the Reference Architecture”
G Chapter 2, “Installing the Software”
You should review this section prior to reading other chapters in the Developer’s
Guide.


1
Introduction to
the Reference Architecture
Welcome to the Developer’s Guide for the Microsoft® Reference Architecture for
Commerce, version 2.0. The Microsoft Reference Architecture for Commerce con-
sists of engineered code components that allow developers to build retail Web sites
using the Microsoft® Windows® 2000 Server operating system and Microsoft®
.NET Enterprise Servers, such as Commerce Server 2000 and SQL Server™ 2000.
This guide is designed to aid your understanding of the design and implementation
decisions made by the developers of the Microsoft Reference Architecture applica-
tion, and to help you create great e-commerce solutions using Microsoft tools and
technologies.
What Is the Reference Architecture?
The Microsoft Reference Architecture for Commerce consists of code and documen-
tation designed to accelerate the development of e-commerce solutions for small to
medium businesses. It includes:
G An e-commerce application, ConsolidatedRetail.com, that contains reusable and
customizable components and is designed to address many of the general
business requirements that are common to e-commerce solutions.
G Complete documentation, including a thorough explanation of the application
components and the decisions behind the code design and development process,
instructions for using, modifying, and testing the code, and procedures for
setting up the development environment and installing the application.
The Reference Architecture e-commerce site is designed to allow a retailer to extend
its customer base using the Internet, while providing an effective, compelling online
purchasing experience for customers. It is also designed to automate as many of the

4
Reference Architecture for Commerce
business processes involved in selling products as possible. While there are many
sector-specific considerations in the retail industry, the design of the e-commerce
site is reasonably generic so that it can be adapted for any e-commerce solution,
regardless of the industry or products involved.
The Reference Architecture code components include Active Server Pages (ASP
pages, configuration files, Extensible Stylesheet Language (XSL) style sheets, and
COM+ components that developers can examine to learn how to implement an
effective e-commerce solution. In addition, the application provides clearly docu-
mented code and reference materials that assist developers who want to reuse or
extend the software components provided. Many of the software artifacts can be
reused with little or no adaptation.
Note: For instructions about how to install the Reference Architecture application, please read
Chapter 2, “Installing the Software.”
What’s New in this Version?
Version 2.0 of the Reference Architecture adds the following functionality:
G Support for Microsoft Passport authentication, as well as procedures for adding
other authentication methods.
G Support for the Commerce Server 2000 Basket Templates, which allows users to
create, manage, and use current Order and Save for Later shopping baskets, and
public and private shopping lists.
G Advanced Search, which provides complex search capability.
G Wizard browsing, which allows customers to go from one product detail page to
the next when browsing products.
G Personalization, which allows dynamic site content generation based on a user
profile.
G Payment Manager, which allows users to select and save a payment option.
G Order cancellation, which allows customers to cancel orders.
G Support for the Commerce Server 2000 Predictor, which facilitates discount and
directed advertising using e-mail.
G Directed e-mail support, which allows online merchants to generate e-mail
messages based on specific business rules, and provides offline processing of
bulk e-mail using COM+ queued components.
G Event capture, which extends data warehousing to capture defined events.
G Enhanced documentation, including explanations of the new functionality, an
explanation of the caching mechanisms, and examples of detailed test plans and
detailed test cases.

Chapter 1: Introduction to the Reference Architecture
5
What Is the Developer’s Guide?
The Developer’s Guide is intended to provide the necessary explanatory information
to help you understand how the Reference Architecture for Commerce is designed
and implemented, and to give technical and architectural justifications for the
design decisions made in the building of the application. You should use this
document as your roadmap to the Reference Architecture components, and refer to
it when examining the source code and installing and configuring the site.
Note, however, that this documentation is not intended to be a complete program-
ming reference, nor is it intended to replace documentation provided with prerequi-
site software, such as Windows 2000 Server, Commerce Server 2000, or SQL Server
2000, or the documentation that accompanies developer tools.
Developers using the code and documentation provided in this Reference Architec-
ture should adhere to standard coding and testing practices, and should test any
site thoroughly before attempting to deploy it in a production environment.
Who Should Read this Guide?
As the title indicates, the Developer’s Guide is targeted primarily at application de-
signers and developers. However, other readers involved in scoping, designing, and
implementing e-commerce applications will find that it contains relevant and useful
information. There are many roles in software development, and each person in-
volved in the project requires different types and levels of information (you can learn
more about the roles involved in a software development project by reviewing the
Microsoft Solutions Framework Team Model). Readers in the following roles will find
this document particularly useful. (Examine the descriptions in the following table to
determine your role, and then refer to the “Document Roadmap” section later in this
chapter to locate information that is relevant to your particular responsibilities.)
Table 1-1. Project Roles
Role
Description
Developer
Developers are responsible for the implementation of the compo-
nents, Web pages, database objects, and other software artifacts
that comprise the e-commerce application. Some are specialized
developers who take responsibility for a particular aspect of the
solution, while others have a more general role in the production
of code.
(continued)

6
Reference Architecture for Commerce
Role
Description
Application Architect
The Application Architect’s role is to design the software solution
and oversee the development effort. To do this effectively, an
architect must have a clear understanding of the business require-
ments, as well as technical knowledge of the development tools
and techniques required to build the solution. Additionally, Applica-
tion Architects must understand the development process from
conceptual design to physical implementation.
Infrastructure Specialist
Effective e-commerce solutions, more so than most other applica-
tion types, require a strong relationship between the design of the
software application and the architecture of the infrastructure on
which it will run. Infrastructure Specialists are responsible for
designing the network topology for an e-commerce site — including
firewalls, server clusters, staging servers, and administrative and
monitoring functionality.
System Administrator
Any software implementation must be administered to some
degree. System Administrators (including network, Web site, and
database administrators) are responsible for the day-to-day running
of the site. This includes ensuring that appropriate security
measures are taken to prevent unauthorized access to sensitive
data, implementing a reliable backup procedure, monitoring the
site’s performance and availability, and other administrative tasks.
Business Decision Maker
Business Decision Makers fulfill an overall product management
role in an e-commerce project. They are primarily responsible for
determining the project scope as well as the technological and
personnel investments required to build a solution that meets the
business needs.
Document Roadmap
The Developer’s Guide consists of four main sections, each containing topics related
to the development of the site. You are encouraged to read the topics that relate
most closely to your role in e-commerce development. The sections, together with
their relevance to specific roles and responsibilities, are described next.
Part 1: Getting Started
This section provides basic introductory information, a roadmap to the remainder
of the guide, and installation and configuration instructions for the Reference
Architecture application and other required software.
All users should review this information prior to reading other sections of the
Developer’s Guide.

Chapter 1: Introduction to the Reference Architecture
7
Part 2: System Architecture
Part 2 contains a high-level description of the application, as well as a summary of
the design process used to develop the site. It contains a chapter about the design
approach and application model and specific chapters on each phase of the design
process.
G Business Decision Makers should use this section when evaluating the hardware,
software, and expertise requirements for an e-commerce project.
G Application Architects will find this section useful in understanding the
conceptual use cases, logical model, and physical implementation of the
ConsolidatedRetail.com site.
G Developers can gain an understanding of the skill requirements and the tech-
nologies used in the development of the site.
G Infrastructure Specialists will find the physical design of the
ConsolidatedRetail.com application useful in determining the required network
and security design for the solution.
Part 3: Solution Implementation
Part 3 includes a series of topics that describe the implementation details of specific
aspects of the application, as well as the testing, deployment, and operational
management methodologies the application uses. It contains an implementation
overview, a roadmap to the solution, a description of the functional components,
and a chapter on debugging and testing e-commerce applications.
G Application Architects can use this section to examine the implementation of the
various components in the application. The topic about testing provides addi-
tional information about the methodology used to test the application for usabil-
ity and performance.
G Developers can use this section to gain an understanding of the code in the
ConsolidatedRetail.com application, and how it can be reused and extended.
G Infrastructure Specialists will find the topics about testing and deploying the
application useful in understanding how the application can be implemented
on specific network architecture.
G System Administrators can use the topic about operational management to
understand the management issues and tasks involved in operating and main-
taining the application.
Part 4: Appendices
Part 4 provides additional reference materials that you may find helpful when
reviewing the Reference Architecture application code or when building or testing a
solution based on the Reference Architecture. These materials include sample XML

8
Reference Architecture for Commerce
output, data field validation notes, a sample test plan, and sample test cases. The
materials included in Part 4 are intended primarily for developers and testers.
In addition, the Developer’s Guide contains an appendix that shows the XML output
generated from the XSL pages, an appendix that explains data validation performed
by the reference code, and appendices that provide sample detailed test plans and
test cases.
Document Conventions
This guide uses the following style conventions and terminology.
Table 1-2. Document Conventions
Element
Meaning
Bold font
Characters that you type exactly as shown, including commands and
switches. User interface elements are also bold.
Italic font
Variables for which you supply a specific value. For example, Filename.ext
could refer to any valid file name for the case in question. New terminol-
ogy also appears in italic on first use.
Monospace font
Code samples.
%SystemRoot%
The folder in which Windows 2000 is installed.
Tip
Alerts you to supplementary information that is not essential to the
completion of the task at hand.
Note
Alerts you to supplementary information.
Important
Alerts you to supplementary information that is essential to the comple-
tion of a task.
Caution
Alerts you to possible data loss, breaches of security, or other more
serious problems.
Warning
Alerts you that failure to take or avoid a specific action might result in
physical harm to you or to the hardware.
Support for the Reference Architecture
Community (newsgroup) support is available for the Reference Architecture for
Commerce on the following newsgroups:
G NNTP at news://msnews.microsoft.com/microsoft.public.reference_arch.commerce
G Web-based Newsgroup Client at http://msdn.microsoft.com/newsgroups
/default.asp?newsgroup=microsoft.public.reference_arch.commerce

2
Installing the Software
This chapter describes the necessary steps to install the Reference Architecture
application on a single computer for testing and examination. This guide also
describes realistic deployment practices for use on production sites based on the
Reference Architecture.
Before You Begin
Before you install the Reference Architecture application, be sure that you have the
necessary hardware configuration and all required software.
Hardware Requirements
For testing and development purposes, the Reference Architecture application
should be installed on a single computer dedicated to the task, rather than on a
personal workstation with other software. The application can be safely installed
and run with other applications, but due to the possibility of software conflicts or
incompatibilities, you should use a single stand-alone computer to ensure proper
operation.
The Reference Architecture application requires the following minimum system
configuration:
G
400 MHz or faster Pentium-compatible CPU
G
256 megabytes (MB) RAM
G
3-gigabyte (GB) hard disk
G
Network adapter
Note: For development and code review purposes, the Reference Architecture application runs
on a single computer without a network adapter.

10
Reference Architecture for Commerce
Software Requirements
Before you install the Reference Architecture application, be sure that the required
software is installed. The next section provides installation instructions.
The Reference Architecture application requires the following software:
G Windows 2000 Server (or Advanced Server), including Microsoft Message
Queuing (MSMQ), and Windows 2000 Server, Service Pack 2.
G Microsoft Commerce Server 2000 and Commerce Server 2000, Service Pack 1.
Commerce Server 2000 requires Microsoft SQL Server™ 2000 (Standard or
Enterprise Edition).
G Microsoft XML Parser (MSXML) 3.0, Service Pack 1, available for download from
the MSDN® Web site at http://msdn.microsoft.com/downloads/
G Microsoft XSL ISAPI filter, included in the Reference Architecture download.
The Reference Architecture application code includes a custom version of the
XSL ISAPI filter (Xslisapi2.dll). This version is not available for download on
Microsoft.com; however, the documentation for the publicly available version
(Xslisapi2.dll, version 2.1) is appropriate for the custom version. This documen-
tation is available for download from the MSDN Web site. On the MSDN Down-
loads page, type XSL ISAPI 2.1 in the Search box.
G Microsoft Reference Architecture for Commerce application (available for down-
load from the MSDN Code Center). On the MSDN Code page (at http://
msdn.microsoft.com/code/
), type Reference Architecture for Commerce in the
Search box.
G Microsoft Visual Studio® 6.0 (this is required only for developers who want to
examine the source code of the application) and current Service Pack level
(available for download from the MSDN Web site at http://msdn.microsoft.com
/vstudio/
).
G Microsoft Passport Software Development Kit (SDK), version 1.4. The Passport
SDK is available for download from the MSDN Web site at http://
msdn.microsoft.com/downloads

Installing the Prerequisite Software
Install the required software for the Reference Architecture application as described
in the following procedures.
Install Microsoft Windows 2000 Server and MSMQ
Refer to the Windows 2000 documentation for details about how to install Win-
dows 2000 and Windows 2000 Service Pack 2. You can find information about
Windows 2000 Server at http://www.microsoft.com/windows2000/

Chapter 2: Installing the Software
11
Note that you must install the Microsoft Message Queuing (MSMQ) components
before you install the Reference Architecture application. (You can install MSMQ on
a computer that is already running Windows 2000.)
After you install Windows 2000, log on using the Administrator account.
Install Commerce Server 2000
Refer to the Commerce Server 2000 documentation for details about how to install
Commerce Server 2000 and Commerce Server 2000 Service Pack 1.
You can find more information about Commerce Server 2000 at http://
www.microsoft.com/commerceserver/

Install Microsoft XML Parser 3.0 SP 1
If you have not already done so, download Microsoft XML Parser 3.0 Service Pack 1
from the Web site at http://msdn.microsoft.com/downloads/
After the download completes, double-click the MSXML3SP1.exe file to unpack and
install the parser.
Install the Developer Tools (Optional)
After you install the XML Parser, install Visual Studio 6.0 and the Passport SDK,
version 1.4. Visual Studio 6.0 is necessary if you want to examine or modify the
Reference Architecture application source code, and the Passport SDK is required
if you want to incorporate Passport authentication.
Install Visual Studio 6.0
Refer to the Visual Studio 6.0 documentation for complete instructions about
installing Visual Studio.
Be sure that the following components are installed:
G
Microsoft Visual C++® development system version 6.0
G
Microsoft Visual InterDev® Web development system version 6.0
G
ActiveX® controls
G
Data access
G
Enterprise tools
G
Tools
In addition, you may want to install the MSDN Library to provide online Help for
Visual Studio.
After installation completes, you should apply all required Service Packs.

12
Reference Architecture for Commerce
Install the Passport SDK 1.4
Refer to the Passport SDK 1.4 documentation for complete instructions about
installing the Passport SDK.
After You Install the Prerequisite Software
After you install the required software, restart the computer.
Installing the Reference Architecture Application
After you successfully install the prerequisite software, you can install the Reference
Architecture application and configure the Web site. The following steps describe
how to download, install, and configure the application.
Download the Reference Architecture Application
The latest version of the Reference Architecture for Commerce application is avail-
able on the Microsoft Developer Network (MSDN) Web site.
To download the application
1. Locate the application at http://msdn.microsoft.com/code/
2. Click Download, and then click Yes to accept the license agreement. Follow the
instructions to download the software.
Create and Configure the Business Desk Folder
Before you can install the Reference Architecture application, you need to create and
configure a folder for the Commerce Server 2000 Business Desk interface.
To create and configure the folder
1. In Microsoft Windows Explorer, navigate to the Inetpub folder on the system
partition.
2. Create a folder in Inetpub named B2CRefBizDesk. This folder will store the files
for the site’s Business Desk interface.
Create and Configure the Web Site Folder
Before you can install the Reference Architecture application, you need to create and
configure a folder to hold the Reference Architecture Web site files. This allows the
XSL ISAPI filter to write temporary files to disk.
To create and configure the Web site folder
1. In the Inetpub folder on the system partition, create a folder named B2CRef. This
folder will store the Reference Architecture Web site files.

Chapter 2: Installing the Software
13
2. Right-click the B2CRef folder, and then click Properties.
3. Click the Security tab, and then click the Add button.
4. In the Look In drop-down list, click your local computer name if it is not already
selected. This displays the accounts on your local computer (rather than accounts
in any domain in which the computer is a member).
5. Scroll the list of accounts until you find the account IWAM_computer-name,
where computer-name is the name of your computer. This is the account under
which the Microsoft Internet Information Services (IIS) Web server runs. Select
that account, click the Add button, and then click the OK button.
6. In the B2CRef Properties window, make sure Launch IIS Process Account is
selected in the list of names.
7. In the Permissions box, under Allow, select the Modify and Write check boxes.
8. Click OK to close the window.
Create a New Web Site to Host the Application
After you create the folders to hold the Web files, you need to create a new Web site
to host the Reference Architecture application.
To create the Web site
1. On the taskbar, click the Start button, point to Programs, point to Microsoft
Commerce Server 2000, and then click Commerce Server Manager.
2. In the left pane of the Commerce Server Manager window, expand the Internet
Information Services node by clicking the plus sign (+) next to it.
3. A node that represents your computer (with the same name as your computer)
should be visible. Click the plus sign (+) next to it to display the Web sites hosted
on your computer.
4. Under Internet Information Services, right-click the icon that represents your
computer, point to New, and then click Web Site.
5. In the first dialog box, click Next.
6. In the Description box, type B2CRef. The IIS Administration listings refer to the
Web site by this name. Click Next.
7. In the IP Address and Port Settings dialog box, leave the IP address as All
Unassigned, set the TCP port to 81 (or to any other available IP port address,
and then click Next.
8. In the Web Site Home Directory dialog box, either enter the path to the
Inetpub\B2CRef folder in the Path box or click Browse to navigate to that folder
and select it, and then click Next.
9. In the Web Site Access Permissions dialog box, leave the default settings (Read
and Run scripts), and then click Next.
10. Click Finish to create the site.

14
Reference Architecture for Commerce
Create a New Web Site to Host
the Commerce Server 2000 Business Desk
The Commerce Server 2000 Business Desk console should be placed on a separate
Web site to prevent conflicts with the XSL ISAPI filter used on the main Reference
Architecture site.
To create the Web site
1. If you have not already done so, expand the Commerce Server Manager Internet
Information Services node, right-click the icon that represents your computer,
point to New, and then click Web Site.
2. In the first dialog box, click Next.
3. In the Description box, type B2CRefBizDesk. The IIS Administration listings
will refer to the Business Desk console Web site by this name. Click Next.
4. In the IP Address and Port Settings dialog box, leave the IP address as All
Unassigned, set the TCP port to 82 (or to any other available IP port address,
and then click Next.
5. In the Web Site Home Directory dialog box, either enter the path to the
Inetpub\B2CRefBizDesk folder in the Path box or click Browse to navigate to
that folder and select it, and then click Next.
6. In the Web Site Access Permissions dialog box, leave the default settings (Read
and Run scripts), and then click Next.
7. Click Finish to create the site.
Start the Application Installer Program
You are now ready to install the Reference Architecture application that you down-
loaded previously (refer to the section, “Download the Reference Architecture
Application,” earlier in this chapter).
To install the application
1. Double-click the Reference Architecture for Commerce installer program icon to
begin the installation process.
2. On the Welcome screen, click Next.
3. Read the License Agreement. If you agree to the terms of the license agreement,
click I accept the terms in the license agreement, and then click Next. Other-
wise, you will not be able to install the application.
4. In the Custom Setup dialog box, the default action is to install the entire Web
application and all source code. If you want to change particular elements from
the installation, select the check boxes next to the elements, click This feature
will not be available
, and then click Next.

Chapter 2: Installing the Software
15
5. In the Services Account dialog box, in the UsernamePassword, and Domain
boxes, enter the information under which the COM+ components will run. Click
Next.
6. Click Install. The installation process will install the files and components.
7. Click Finish on the last screen.
Install and Configure the XSL ISAPI Filter
After you create the Web site for the Reference Architecture application, you need to
set up the correct XSL ISAPI filter.
To set up the filter
1. If you have not already done so, expand the Commerce Server Manager Internet
Information Services node, and then expand the node that represents your
computer to display the Web sites hosted on your computer.
2. Right-click B2CRef, and then click Properties.
3. Click the ISAPI Filters tab, and then click Add.
4. In the Filter Properties dialog box, type XSLISAPI2 in the Filter Name box, and
then click Browse.
5. Navigate to the B2CRef installation folder (default is “C:\Program
Files\Reference Architecture for Commerce\Binaries”), click xslisapi2.dll, and
then click Open.
6. In the Filter Properties dialog box, click OK to add XSLISAPI2 to the list of
ISAPI filters for the site.
7. Click OK to save your changes and close the Properties dialog box.
Configure the XSL ISAPI Filter to Work Correctly with Business Desk
If you configure Commerce Server 2000 Business Desk to use the same site that the
XSL ISAPI filter uses, an error is generated and Business Desk does not function
correctly. This is because the XSL ISAPI filter captures all files delivered by the site
to the client, and attempts to process them. So, for example, when Business Desk
requests an XML file, the XSL ISAPI filter captures the file first and tries to process
it, rather than passing it on to Business Desk.
To eliminate this problem, you must do either of the following:
G
Configure Business Desk to use a site that does not have XSL ISAPI installed.
If you follow the recommended procedure in this chapter, this is the default
configuration.
G
Remove XML from the list of file types that XSL ISAPI will process. Note that
this option requires that you modify and then recompile the source code for the
XSLISAPI.dll.

16
Reference Architecture for Commerce
To remove XML from the list of file types that XSL ISAPI will process
1. Start Microsoft Visual Studio, and then open the XSL ISAPI file, Global.h.
2. Find the following section, which lists the file extensions that the filter will
process:
Const LPCSTR g_szFileTypesA[] =
{
    "XML", "PASP"
};
3. Delete XML from the list, and recompile the project.
4. Replace the previous version of the XSL ISAPI filter with the one you compiled.
Unpack the Commerce Site
After you install and configure the XSL ISAPI filter, unpack the commerce site.
To unpack the site
1. Start the Commerce Site Packager: on the taskbar, click the Start button, point to
Programs, point to Reference Architecture for Commerce, and then click PUP
Package
.
2. In the Unpack dialog box, click Custom unpack, and then click Next.
3. In the Unpack Method dialog box, leave Create a new site selected, and then
click Next.
4. In the Site Name dialog box, the Site name box should be preset to B2CRef. Do
not change the setting. Click Next.
5. In the Select Resources dialog box, leave all resources on the right side (Re-
sources to unpack), and then click Next.
6. In the Global Resource Pointers dialog box, keep the default settings and click
Next.
7. In the Database Connection Strings dialog box, keep the default settings and
click Next.
8. In the dialog box that requests a SQL user name and password, type sa in the
SQL user name box and whatever password you assigned for the SQL Server sa
account in the SQL password box.
9. Click Test Connection, and if successful, click OK on the confirmation message
box and the Test Connection dialog box.
10. In the Select Applications dialog box, keep the default settings and click Next.

Chapter 2: Installing the Software
17
11. In the Select IIS Web Sites and Virtual Directories dialog box:
a. In the left pane, click the first line of the listing (/) to highlight it.
b. Under IIS Web site, click B2CRef on the drop-down list.
c. The IIS virtual directory should contain a single forward slash (/). This
places the application at the root of the B2CRef Web site.
d. In the left pane, click BizDesk to highlight the second line of the listing.
e. Under IIS Web site, click B2CRefBizDesk on the drop-down list.
f.
Under IIS virtual directory, keep the value BizDesk, and then click Next.
12. A warning message may appear indicating that you will overwrite existing
virtual directories if you continue. If this message appears, click Yes.
13. A second message may appear indicating that you will overwrite specific direc-
tories if you continue. Click Yes again.
14. In the Data Warehouse dialog box, keep the default settings, and click OK.
15. In the Profiling System dialog box, change the Profile Schema Definition (.xml)
file to point to <drive>:\Program Files\Reference Architecture for
Commerce\SupportFiles\ProfileSQLwCC.xml
 (where <drive> is the drive on
which the application is installed).
16. Change the Site Terms Definition (.xml) file to point to: <drive>:\Program
Files\Reference Architecture for Commerce\SupportFiles\SiteTermswCC.xml
(where <drive> is the drive on which the application is installed). Click Next.
17. Change the Schema Definition Script to point to <drive>:\Program
Files\Reference Architecture for
Commerce\SupportFiles\ProfileSQLwCC.sql 
(where <drive> is the drive on
which the application is installed).
18. Click Profiling System Connection String, and then click Modify. Click
Microsoft OLE DB Provider for SQL Server, and then click Next. Choose your
server name, user name, and database (B2CRef_commerce). Click OK to close
the dialog box.
19. Click OK again.
20. When the application is unpacked, an Unpacking is complete dialog box dis-
plays. Click Finish to exit.
Note: Do NOT click the View Selected Application button because some post-installation
configuration of the Web site still needs to be done.

18
Reference Architecture for Commerce
Import the Predictor Modeling Data
This release of the Reference Architecture for Commerce provides support for the
Commerce Server 2000 Predictor, which facilitates discount and directed advertis-
ing using e-mail. The Predictor resource allows you to build complex analysis
models that you can use to determine the type of content, advertisements, and
additional products that might interest your users.
To import the Predictor modeling data
1. In SQL Enterprise Manager, navigate to the B2Cref_dw database. Expand the
Microsoft SQL Servers node, the SQL Server Group node, the node for your
server, and then expand the Databases node.
2. Right-click the database name, B2CRef_dw, and then click All Tasks.
3. Click Import Data, and then click Next.
4. Change the data source to Text File.
5. Select <drive>:\Program Files\Reference Architecture for
Commerce\SupportFiles\PredictorModels.csv (where <drive> is the drive on
which the application is installed), and then click Next. Click Next again.
6. An error message displays. Click Yes.
7. Click Comma, and then click Next.
8. Click Next until you reach the Finish screen.
9. Click Finish.
10. Click Done.
Configure the Business Desk Web Site
You need to configure the local path for the Business Desk Web site.
To configure the Web site
1. If you have not already done so, expand the Commerce Server Manager Internet
Information Services node, and then expand the node that represents your
computer to display the Web sites hosted on your computer.
2. Right-click B2CRefBizDesk, and then click Properties.
3. Click the Home Directory tab, and then click Browse.
4. Under Inetpub\B2CRefBizDesk, click BizDesk, and then click OK.
5. In the B2CRefBizDesk Properties dialog box, click OK.

Chapter 2: Installing the Software
19
Configure the Pipeline Components
You need to configure the local path for the pipeline components.
To configure the pipeline components
1. On the taskbar, click the Start button, point to Programs, point to Microsoft
Commerce Server 2000, and then click Pipeline Editor.
2. On the File menu, click Open.
3. Locate the pipelines folder in the B2CRef folder (the folder where you installed
the B2CRef site). For example, the path could be C:\Inetpub\B2CRef\Pipelines\.
4. Click final.pcf, and then click Open.
5. Right-click the QueueEmail Class pipeline stage, and then click Properties.
6. In the Component Properties dialog box on the PipelineQueue Properties tab,
replace yourcomputername in the Queued Component Path Name text box with
your computer name.
Note: If your computer is a member server of a domain, the installation program will create
a public queue instead of a private queue. If this is the case, omit the PRIVATE$\ part of
the path. If you plan to host your Message Queues on a separate computer, you need to
change the path accordingly.
7. Click OK, and then click the floppy disk toolbar icon in the Pipeline Editor to
save the changes and exit the Pipeline Editor application.
8. Stop and restart the B2CRef site. To do this right-click the B2CRef site in the
Commerce Server Manager console, click Stop on the pop-up menu, right-click it
again, and then click Start on the pop-up menu.
Configure the Queued E-mail Component
You need to configure the Queued E-mail component to be able to send confirma-
tion e-mail messages.
To configure the queued e-mail component
1. On the taskbar, click the Start button, point to Programs, point to Administra-
tive Tools, and then click Component Services.
2. In the left pane of the Component Services window, expand the Component
Services node by clicking the plus sign (+) next to it. Click the plus sign (+) next
to the Computers node.
3. A node that represents your computer (with the name My Computer) should be
visible. Click the plus sign (+) next to it to display the COM+ Applications node.
Click the plus sign (+) next to it.

20
Reference Architecture for Commerce
4. A node that represents the queued e-mail component (with the name
B2CRef_Queued_Email) should be visible. Click the plus sign (+) sign next to it.
5. A node with the name Components should be visible. Click the plus sign (+) next
to it.
6. A node with the name QueuedEmailer.CMailer should be visible. Right-click this
node, and then click Properties.
7. In the Properties dialog box, click the Activation tab. The entry in the text box
named Constructor String needs to be changed in the following way: Between
the XML tags <SMTPServer> and </SMTPServer>, enter the name of your
SMTP e-mail server (ask your network administrator if you don’t know the
name). You also need to enter the SMTP user name and password between the
respective XML tags.
Note: The other tags are already filled out, but you might need to check with your network
administrator if you need to change them according to your actual SMTP settings (for
example, SMTP Port, SMTP Timeout, Use SSL, and the SMTP Authority Mode).
8. Click OK to return to Component Services window.
9. Right-click the B2CRef_Queued_Email node, and then click Shut Down. Right-
click it again, and then click Start.
10. Close the Component Services window.
Create the Business Desk Console for the Application
After you install and unpack the B2CRef application and configure the pipeline
components, you need to create the Business Desk console for the application. To
create the console, please refer to the complete procedures in the Commerce Server
2000 documentation.
Configuring the Commerce Site
This section describes procedures for configuring the commerce Web site by adding
a catalog, configuring tax and shipping information, and testing the site.
Import, Modify, or Delete Catalogs
Use the Catalog Editor module to work with categories and catalogs. You can
create, modify, and delete categories and catalogs. In addition, you can use the
Catalog Editor module to import a catalog from either an Extensible Markup
Language (XML) file or a comma-separated value (.csv) file.
The following procedure imports the two sample XML catalog files included with
the application and makes them available for the site to use.

Chapter 2: Installing the Software
21
To import the Booksfull.xml catalog file
1. In Commerce Server 2000 Business Desk, on the Catalog menu, click Catalog
Editor.
2. On the Catalog Editor screen, click the Import Catalog toolbar, and then click
Import XML on the drop-down list.
3. In the Import XML Catalog dialog box, type <drive>:\Program Files\Reference
Architecture for Commerce\SourceCode\Catalogs\Booksfull.xml (where
<drive> is the drive on which the catalog is located) in the File name box. Verify
that the Delete any existing catalog data check box is not selected.
4. Click OK.
5. In the Business Desk: Import XML Catalog dialog box, click OK. The Books
catalog will be imported and available on the Reference Architecture retail site.
Note: The catalog does not yet appear in the Name box in the Catalog Editor.
To import the Hardwarefull.xml catalog file
1. In Commerce Server 2000 Business Desk, on the Catalog menu, click Catalog
Editor.
2. In the Catalog Editor dialog box, click the Import Catalog toolbar, and then click
Import XML on the drop-down list.
3. In the Import XML Catalog dialog box, type <drive>:\Program Files\Reference
Architecture for Commerce\SourceCode\Catalogs \Hardwarefull.xml (where
<drive> is the drive on which the catalog is located) in the File name box. Verify
that the Delete any existing catalog data box is not selected.
4. Click OK.
5. In the Business Desk: Import XML Catalog dialog box, click OK. The Hardware
catalog will be imported and available on the Reference Architecture retail site.
Note: The catalog does not yet appear in the Name box in the Catalog Editor.
Use the Catalog Editor module to refresh and publish a catalog on your Web site.
You need to refresh and publish a catalog whenever you make any changes to
ensure that those changes are reflected on your Web site.
To refresh and publish a catalog
1. In Commerce Server 2000 Business Desk, on the Catalog menu, click Catalog
Editor.
2. In the Catalog Editor dialog box, click the Update Catalog toolbar. The catalog
will be updated and published on the Web site.

22
Reference Architecture for Commerce
Configure Tax Rates and Shipping Information
To configure tax rates and shipping information, please refer to Commerce Server
2000 documentation about “Tax rates for orders” and to the Commerce Server 2000
tutorial documentation about “Adding a Shipping Method and a Tax Rate.”
To configure shipping methods, please refer to Commerce Server 2000 documenta-
tion about “Shipping Codes.”
Note: The sample catalog schema does not contain a weight field; therefore, the application
does not support shipping methods based on weight.
Test the Site
After you import the catalog and configure the tax and shipping information, you
are ready to test the B2CRef site. To test the site, go to http://localhost:81.
Distributed Deployment Considerations
Although you can install the Reference Architecture application on a single com-
puter for development and evaluation purposes, a more realistic deployment
environment would involve distributing the application over several servers. In a
production environment, you should give additional consideration to security,
scalability, and availability in the form of firewalls and server clusters.
Testing the Application in a Distributed Environment
You can deploy the Reference Architecture application in a distributed environment
for testing purposes. The infrastructure architecture shown in Figure 2.1 could be
used to distribute the application over three computers:
Client
Web Server
Database Server
Internet Explorer 5.5
Commerce Server 2000
SQL Server 2000
MSXML3
Analysis Services
XSLISAPI121
B2C Reference Site
B2CRef BizDesk Site
Figure 2.1
Simple Distributed Infrastructure Architecture

Chapter 2: Installing the Software
23
To install this distributed environment, use the installation instructions described
earlier with the following exceptions:
G
Install Windows 2000 Server on the database server and the Web server (the
client computer can use Windows 2000 Server, Windows 2000 Professional,
Windows 98, or Windows Millennium Edition). The application supports Inter-
net Explorer 4.x and later.
G
Verify network connectivity (over TCP/IP) before you attempt to install the
application.
G
Install SQL Server and Analysis Services on the database server.
G
Specify the name of the Database server and valid logon credentials when you
install Commerce Server 2000 on the Web server and when you unpack the
Reference Architecture application.
G
You can install Business Desk on the client computer by going to http://<Web
Server name>:<IP address>/BizDesk (where <Web Server name> is the name of the
Web Server computer and <IP address> is the IP address specified for Business
Desk).
G
You can access the B2CRef site from the client computer by going to http://
<Web Server name>:<IP address> (where <Web Server name> is the name of the
Web Server computer and <IP address> is the IP address specified for B2CRef.
Production Environment Considerations
The purpose of the Reference Architecture application is to demonstrate features that
would be required in a real e-commerce solution and to provide reusable components
for developers. When a business chooses to deploy a solution similar to the Reference
Architecture application in a production environment, a great deal of thought and
planning goes into designing the infrastructure on which the application will run.
Figure 2.2 shows the minimum infrastructure architecture for such a production site:
Internet Client
Web Farm
Database Cluster
Windows 2000 Advanced
SQL Server 2000 on windows
Server & Commerce Server
2000 Data Center, clustered
2000 using Network
using Microsoft Clustering
Load Balancing
Services
Primary 
Secondary
Firewall
Firewall
Figure 2.2
Minimum Production Infrastructure Architecture


Part 2
System Architecture
Part 2 of the Developer’s Guide for the Microsoft Reference Architecture for
Commerce provides an overview of the business requirements and phased design
process used by the architects of the sample application. In addition, each chapter
summarizes the actual deliverable produced at that phase of the design process.
Note that the process used follows the Microsoft Solutions Framework (MSF)
guidelines, which were gleaned from standard industry best practices. More infor-
mation about MSF is available from the Microsoft Web site. On the Microsoft Home
page, type MSF in the Search box.)
Part 2, “System Architecture,” consists of the following:
G Chapter 3, “Business Requirements and Design Model”
G Chapter 4, “Conceptual Design Phase”
G Chapter 5, “Logical Design Phase”
G Chapter 6, “Physical Design Phase”


3
Business Requirements and
Design Model
Ask your average Web user to define an e-commerce site, and he or she will prob-
ably tell you that it is an online store where customers can use a credit card to buy
products. Although this description is accurate, it does not sufficiently describe
the variety of e-commerce sites being developed for the Internet today. In the fast-
moving world of Internet business, an effective e-commerce Web site is much more
than a Web-based shop.
Requirements That Affect Design
Users are demanding more from e-commerce sites, and if one site doesn’t meet
their expectations, they’ll go somewhere else. So, what are users demanding from
e-commerce? Which business requirements must the application designer consider
first? The following list suggests some of the major issues affecting application
design:
G Ease of use
G Performance requirements
G Anonymous shopping
G User profiling
G Strong security
G Support for multiple device types
G Manageability
At first glance it appears that some of these challenges are within the scope
of the Application Architect, while others are more the responsibility of the

28
Reference Architecture for Commerce
Business Decision Maker or Infrastructure Specialist. However, if you examine these
challenges in detail, you can understand how the design of the application has an
impact on each challenge.
Ease of Use
It’s reasonable that a site should be easy to use and navigate. After all, businesses
don’t want to make it difficult for customers to buy products, and customers are
much more likely to spend money at a site if they can find their way to the check-
out page.
One way to make the site easier to use is to ensure that you use familiar analogies
for common tasks. This means storing a customer’s selections in a shopping basket
until the customer decides to complete the purchase (or check out). Using metaphors
like this make it easier for non-computer experts to understand how the site works,
and make a purchase.
Making the site easily navigable can be a much more difficult task than you might
first think. The Web works in a fairly non-linear fashion, and users often click links
in an unexpected order. You should be sure that your site presents a consistent
interface to the user regardless of which page he or she is currently viewing, and
that important pages (such as the home page, the shopping basket, and the
user’s account information) are always available by clicking a single link. On the
ConsolidatedRetail.com site, the banner across the top always includes links to the
shopping basket, customer account, and home pages, and the panel on the left side
always includes the search and catalogs links.
Another way to ensure that users can find their way around your site is to make
sure your lists of products, or catalogs, are organized in a logical manner. Custom-
ers will find it much easier to locate the product they are interested in if your
catalogs are divided into categories, and possibly sub-categories. You should also
provide users with the ability to search for a product if they are unsure of where
it is listed.
If your site is easy to use and navigate, customers will enjoy using it. Conversely, if
it is difficult to use, they will probably give up and move on to another site.
Performance Requirements
There are many factors in the design of a Web site that can affect its performance. Of
course, performance means different things to different people, and what is consid-
ered an acceptable level of performance can vary from user to user.

Chapter 3: Business Requirements and Design Model
29
Acceptable Response Time
What most people mean by a site that performs well is a site that provides accept-
able response times. Response time is the amount of time a user waits after request-
ing an action before seeing a result. Ideally, we’d all like each action on the site to be
performed instantaneously; however, in practice we need to accept that limited
bandwidth, database concurrency, and business processing tasks usually cause a
slight delay. When designing an e-commerce site, try to reduce the factors that
adversely affect response time, although you will never completely eliminate them.
The key to e-commerce optimization is to optimize the time in which it takes to
perform things such as checking out, so that you don’t lose orders because custom-
ers abandon their shopping baskets while standing in the virtual line.
Scalability
Another important aspect of performance is scalability. This is the ability of the site
capacity to increase when resources are added. To the user community, this means
that the site continues to provide acceptable response times when many users
access the site concurrently. Many developers are disappointed to learn that a test
site that performs brilliantly on a development computer fails to cope with the
required number of users.
So, how can the scalability of a site be maximized? Two typical approaches are
scaling up and scaling out.
The first approach, scaling up, is achieved by adding more processing power to the
servers in the form of more and/or faster CPUs, more RAM, faster disks, and so on.
This approach can be very effective, particularly on the data tier where very large
databases require respectively large processing power. However, this approach
becomes less cost-effective the closer to the top-end a server reaches, as hardware
costs rise exponentially with their power.
Scaling out, on the other hand, involves sharing the processing load across multiple
servers in a cluster, or a collection of servers, known as a Web farm. Web farms are a
much more cost-effective use of hardware, and provide a more flexible and exten-
sible solution. As the load on a site increases, servers can be easily added to the
Web farm.
Figure 3.1 on the next page illustrates the basic architecture of a Web farm.

30
Reference Architecture for Commerce
Client
Client
Client
Internet
IIS
IIS
IIS
SQL
Figure 3.1
A Web Farm
Anonymous Shopping
In general, users do not want to be forced to log on to a site before they can see
what the site has available to purchase. Your site should allow anonymous users
to browse through your products and even place products in a shopping basket,
without requiring authentication.
User Profiling
When a customer revisits a site, that customer doesn’t want to have to reenter
information that was supplied during a previous visit. After a customer provides
your site with shipping and contact information, he or she expects that this data
will be remembered.
To accomplish this, many sites maintain user profile information for each user who
registers with the site. In most cases, the user is required to register by providing a
minimal amount of profile information, such as a user name and password. The

Chapter 3: Business Requirements and Design Model
31
user is then assigned a unique identifier that can be used as the primary key for that
user’s profile data.
After a user registers at a site, the user’s profile information can be saved in a
database and recalled for use later. Users can usually add to the mandatory infor-
mation, allowing them to specify such details as an e-mail address, telephone
number, shipping address, or any other piece of personal information you allow
them to add.
Retaining user profile information is useful for the following reasons:
G It prevents users from being required to reenter data on subsequent visits.
G It can be used to analyze user activity at the site.
G It can be used as the basis of personalization, allowing you to target banner ads
or discounts at a specific class of user.
G It can be used for business analysis purposes; for example, to track buying trends
based on specific profile values.
Strong Security
Sensitive information transmitted across an unsecured network, such as the Inter-
net, can be intercepted. For this reason, any site that makes use of sensitive financial
or personal information must protect that data’s integrity by using authentication,
encryption, and secure networking protocols. Secure Sockets Layer (SSL) is a proto-
col that provides communications privacy, authentication, and message integrity for
a TCP/IP connection. By using this protocol, clients and servers can communicate
in a way that prevents eavesdropping, tampering, or message forgery.
In addition, a shopping site must ensure that stored customer information — such  as
personal data, preferences, order history, and payment information — are  protected
on the server. Access to customer information should be protected by user IDs and
passwords.
Support for Multiple Device Types
Web browsing devices are becoming increasingly available and varied — for  ex-
ample, there are Internet-enabled cell phones, handheld devices, voice-enabled
browsers, and television- and game console-based browsers. In addition, these
devices have different capabilities and may or may not support a given markup
language or browser version. A commercial Internet site can provide support for
multiple device types by providing an interpretative layer that determines the
device type, and then formats the content for display on that specific device.
Mechanisms that facilitate this functionality include the Extensible Markup Lan-
guage (XML), Extensible Stylesheet Language (XSL), and related filtering technolo-
gies, such as the XSL ISAPI filter.

32
Reference Architecture for Commerce
Manageability
Although application designers are not responsible for business decisions such as
pricing and advertising campaigns, the design of an e-commerce solution can have
a tremendous impact on the way a business responds to trends in the marketplace
and competitor activity. Business managers can work only within the constraints of
the management features of an e-commerce site. To be successful, an e-commerce so-
lution must be easy to use and yet have an all-pervasive management infrastructure.
You have two basic choices when you design the management interface for an
e-commerce site. You can create your own custom interface or you can use an ”out
of the box” solution such as the Microsoft Commerce Server 2000 Business Desk.
Building your own management interface means that you can design the manage-
ability of your site to be exactly the way you want it. However, it adds a significant
development effort to an already large software project, and it is often looked upon
as a project nearly as large as or larger than the application itself. The Commerce
Server Business Desk can be used to manage most aspects of an e-commerce site by
default, and additional functionality can be added by creating custom modules if
required.
The remainder of this chapter describes the actual business requirements identified
during the planning phase of this project, and the application model and design
process used in the design of the ConsolidatedRetail.com application.
Reference Architecture Application Business Requirements
Before the application design process can begin, it is important to gain an under-
standing of what the application must do. Analyzing business requirements is one
of the most important steps in developing an application. The aim of business
requirement identification is to create a solution that meets both retailer and con-
sumer needs. The requirements are then transformed into a business requirements
document, which will serve as the guide to develop the overall project vision.
This section outlines the actual requirements identified for the Reference Architec-
ture application, ConsolidatedRetail.com. Note that the business requirements used
here are purposefully limited to the capabilities of an easily installable reference
example.
Functional Requirements
ConsolidatedRetail.com was designed to meet the following functional requirements.
Ease of navigation – The site should be easy to navigate. Links should be clear,
easy to understand, and functional. Users should be able to move easily between
pages and screens.

Chapter 3: Business Requirements and Design Model
33
Ease of use – The application should be easy to use. It should be easy to locate
and buy products and reach the checkout page.
The site should be easy to understand for non-computer experts. The site should
use easy-to-understand metaphors, such as storing products in a shopping basket
or cart
 until the shopper is ready to check out or shopping from a shopping list.
Customers should be able to move products in and out of the list or basket
simply and easily.
Each page on the site should display a consistent interface. Important and
commonly used pages should be available through a single click.
Site access – Users must be able to access the site by:
G Entering the URL into a browser.
G Linking from another site or from e-mail.
User registration/profiling – From any page on the site, a user must be able to
register so that he or she will not have to reenter the same information for each
order. A user should not be required to register to browse; however, registration
is required for checkout. Also, registration is required to sign up for e-mail
newsletters, notification of specials, public and private shopping lists, and so on.
Registration consists of:
Profile information – User name, billing address, primary shipping address,
phone numbers, e-mail address should be associated with each unique,
authenticated user.
Authentication information – User identification (user ID) and password
should be persisted in the application.
Billing information – Users should have an option to enter credit card infor-
mation and have it saved. The application should be able to save multiple
credit card numbers.
Preferences – Users should be able to specify whether or not they want e-mail
notification of shipment status (default Yes), and whether or not they want
notification of sales and specials (default No).
Address book – Users should be able to store multiple shipping addresses.
User registration management – After a user logs on and is authenticated, the
user should be able to modify, add, or delete registration information. All fields
except for User ID should be editable. In addition, the user should be able to
review order status and order history.
Logon/authentication – After a user registers, if that user returns to the site, he or
she should be able to log on from any page on the site.
Browsing – Users should be able to browse the catalogs. From the home page,
users should be presented with a list of catalogs. After a user selects a catalog, he
or she should be presented with sub-categories or actual products. Users should
be able to browse a series of product detail pages in succession by clicking a
single button, such as a Next button or an arrow icon.

34
Reference Architecture for Commerce
Anonymous browsing – Users should be able to browse catalogs anonymously;
that is, users should be able to view products without being logged on.
Multiple catalogs – The application must support multiple catalogs. The
aggregation of products from multiple catalogs should be transparent to users.
Products and categories – The application should permit products to be
associated with one or more catalogs.
Product page – The application should have a product page that includes a larger
picture and/or a more detailed description of each product. Each product can be
added to the shopping basket from this page. From this page the user should be
able to:
G Add products to a shopping basket.
G Browse to the next product.
G Browse to the previous product.
G Return to the previous page.
Product search – Users should have access to free text searches, where users enter
text characters and the search function returns a list of products.
Users should be able to search from the home page and all category and sub-
category pages. Users should be able to type multiple words in the Search field.
If a user specifies multiple words, a Boolean query using “and” as the operator
should be constructed from the words.
If a user is on the home page, Search should default to Search All Categories.
Searches performed on category and sub-category pages should default to Search
Within Category Name. Users can override these default settings by selecting a
particular area of the site or specific category to search.
If a site uses multiple catalogs, Search should work across all catalogs. An excep-
tion to this rule occurs if the site exposes the multiple catalogs (and had a hierar-
chical product listing). Each catalog would be the first level in the category/
product hierarchy. In that case, the default would be to search only the currently
active catalog. Users can override the default and choose to search another
catalog or the entire site. This is similar to the behavior specified for multiple
catalogs described earlier.
Searches should be performed against key words and titles by default.
Product search results – The search results page should show a list of products
and their categories (or catalogs, as appropriate). They should be grouped by
category or catalog. Each search result should provide a hypertext link to the
corresponding product page.

Chapter 3: Business Requirements and Design Model
35
Adding products to the basket –Users should be able to access the following
types of baskets:
Shopping Cart basket – This is the primary type of shopping basket; it holds
the products that a user selects to purchase during this visit. Both authenti-
cated and anonymous users should be able to use this type of basket; how-
ever, an anonymous user must be authenticated to complete the checkout
process.
Save for Later basket – This is a collection of products that a user may con-
sider for purchase in the future. Only authenticated users should be able to
create and save this type of basket.
Shopping list – This is a reusable (or saved) list of products that can be public
or private. Each user can have multiple shopping lists, each with a name and
properties indicating public or private availability. For example, a user can
have private lists entitled “My Ravioli,” or “Weekly groceries,” or “New
travel wardrobe.” A user can have public lists entitled “Human Art 101 – Mrs.
Drawer’s class” or “Wedding Gift Registry.” A user should be able to change a
shopping list from private to public and from public to private. Only authen-
ticated users should be able to create, edit, and save this type of basket.
From any product page, a user should be able to add one or more products to the
basket he or she is currently using. The baskets should not be tied to a particular
catalog; that is, a user should be able to progress from one catalog to the next,
adding products from one or more catalogs.
When a user adds a product to a basket, the basket item count increases auto-
matically. The user should be able to see the number of products in the basket
from any catalog or product page. If the basket used is the Shopping Cart, the
user also sees pricing information as the products are added. The Shopping Cart
provides per product, total product, and total order pricing information.
Using the Save for Later basket – An authenticated user may want to purchase
products stored in a Save for Later basket. To do this, the user opens the Save for
Later basket and chooses one or more products to move into the Shopping Cart.
If the products are no longer available, the user receives an appropriate message.
The Save for Later basket does not save or store pricing information; therefore,
when products are moved, the site must process a price query and display the
price for each product (as it would for any product placed in the Shopping Cart).
Managing the Shopping Cart and Save for Later basket –Users should be able
to perform multiple operations that manage the contents of both the Shopping
Cart and Save for Later basket. These operations include:
G Moving a product from the Save for Later basket to the Shopping Cart basket
G Moving a product from the Shopping Cart basket to the Save for Later basket
G Changing quantities (Shopping Cart basket only)
G Deleting products from the Save for Later basket or the Shopping Cart basket

36
Reference Architecture for Commerce
Using a public shopping list – A site visitor who wants to order from a public
shopping list locates the list by searching the site using some form of query. The
site displays the names of all lists that match the query, and the user selects a list
to view. The user selects products from the public shopping list, the products are
added to the user’s shopping basket, and information on pricing is displayed.
If a selected product is no longer available, the user receives an appropriate
message.
Creating and using a private shopping list – An authenticated site user can
create a list of products that he or she orders repeatedly. The user can create a
new shopping list and add products to it or can add products to a list he or she
created during a previous visit. To create a new shopping list, the user must
supply a name for the list and must specify whether or not the list will be pub-
licly available. At any time, a user can change a list that he or she created from
public to private and from private to public.
To purchase products from a shopping list, the authenticated user locates and
opens the list, and then selects one or more products to purchase. The selected
products are added to the user’s Shopping Cart basket, and price and quantity
information is displayed. If a selected product is no longer available, the user
receives an appropriate message.
Banner advertisement – Users can choose to view a banner advertisement, which
displays detailed information about the Shopping Cart and the Save for Later
baskets.
Checking out – Users should be able to check out from any screen. When check-
ing out, each user is shown all ordered products (the Shopping Cart basket). At
this point, the user can edit the Shopping Cart basket contents. If the user con-
firms the contents of the basket, the shipping screen should appear. Each product
is associated with the user’s primary shipping address. The user can override
this address with one from the address book or with a new address. If the user
adds a new address, he or she chooses to save the new address in an address
book.
After the user attaches an address to each product (or accepts the default ad-
dress), the user can go to the Shipping screen and choose the delivery method for
each address. (The site owner determines the default method.) After selecting
each delivery method, the user progresses to the Payment screen. After selecting
a payment method, the user advances to the Order Summary screen. This screen
should be divided by shipping addresses. Under each address, the product
description(s), product cost, and total cost (if appropriate) are listed. The total
product cost is sub-totaled, the shipping cost listed as a line item and sub-
totaled, and then the tax is listed and the total for that address.

Chapter 3: Business Requirements and Design Model
37
After all addresses are totaled, a grand total is listed at the end of the page. The
user has the opportunity to:
G Accept the order.
G Modify the order.
G Cancel the order.
G Continue shopping.
If the user chooses to modify the order, the Manage Basket page appears. If the
user chooses to cancel, the Shopping Cart basket clears. If the user chooses to
continue shopping, the Home page appears.
If the user chooses to accept, the Payment page appears. If the user has saved
credit card information on the Registration page, this information appears on the
Payment page. The user can choose that credit card or override the saved infor-
mation and provide new credit card information. If the user adds new credit
card information, he or she should have the option of adding the new informa-
tion to the saved Registration information. After the user selects or enters credit
card information, he or she can:
G Cancel the order.
G Modify the order.
G Continue shopping.
G Submit the order.
If the user submits the order, a confirmation page with the order number
appears.
Shipping choices – The following shipping choices must be supported:
G Ground delivery
G Second-day delivery
G Overnight delivery
G International delivery
Order status notification – Users can choose to receive e-mail notification of
order status.
Shipping calculation – Shipping costs are calculated based on the shipper type
(such as UPS) or other rules determined by the site owner.
Tax calculation – Tax must be calculated based on rules set by the site owner.
These rules should include:
G Location of sale
G Shipping address
G Type of merchandise
The tax information is displayed on the Order Summary screen during checkout.

38
Reference Architecture for Commerce
Order summary – This screen displays the address, product description(s),
product cost(s), shipping charges, taxes, and total cost (if appropriate), for each
order.
Address book – Registered users are placed in the address book. This book can
hold unlimited shipping address information, although the site owner can set
limits.
Order cancellation – Users must be able to cancel orders at any time before they
are submitted. When a user cancels an order, the Shopping Cart basket empties.
Saved products are not affected.
System Requirements
The site must meet the following system-wide requirements:
Globalization – The application should have the ability to be customized for
different cultural contexts. That is, the interface colors, navigation layout, page
structure, and language should be modifiable.
Performance – Users should experience consistent performance each time they
visit the site. The site should perform as well as other enterprise e-commerce
applications in use.
Scalability – The site should scale both up and out. Response time should be
quicker if faster disks and CPUs are added or if more RAM is added. Response
time should also improve if more servers are added to the Web farm. Servers in
the Web farm should be able to handle requests appropriately.
Availability – The site should be functioning and should have no single point of
failure. It should trap errors, and errors should not prevent users from accessing
authorized areas of the site. The site should accept users at all times.
Manageability – There should be a management interface that allows for the
modification and management of company reports, catalogs, orders, shipping
costs, tax rates, and user accounts.
Security – The site should protect confidential information such as credit card
numbers. The site should display the privacy policy and any pertinent copyright
information. User IDs and passwords should protect sensitive information from
access by unauthorized personnel.
Accessibility – The site must function properly on multiple client devices. The
site should work on down-level browsers as well as newer browsers.
Production Environment Requirements
The site must be thoroughly tested before it is launched as a production system. The
following types of testing should be performed:
Usability testing – The site should be evaluated by a number of users to verify
that it is easily understood and navigated.

Chapter 3: Business Requirements and Design Model
39
Functional testing – The site should be tested to ensure that all features function
as designed and as expected.
Performance testing – The site should meet appropriate performance bench-
marks (as determined by the project team), even during peak load periods.
Staging – The site should be rolled out and then fully tested on a test deployment
system that approximates the production system. Test scripts should reflect the
projected maximum number of users and transactions.
Test report – The full test report should be completed and reviewed prior to site
rollout.
Documenting the Business Requirements
After the basic requirements are identified, they should be captured, communi-
cated, and approved in a Vision/Scope document that identifies the application
business value, requirements and limitations, and the personnel required to plan,
design, and complete the project. Thereafter, the design process can begin.
The next section describes the application design model and design process used in
the creation of ConsolidatedRetail.com.
The MSF Application Model
The ConsolidatedRetail.com application is designed to follow the three-tier model
as defined by the Microsoft Solutions Framework (MSF). This model groups the
services provided by an application into three abstract layers so that the resulting
application can be both flexible and scalable. Any one layer can be altered without
adversely affecting the other two, thus allowing the application to change and grow
as user demand and technology changes dictate.
The three tiers are:
Presentation services – The presentation services of an application are used to
render data for display to the user and accept user input.
Business services – Sometimes referred to as application services, the business
services of an application enforce the business rules. In a typical e-commerce
application this might include ensuring that a user is authenticated before
allowing that user to place an order, retrieving appropriate content based on a
user’s profile, and verifying that all of the steps involved in processing an order
are performed in the correct sequence.
Data services – The data services in an application include the logic necessary
to store, retrieve, and modify data, as well as the data integrity rules that the
application must enforce. In an e-commerce application this might include
processing of catalog, user, and order data.

40
Reference Architecture for Commerce
Note: You can find more information about MSF at http://www.microsoft.com/msf/
Why Use the MSF Application Model?
In addition to the flexibility and scalability benefits discussed earlier, the MSF three-
tiered application model has distinct advantages in terms of developing, deploying,
and managing the application over time. The primary advantages to using the MSF
three-tiered approach to application architecture are that it provides:
Abstraction – Because the services are abstracted from one another, each tier of
the application can be developed, maintained, and enhanced independently
of the others. Thus, three different development teams can work on the same
application project.
Distribution – Because logical tiers are independent, they can be deployed in a
distributed fashion across multiple servers.
Reuse – Different client devices can use the services provided by each tier. For
example, the business services for an e-commerce site could be used by one set of
presentation services to provide a Hypertext Markup Language (HTML) inter-
face for a Web site and also by another set of presentation services for a mobile
phone that has Wireless Application Protocol (WAP) enabled. Some of the busi-
ness services can also be configured as Web services by various line-of-business
(LOB) applications or by complementary applications supplied by trading
partners.
In addition to following the three-tiered design model, the designers and develop-
ers of ConsolidatedRetail.com followed the MSF design process. The next section
describes this process.
MSF Application Design Process
The first step in building an effective application of any kind is to create an effective
design. There are many approaches to software design, each with its own strengths
and weaknesses. When deciding on the design process you want to use, you should
be sure that the process provides distinct phases that progress toward an actual
software implementation, and that the process is flexible enough to incorporate
requirement changes during these phases.
The MSF application design model not only defines the services-based architecture
for a distributed application, but it also defines an iterative design process where
software is designed in a sequence of conceptuallogical, and physical phases.
Conceptual phase – The conceptual phase views the challenge from the perspec-
tive of the user and/or the business. The primary goal of the conceptual phase is
to define the challenge and the solution concepts.

Chapter 3: Business Requirements and Design Model
41
The functional specification document is the end result of the conceptual phase.
Logical phase – The logical phase views the design objectives and challenges
from the perspective of the project team. The primary goal of the logical phase is
to map the conceptual design into logical components.
The team uses the user scenarios (or use cases) identified in the conceptual phase
to build a logical model of the components in an object-oriented software solu-
tion. Object-oriented solutions encapsulate business functionality in software
representations of real-world objects, which are defined by classes in an object-
oriented design.
Physical phase – The physical phase views the design objectives and challenges
from the perspective of the developer. The primary goal of the physical phase is
to apply the logical design to physical requirements and constraints.
Because the physical phase approaches the design problem from the perspective
of the developer and the task is to define the physical implementation, the
technical specification document is the product of the physical design phase.
Conclusion
This chapter provided a general overview of e-commerce requirements, as well as
the specific requirements outlined for the ConsolidatedRetail.com application. It
also provided an overview of the MSF application model and design process. The
next chapters discuss in greater detail the conceptual, logical, and physical design
phases and the deliverables produced at each phase along the way.


4
Conceptual Design Phase
During the conceptual design phase, the design team identifies and documents
the complete project vision, based on the previously identified business and user
requirements. The team prepares usage scenarios (derived from use cases) based
on these requirements and then creates a functional specification document that
explains in detail how the application will work from the viewpoint of both the
user and the business or supplier of the e-commerce application. This functional
specification document is the end deliverable of the conceptual phase.
The design team creates usage scenarios by elaborating upon use cases. A use case
is simply a textual description of an interaction between an external actor (which
can be a user or an existing system) and the application (or components) being
designed. Actors can also be services, components, and so forth, as well as users.
The two main pieces of information to determine when creating use cases are the
actor’s action and the expected result. Use cases are typically sketched out during a
whiteboard (or brainstorming) session in which they are quickly outlined and given
descriptive names. They are then worked out in more detail and ordered somewhat
linearly.
The remainder of this chapter describes each of the usage scenarios developed for
the ConsolidatedRetail.com application and provides use case diagrams of the
action(s) that each scenario portrays.
Reference Architecture Usage Scenarios
During the conceptual design phase, the designers of the Reference Architecture
application identified the usage scenarios described in the following sections.

44
Reference Architecture for Commerce
Usage Scenario 1: A Customer Logs On to the Site
To log on, a customer navigates to the logon page, and then enters his or her user
name and password. The user name and password are authenticated by the system.
If the user enters a valid user name and password, a page appears containing links
that allow the user to update user profile information and view his or her order
history, as described in Usage Scenario 8.
If the customer leaves the user name field blank, the user is informed that the user
name field must be filled in.
If the customer leaves the password field blank, the user is informed that the
password field must be filled in.
If the customer enters an invalid user name, the logon page is redisplayed with an
error message indicating that the user name is invalid.
If the customer enters a valid user name but an invalid password, the logon page is
redisplayed with an error message indicating that the password is invalid.
If the customer indicates that he or she forgot the password, the customer is pre-
sented with the option of entering a user name and receiving the password in an
e-mail message.
After the customer logs on, he or she may be greeted with a personalized message
or a list of products he or she may be interested in, based on prior purchases.
Figure 4.1 is a use case diagram that illustrates the logon function:
ConsolidatedRetail.com
Login
Customer
Figure 4.1
Logon Function
Usage Scenario 2: A Customer Searches for Products
An anonymous or authenticated customer can search for products by entering the
title, text, a description of a product, or text combined with search parameters (such
as greater than [>], less than [<], or equal [=]). The system displays all products that
match the criteria or keywords entered.
In addition, the customer can navigate to the search box and search for products by
entering a partial product name. The system displays products that most closely
match the search criteria.

Chapter 4: Conceptual Design Phase
45
Figure 4.2 is a use case diagram that illustrates a customer initiating a search:
ConsolidatedRetail.com
Login
<<include>>
Customer
View Product
Figure 4.2
Customer Initiating a Search
If the customer enters a product name and that product is not available or if the
customer enters an incorrect product name, the search results display a message
indicating that no products matched the search criteria.
If the customer enters keywords or parameters that do not match descriptions of
products, the system displays a message indicating that no products matched the
search criteria.
Usage Scenario 3: A Customer Browses for Products
The Web site contains a number of catalogs, or groups of related products. To
browse, a customer selects a catalog. The categories and products in the root of the
selected catalog are displayed. The customer can then select a category and view
the products and subcategories in the selected category or select a product to view
its details.
Figure 4.3 is a use case diagram that illustrates the browse process:
ConsolidateRetail.com
Browse Catalog
<<include>>
View Product
Figure 4.3
A Customer Browses

46
Reference Architecture for Commerce
When a customer selects a product to view its details, the customer sees a picture
and a text description of the product. The customer may also see a list of related
products or a list of products that other customers bought at the same time that
they bought this product.
The customer can return to the catalog to continue browsing or go directly to the
next or previous product detail page.
Usage Scenario 4: A Customer Uses a Shopping Basket
A customer can use the following three basket types:
Shopping Cart basket. This basket contains products that a customer is consid-
ering for purchase during this visit. Both anonymous and authenticated users
can use this type of basket.
Save for Later basket. This basket contains products that a customer is consider-
ing for a future purchase. Only authenticated users can use this type of basket.
Public or private shopping list. This basket contains products that a customer
purchases repeatedly or purchases for a specific purpose. Only authenticated
users can create, edit, or use this type of basket. (Shopping list usage is covered
in greater detail later in this chapter.)
When a customer displays a basket, the basket can be empty or it can contain
products that the customer added during the current session or didn’t purchase or
delete during a previous visit.
If the basket is empty, the application displays a message informing the customer
that the basket is empty.
If the basket contains one or more products, the application displays the following
information:
G A Shopping Cart basket shows the product name, options selected (such as size
and color), quantity, price per product, and total for each product, and the total
amount for all products selected.
G A Save for Later basket shows the product name and options selected (such as
size and color). It does not include quantity, totals, or prices.
G A shopping list shows the product name, options selected, and quantity. It does
not include pricing information or totals.
If the customer chooses to add a product to the Shopping Cart basket, the customer
locates the product on a shopping list, by browsing, or by using the search feature,
and selects the product. The product is added to the Shopping Cart basket. The user
can then move the product to the Save for Later basket or copy it to a shopping list.
If the customer chooses to save a product for purchase later, the product is moved
to the Save for Later basket and is deleted from the current shopping basket. Simi-
larly, if the customer wants to purchase a product contained in the Save for Later

Chapter 4: Conceptual Design Phase
47
basket, the product is moved to the Shopping Cart basket and removed from the
Save for Later basket. If the customer chooses to add the product to a shopping list,
the product is copied to the shopping list, but it is not removed from the Shopping
Cart or Save for Later basket.
If the customer chooses to delete a product, the application removes that product
from the basket or list.
If the customer chooses to delete all products, the application removes all products
from the basket or list.
If the customer changes the quantity of a single product, the application updates the
basket to reflect that product quantity (Shopping Cart basket only).
If the customer updates the basket, the application recalculates the products and
totals for each product line of the basket, and also recalculates the grand total for all
products in the basket (Shopping Cart basket only).
When the customer has finished reviewing or updating a basket, the customer can
choose to check out or continue to shop.
Figure 4.4 is a use case diagram that illustrates the use of a Shopping Cart basket:
ConsolidatedRetail.com
Remove All Items
View Product
<<include>>
Customer
<<include>>
Change Quantity
Update Cart
<<include>>
View Basket
Figure 4.4
A Customer Manages the ShoppingCart
Usage Scenario 5: A Customer Creates a Shopping List
An authenticated user can create a public or private shopping list that contains
products such as the contents of a favorite recipe, required materials for an activity
or class, or a list of products that the customer purchases repeatedly. The products
in a shopping list are not part of the current order, nor are they part of a save for
later basket.
The user creates and provides a name for the list, specifies whether it is a public or
private list, selects products to add to it, and then saves the list.

48
Reference Architecture for Commerce
A customer can add products to a new or existing shopping list that he or she
created, purchase products from a public shopping list, purchase products from a
private shopping list that he or she created. The customer can also convert a private
shopping list that he or she created to a public list or vice versa.
To add a product to a shopping list, the customer locates and selects the product,
and then indicates that the product is to be added to the specified list.
Figure 4.5 is a use case diagram that illustrates the create list process:
ConsolidatedRetail.com
Create list
Search for Products
Customer
<<include>>
Save list as 
Add product to list
public or private
<<include>>
Specify quantity
<<include>>
Review List
Figure 4.5
A Customer Creates a Shopping List
The user who creates a shopping list is the only user who can perform management
operations on that list. Management operations include:
G Editing the list of products.
G Adding products to the list.
G Removing products from the list.
G Changing the list from public to private or from private to public.
G Deleting the list.
Usage Scenario 6: A Customer Shops from a Shopping List
A customer can shop from a public shopping list created by someone else or from a
private shopping list that he or she created. To shop from a private shopping list,
the customer must first be authenticated. To locate a public shopping list, the
customer searches by the user name of the list creator. When the customer displays
a shopping list, the list may be empty (in which case, it isn’t a list at all), or it may
contain products.

Chapter 4: Conceptual Design Phase
49
If the list is empty, the application displays a message informing the customer that
the list is empty.
If the list contains one or more products, the application displays the product name
and quantity for each product.
If the customer chooses to purchase a product or products from the list, the cus-
tomer selects the products to be purchased, and then specifies whether the products
are to be ordered now or saved for later.
If the customer chooses to save a product for purchase later, the product is copied
to the Save for Later basket. Similarly, if the customer wants to purchase a product
now, the product is copied to the Shopping Cart basket. In either case, the original
list remains unchanged.
When the customer finishes shopping from the list, he or she can choose to check
out or continue to shop.
Figure 4.6 is a use case diagram that illustrates the use of a shopping list:
ConsolidatedRetail.com
Locate list
View list
Customer
Select products 
<<include>>
Update
to purchase now
shopping basket
Select products 
<<include>>
Update save for
to purchase later
later basket
Figure 4.6
A Customer Shops Using a Shopping List
Usage Scenario 7: A Customer Completes a Purchase
The customer indicates that he or she is ready to check out and purchase the prod-
ucts in the Shopping Cart basket.
If the customer is not currently logged on, the customer is required to enter a valid
user name and password as described in Usage Scenario 1. The application then
displays the list of shipping addresses associated with the current user. The cus-
tomer can choose one of these addresses, edit an address, or add a new address. The
customer can also specify that different products in the shopping basket be shipped
to different addresses.

50
Reference Architecture for Commerce
If the customer specifies a single shipping address, the application prompts the
customer to select a shipping method from the list of available shipping methods.
If the customer specifies that multiple addresses be used, the application prompts
the customer to select an address and shipping method for each product in the
shopping basket.
If the customer chooses to add or edit an address, the application redirects the
customer to one of the shipping information pages described in Usage Scenario 8.
After the customer provides the shipping address and shipping method informa-
tion, the application prompts the customer to confirm the billing address and
provide the credit card type, account holder name, account number, expiration
month, and expiration year.
If the customer does not specify a billing address, the application displays a page
that allows the customer to specify a billing address as described in Usage Scenario 8.
Figure 4.7 is a use case diagram that illustrates the checkout functionality:
ConsolidatedRetail.com
<<include>>
{if anonymous}
Checkout
Login
<<include>>
Edit Shipping Address
Add New Shipping Address
<<include>>
Edit Billing Address
Add New Billing Address
Figure 4.7
A Customer Checks Out
Next, the application displays a page with a summary of the order, shipping, and
payment information. The customer can confirm the order or modify the information.
If the customer chooses to modify the order, the customer is returned to the Shop-
ping Cart basket page as described in Usage Scenario 4.
If the customer confirms the order, a message thanking the user and a unique order
number are displayed.
Finally, the application sends out an order confirmation e-mail message to the user
that confirms the purchase.

Chapter 4: Conceptual Design Phase
51
Usage Scenario 8: A Customer Provides Shipping and Payment
Information
If a customer browses the site anonymously, he or she must enter a user name and
password as described in Usage Scenario 1. The My Account page contains links
to pages that allow a customer to change account information, change shipping
address information, change billing address information, change the password, and
view order history.
If a customer chooses to change his or her account information, the application
displays a page that allows the customer to edit the first name, last name, e-mail
address, phone number, and fax number for the account.
If a customer chooses to edit address information, the application displays a page
that lists each address associated with the account. A customer can add a new
address or edit or delete an existing one.
If a customer chooses to add a new address, the application displays a page that
prompts the customer to supply a name for this address entry, a recipient name,
two lines of street address information, a city, a state, a zip code, and a phone
number.
If a customer leaves the Listed As, Recipient Name, Address Line 1, City, State, or
Zip Code field blank, the application prompts the customer to fill in the missing
data. If the customer chooses to edit an address, the application displays the ad-
dress fields and the customer can modify them. If the customer chooses to delete
an address, the application deletes the address record from the account.
If a customer chooses to change his or her billing address, the application displays a
page that prompts the customer to supply a name for a particular address entry, a
recipient name, two lines of street address information, a city, a state, a zip code,
and a phone number.
If the Recipient Name, Address Line 1, City, State, Zip, or Listed As field is left
blank, the application prompts the customer to enter the missing data.
If a customer chooses to view his or her order history, the application displays a
page that shows the details of orders that the customer placed previously.
If a customer chooses to change his or her password, the application displays a page
that prompts the customer to enter the old password, the new password, and
confirmation of the new password. When the customer submits this data, the
application checks that the old password matches the password in the account and
the new password matches the confirmation. If they all match, the system changes
the password associated with the customer. If they don’t match, an error message
appears, and the application prompts the customer to change the password again.
Figure 4.8 on the next page is a use case diagram that illustrates this scenario.

52
Reference Architecture for Commerce
ConsolidatedRetail.com
Edit Shipping Address
Add New Shipping Address
<<include>>
Add Address
Edit Billing Address
Add New Billing Address
<<include>>
Edit Profile
Figure 4.8
A Customer Provides Shipping and Payment Information
Conclusion
This chapter described the process for identifying usage scenarios and developing a
conceptual design for an e-commerce application. Figure 4.9 is a use case diagram
that illustrates the cumulative usage scenarios for customer purchase activities:
Consolidated Diagram
Browse Catalog
<<include>>
View Product
Search
<<include>>
View Basket
<<include>>
<<include>>
Change Quantity
Update Cart
<<include>>
Remove Item
Remove All Items
Login
<<include>>
{if anonymous}
Checkout
Edit Billing Address
Add New Biiling Address
<<include>>
Add Address
Edit Shipping Address
Add New Shipping Address
<<include>>
Figure 4.9
Cumulative Usage Design Diagram

Chapter 4: Conceptual Design Phase
53
Usage scenarios and the use cases from which they are derived should describe the
expected behavior of the application in multiple business processes. Usage sce-
narios should also provide a conceptual description of what the application must
do, and provide the basis for the logical design of the components in the applica-
tion. And, because the design process is iterative, new use cases can be incorporated
into the design if a previously undiscovered interaction is identified later in the
development process.


5
Logical Design Phase
The goal of the logical phase is to convert the functions that were defined in the
conceptual phase into an abstract model that identifies the cooperating logical
components that support the solution.
The resulting logical design does not identify specific technologies. Instead, the
objective of this phase is to analyze and understand the functionality before making
any technology commitments. For example, when a team designs an e-commerce
solution, in the logical phase, a component called Users might be identified as a
necessary service that keeps track of the collective set of users who are accessing the
application. In the physical design phase, however, the design team could choose
to use Microsoft® Commerce Server 2000. In this case, the MSCSProfileService
component in Commerce Server provides the physical implementation of the
Users component.
If the final application design includes custom components (that is, components
that are not provided in available solutions or products), the corresponding compo-
nents identified in the logical phase can be translated directly into the physical
phase. For example, if a user object is defined in the logical phase and the team
decides that this object is to be a custom object, the logical design for the user object
would be repeated in the physical phase.
The remainder of this chapter outlines the logical design process used in the design
of ConsolidatedRetail.com and provides detailed descriptions of the logical compo-
nents required to meet the usage scenario requirements.
Creating the Logical Design
The first step in the creation of a logical application design is to identify the busi-
ness objects (the components) that will provide the required functionality. In addi-
tion to identifying the required objects, the team must identify the behaviors,

56
Reference Architecture for Commerce
attributes, and relationships that each object has. The team uses the usage scenarios
created in the conceptual phase to identify these objects and their relationships,
behaviors, and attributes.
For example, the following is Usage Scenario 3:
The Web site contains a number of catalogs, or groups of related products. To
browse, a customer selects a catalog. The categories and products in the root of
the selected catalog are displayed. The customer can then select a category and
view the products and subcategories in the selected category or select a product
to view its details.
The team then analyzes this scenario to identify the aspects that support the solu-
tion. The team performs the following tasks:
1. Identify the business objects in the scenario.
2. Identify the behaviors of these objects.
3. Identify the attributes, or properties, of the objects.
4. Identify the logical relationships between the objects.
These tasks are described more fully in later sections of this chapter.
After these tasks are completed and documented for each usage scenario, the team
is finished with the logical design phase. Refer to the “Completed Logical Design”
section later in this chapter for an example of the completed design for the
ConsolidatedRetail.com application.
Unified Modeling Language
The Unified Modeling Language (UML) is a tool used to illustrate how systems
work. It can be very useful in describing a system visually in order to analyze it
more fully. Using UML is an easy way to diagram components, interactions, rela-
tionships, and more.
Often, UML is used in the logical phase to facilitate the analysis of the design.
The following sections, which describe the tasks involved in creating a logical
design, each provide examples of simple UML diagrams.
Identifying Objects
When analyzing a usage scenario, the first task is to identify the objects in it. An
object is generally a business entity or process that appears in the usage scenario.
For example, in the following paragraph, the objects are identified in bold:
The user selects a catalog to browse. The categories and products in the root of the
selected catalog are displayed. The user can then select a product to view its details
or select a category and view the products and sub-categories in the selected category.

Chapter 5: Logical Design Phase
57
In this scenario, the following objects are used:
G User
G Catalog
G Categories
G Product
G Products
Figure 5.1 is a UML diagram that illustrates the objects identified in this example.
User
Catalog
Categories
Product
Products
...
...
...
...
...
...
...
...
...
...
Figure 5.1
Objects
These five objects serve as the base objects for this scenario; however, there are
situations when additional objects are needed for the scenario to function, even
though these objects are not specifically listed in the scenario. You can identify these
additional objects by examining behaviors that have no apparent objects associated
with them. To identify these objects, you must first identify the behaviors.
Identifying Behaviors
After you identify the obvious set of objects, the next step is to identify their respec-
tive behaviors, also known as methods or services.
To identify object behaviors, you must first evaluate what is being done in the
scenario. For example, in the following paragraph, the actions are identified in bold:
The user selects a catalog to browse. The categories and products in the root of the
selected catalog are displayed. The user can then select a product to view its details
or select a category and view the products and sub-categories in the selected category.
The first thing that happens is that a user selects a catalog. Figure 5.2 is a UML
diagram that illustrates the User object as having the Select Catalog behavior.
User
Select Catalog
...
...
Figure 5.2
User Object Behavior

58
Reference Architecture for Commerce
As mentioned previously, behaviors that have no apparent objects associated with
them must be derived from the scenario. It follows that because the user selects a
catalog, there must be some sort of mechanism that allows a catalog to be selected
from a list of catalogs. You could then logically assume that a Catalogs object, which
manages the collection of Catalog objects, is present. You should add this new object
to the list of objects that were defined.
After you define the Catalogs object, you can define the first action as Select Catalog
and this behavior belongs to the Catalogs object.
You then need to continue to evaluate each sentence of the scenario until you
identify all of the requisite objects and their associated behaviors.
Identifying Attributes
After the behaviors are identified, the next step is to identify the attributes (also
known as the properties), of the objects that have been defined. Attributes are ele-
ments that the solution needs to keep track of. They are placeholders in which data
is retained, or persisted.
You can identify attributes by analyzing the behaviors in the scenario and extract-
ing what elements have to be persisted, or tracked. For example, in the previous
section, the usage scenario specifies that the user is able to view a product. When
a product is viewed, those elements that are shown to the user are attributes of the
product. For example, if the business requires that the product description and price
be shown, those elements become attributes that are identified on the objects.
Figure 5.3 is a UML diagram that illustrates the User object as having the attribute
Name.
User
Select Catalog
...
Name
...
Figure 5.3
User Object Attribute
Identifying Relationships
After the objects, their behaviors, and attributes are defined, the next step is to
identify relationships. Relationships are logical associations between objects.
To identify relationships, it is necessary to analyze how the objects interact with
each other. For example, the Categories object has a relationship with the Category
object because the Categories object, which manages the collection, contains Cat-
egory objects.

Chapter 5: Logical Design Phase
59
It is important to note that there is another type of relationship known as inheritance,
which deals specifically with the situation where one object defines another. For
example, if the solution being designed was going to sell food and books but the
designers wanted to logically differentiate between them, then a relationship might
be defined where both Book and Food objects are a type of Product object. That is,
they both inherit from the Product object.
In the Reference Architecture for Commerce solution, no inheritance relationships
were defined in the logical phase. In some e-commerce solutions, however, relation-
ships may be important.
Completed Logical Design
During the logical design phase for the Reference Architecture application,
ConsolidatedRetail.com, the design team identified the following objects as an
abstract set of components needed to support the solution. (These objects are listed
in alphabetical order, rather than in order of use.)
Authentication – The authentication object handles user registration and
authentication.
Catalog – The catalog object persists information about a specific catalog and
manages the collection of products within that catalog.
Catalog manager – The catalog manager object manages the collection of
catalogs.
Category – The category object persists information about specific categories.
Category manager – The category manager object manages the collection of
categories.
Configuration – The configuration object persists application configuration
information and handles configuration-related tasks.
Data functions – The data functions object performs data-specific functions, such
as opening a connection to a database.
E-mail – The e-mail object is used to send electronic mail messages, such as order
confirmation messages, to the users.
Error handler – The error handler object is called when an error occurs. It handles
the user-friendly error translation and log errors.
Order – The order object persists information about specific orders.
Product – The product object persists information about specific products.
Search – The search object is used to search the catalogs and return the results of
product searches.
User – The user object provides a means by which information is persisted about
specific users. In addition, it manages the collection of user orders.
User manager – The user manager object manages the collection of users.

60
Reference Architecture for Commerce
Figure 5.4 illustrates how the primary objects relate to one another and to the use
cases identified in Chapter 4.
aCustomer
aCatalog
aCategory
aProduct
Browse()
Categories()
ViewProducts()
Products()
GetDetails()
ProductDetails()
Figure 5.4
Object Relationships
Conclusion
This chapter described the four-step process for identifying the objects, or business
components, that comprise an e-commerce application, as well as the attributes,
behaviors, and inter-relationships of these objects. The end result of this process is
the creation of a logical design that is used as the basis for the technical design and
specification.
Remember that the resulting logical design does not identify specific technologies.
These technologies are identified in the physical design phase, which is the subject
of the next chapter.

6
Physical Design Phase
The physical design phase is a transition in which real-world physical design
constraints are applied to the logical design. After you identify the logical compo-
nents, the next task is to analyze which pieces already exist, what can be reused or
modified, and what new pieces must be created.
As mentioned previously, the physical design processis approached from the
perspective of the developer. The product of this phase is a complete implementa-
tion design or blueprint, in the form of a technical specification document that the
development team will use to build the application.
The physical phase can be broken into three smaller tasks, as follows:
Research – The team determines physical infrastructure constraints and solution
requirements, and manages the conflict between the two. Also, the team identi-
fies prospective implementation technologies.
Analysis and rationalization – The team selects the implementation technologies
that will be used, and decides how to meet the defined business requirements.
Implementation – The team chooses the programming model, specifies the
component interface, and selects the development language.
The remainder of this chapter discusses each of these tasks in detail, providing
examples where appropriate.
The Research Effort
The first part of the physical phase is to research and gather information about the
following topics:
G Physical solution requirements
G Physical constraints
G Existing technology candidates

62
Reference Architecture for Commerce
Client requirements are implicit in the requirements document and are further
defined during the logical phase; however, the team may need to research and
identify the real world constraints and existing technologies.
Identifying Physical Solution Requirements
Physical solution requirements are requirements that specifically dictate the infra-
structure design. In Chapter 3, the following system requirements were defined:
G Globalization
G Performance
G Scalability
G Availability
G Manageability
G Security
G Accessibility
The following sections expand on each of these topics.
Globalization
Globalization, or internationalization, is the process of developing a program core
where the feature design and code design do not make assumptions based on a
single language or locale and where the source code simplifies the creation of
different language editions of a program.
Globalization allows you to port an application to different cultural contexts. In the
early days of programming, this simply meant supporting multiple languages (for
example, by supporting Unicode), but globalization concerns also affect interface
decisions such as color, navigation layout, page structure, and more.
The globalization process requires careful screening of an application or a Web page
for known geographic and cultural issues. Steps in the globalization process include
researching language and cultural issues, verifying known issues with language
specialists, and, when possible, verifying known issues with company representa-
tives in the specific market locales.
To support these cultural distinctions, you might define the following physical
requirements:
G Use nVarChar instead of VarChar in the database.
G Provide the ability to customize the interface.
Performance
Performance is referred to in terms of total system throughput and response time.

Chapter 6: Physical Design Phase
63
Total System Throughput
Total system throughput is measured in transactions per second (TPS) and is a
measure of how many specific sets of service requests (known as transactions) that
the system can perform. In the case of an e-commerce application, the transaction
might consist of the following things carried through in sequence until conclusion:
G User comes to site
G User browses catalog to item
G User adds item to Shopping Cart basket
G User registers.
G User checks out.
TPS is then the maximum number of these transactions that the system can process
per second. As stated in the business requirements, the Reference Architecture for
Commerce application is designed to handle at least 4,800 of these transactions per
hour, when the following development configuration is used:
G 4 PIII 500mhz, 1GB RAM, servers running Microsoft® Internet Information
Services (IIS) and Microsoft Commerce Server
G 1 PIII 500mhz, 1GB RAM, server running Microsoft SQL Server™
Response Time
Response time is the amount of time between a user request and the system re-
sponse; it is the most relevant measure of performance for the user. Response times
are typically expressed as a percentage and response, for example, “90 percent of all
requests should respond within 5 seconds” means that the user should have to wait
no longer than 5 seconds for 90 percent of the requests that he or she makes before
the user should assume that the application is no longer functioning properly.
The requirement of the Reference Architecture for Commerce application is 95
percent within 5 seconds.
Scalability
Scalability is the ability of the site capacity to increase when resources are added. To
the user community, this means the ability of the site to continue to provide accept-
able response times when a large volume of users accesses the site concurrently.
As explained earlier, there are two approaches to scalability, scaling up and
scaling out.
Scaling Up
Scaling up is achieved by adding more processing power to the servers in the form
of more and/or faster CPUs, more RAM, faster disks, and so on. This approach can
be very effective, particularly in the data tier, where very large databases require

64
Reference Architecture for Commerce
respectively large processing power. However, this approach becomes less cost-
effective the closer to the top end a server is because hardware costs rise exponen-
tially with processing power.
Scaling Out
Scaling out involves sharing the processing load across multiple servers in a cluster,
known as a Web farm. Web farms are a much more cost-effective use of hardware
and provide a more flexible and extensible solution. As the load on a site increases,
servers can be easily added to the Web farm.
To enable scaling out, you must avoid using server-specific session memory, such as
the Session object in Active Server Pages (ASP), to persist information. This is due
to the following:
G User sessions become tied to particular servers (session affinity), which under-
mines network load balancing strategies for dynamically assigning requests to
servers. This also undermines the reliability of server farms because a user’s
session cannot be transferred to another server if the original server fails (and
loses the session state information in its memory).
G Memory resources are consumed on the front-end server for persisting the
details of users’ session state, reducing the availability of memory for processing
requests, and caching content. Given the number of users that a popular site can
attract in a short time, the memory requirements for state maintenance can be
excessive. To combat some of the memory requirements, Commerce Server
implements heavy use of caching. Profile schemas, discounts, and campaigns
are all cached.
Availability
Availability is a measure of the ability of clients to connect with and use a resource
at any point in time.
One way to understand high availability is to contrast it with fault tolerance. These
terms describe two different benchmarks measuring availability. Fault tolerance is
defined as 100 percent availability 100 percent of the time, regardless of the circum-
stances. A fault tolerant system is designed to guarantee resource availability.
A highly available resource is almost always operational and accessible to clients.
As such, it can’t have a single point of failure. Server clusters and network load
balancing are two approaches designed to keep system resources available.
Before you deploy a site, you should protect against server failure by using a
combination of the following methods:
G Geographically dispersed data centers
G Uninterruptible dual power supplies
G Data backups

Chapter 6: Physical Design Phase
65
G Clustered servers, where several computers function as a single server
G Data replication
G Network load balancing to share the load across several duplicate servers to
ensure availability, scalability, and a consistent user experience
Manageability
Manageability is the ability to perform site administration tasks. In the case of an
e-commerce application, this includes configuring catalogs, promotional specials,
shipping costs, tax rates, user accounts, and providing a reporting mechanism for
site usage, trends, and so on.
Having an all-pervasive management infrastructure allows business managers to
configure the site to respond to trends in the marketplace and competitor activity.
Security
Security in its most basic form means to ensure protection of data or devices from
unauthorized access or use. In the context of an e-commerce application, the follow-
ing are some of the data that should be secured:
G Sensitive user information
G Credit card numbers
G Non-public product data
There are three main aspects to designing application security: authentication,
authorization, and encryption.
Authentication
There are two main approaches to user authentication in a distributed solution
such as an e-commerce site. These can broadly be described as the impersonation
/delegation
 model and the trusted server model.
Both models assume that an n-tiered application is in place. Users make a connec-
tion to the middle-tier, in this case, the Web farm, which in turn accesses data
or services from the back-end tier, in this case the SQL Server database. The differ-
ence between the two approaches is the security account used to access the back-
end data.
Impersonation/delegation model – In the impersonation/delegation model, a
user supplies his or her security credentials to the middle-tier application, which
then accesses the back-end database using that user’s security credentials. The
middle-tier application essentially impersonates the user to retrieve data on his or
her behalf.
Figure 6.1 on the next page illustrates the impersonation/delegation model.

66
Reference Architecture for Commerce
User
Jane
Jane
IIS
SQL
Figure 6.1
Impersonation/Delegation Model
Trusted server model – In the trusted server model, the middle-tier application
authenticates the user, usually by validating a user name and password combi-
nation. After the middle-tier application is satisfied that the user is who he or she
identifies himself or herself as, it then uses its own security account to access the
back-end database. The user has no access permission to the back-end data other
than through the middle-tier application. In this approach, there are actually two
authentication operations. First, the Web application authenticates the user, and
then the database server authenticates the Web application.
Figure 6.2 illustrates the trusted server model:
User
Jane
Application
IIS
SQL
Figure 6.2
Trusted Server Model
Authorization
Authorization gives access to resources to certain users or services. After a user is
authenticated, he or she must be able to request particular functionality from the
application. Users can be assigned permission, or be authorized to perform some
tasks but not others. In the context of security, it is important that access levels be
restricted to authorized users.
Security specialists often talk about the principle of least privilege. This is a rule of
thumb stating that users should have sufficient permissions to perform the tasks
they need to perform, and no more.
Encryption
Encryption means to encode data to prevent unauthorized access.
Encryption can happen on a number of levels, based on where the encryption
occurs. In general, encryption can occur on the server, the transport, or the client.

Chapter 6: Physical Design Phase
67
Server Encryption
Encryption on the server refers to the process of encrypting data that is stored and
transported within the server infrastructure. Encrypting data within the server
infrastructure ensures that in the event of a security breach, sensitive data that was
accessed would be of no use because it is encrypted.
One example of a situation in which data might be encrypted would be user credit
card data. When the business tier stores a user’s credit card information in the data
tier, it is important to encrypt that data. If a hacker breaches the system and gains
access to the table that holds encrypted credit card information, that information is
of no use to the hacker. If the credit card information is not encrypted, the data
presents a liability to the application.
Transport Encryption
Transport encryption deals specifically with the data that is passed between the
server and client. For example, when a user submits an HTML form to the server,
the data that the user entered into that form travels across a connection, such as the
Internet, using Hypertext Transfer Protocol (HTTP), and then is received by the
server.
This transport presents a potential for data theft or tampering that can be addressed
by encrypting the data during transport. Data that is transported across the Internet
can be encrypted by installing a security certificate on the Web server, configuring a
Secure Sockets Layer (SSL) port for the site, and using HTTPS, the encrypted form
of HTTP, as the transport protocol.
Server certificates can be purchased from one of the certificate authorities listed at
http://www.microsoft.com/security/
You can issue a stand-alone certificate using Microsoft Certificate Services, which
allows you to test SSL security on a single server. Certificates are installed using the
Web Server Certificate Wizard, accessible through the properties of your site in Inter-
net Services Manager.
When you build a site that implements SSL, you should be aware that any hyper-
links or redirects that direct a user from an unencrypted session to an encrypted one
must include the https:// prefix. This specifies that the user’s browser use HTTPS to
communicate to the server.
Client Encryption
Client encryption deals specifically with data that resides on the client. For ex-
ample, if a file is available publicly but it is encrypted, then only people with the
correct decryption key can use the file.

68
Reference Architecture for Commerce
For a typical e-commerce application, client encryption is less important than
transport and server encryption, but some situations may call for its use.
Accessibility
Accessibility is the ability to access the site from a number of different device types
or browsers. The Internet is evolving at an incredible rate, and as such the devices
that access the Internet have grown in their diversity. Building an e-commerce
application that is accessible and functional on many different devices has become a
difficult task.
The key to supporting multiple clients is to abstract the presentation format from
the content. A number of approaches can be used to do this, including writing logic
in ASP pages to generate a different response depending on the client or redirecting
different devices to alternative sites. However, one of the most powerful ways to
abstract presentation logic from content is to use Extensible Markup Language
(XML). If the data to be presented can be expressed as XML, then an Extensible
Stylesheet Language (XSL) style sheet can be applied to render the data for a spe-
cific type of client. This way, the same content can be presented to different clients
by applying different style sheets. Figure 6.3 illustrates this concept:
Client
<XSL>
<XHTML>
<XML>
INTERNET
IIS
Client
<XSL>
<WML>
Figure 6.3
Abstracting Presentation Format from Content
Identifying Existing Candidate Technologies
Candidate technologies are technologies, products, or services that can be used in a
solution. Using existing technologies is often a cost-effective solution to implement-
ing functionality that would otherwise need to be built. For example, when you
build a Web application, you need an operating system that is a foundation to the
solution; however, it certainly doesn’t make sense to create an operating system.
Just as it may not make sense to build an operating system each time you build an
application, it may not make sense to build all of the pieces of the Web solution

Chapter 6: Physical Design Phase
69
itself. Many experts agree that in the future, entire applications will be built by
using existing services that are simply combined creatively to comprise an
application.
It is important to gather information about potential technologies that you can use
in your solution. During the next portion of the physical design phase, the design
team analyzes this information and determines which technologies, if any, meet the
needs of the particular application in question.
The Operating System
The foundation of any modern application is an operating system. An operating
system not only interfaces with the hardware, but it also provides a common frame-
work on which to build applications. It is important to choose an operating system
that supports object-oriented methodologies and a common framework in which
the application can run and communicate.
Windows 2000 Server provides a rich set of features that can be used by application
developers. Many major e-commerce sites on the Internet run on Windows 2000,
including Buy.com, BarnesAndNoble.com, Dell.com, Intel.com, and others.
Internet Services
Another core piece of a Web-based application are Internet services. A Web-based
application needs an Internet services platform that handles basic Web services,
such as responding to client HTTP, HTTPS, and other requests. A good Internet
services platform should also offer site management and a dynamic content pro-
gramming model.
Microsoft IIS is a Web server built into Windows 2000. IIS offers an extensive Inter-
net services package, including Active Server Pages (ASP), Distributed Authoring
and Versioning (DAV), Web folders, Microsoft FrontPage® Extensions, File Transfer
Protocol (FTP), multi-site hosting, and other support.
Presentation Services
As mentioned in the “Accessibility” section earlier in this chapter, it is important to
separate content from presentation so that content is accessible from multiple
clients. It is also important to make this separation to simplify globalization efforts.
As stated previously, one way to abstract presentation logic from content is to use
XML and XSL together. An alternative to using XML combined with XSL is to build
complex page logic within the ASP pages themselves, relying on things such as the
Browscap.ini file, USER_AGENT strings, and more.
One candidate technology that can fulfill the presentation services role is the
Microsoft XSL ISAPI filter. ISAPI stands for Internet Services Application Program-
ming Interface and is the foundation of IIS. Filters are placed on top of ISAPI and

70
Reference Architecture for Commerce
provide appropriate functionality when the Web server receives a client or service
request. For example, the ASP engine, ASP.dll, is an extension that runs on top of
ISAPI.
The XSL ISAPI filter is designed to intercept all requests for documents with XML
or pre-processed Active Server Pages (PASP) file name extensions. The PASP file
name extension is specific to applications developed in conjunction with the XSL
ISAPI filter. Files with that extension are assumed to be normal ASP files (with a few
restrictions) that generate valid XML rather than HTML output. The output from
the PASP scripts is then transformed according to the same rules that the ISAPI
filter applies to XML files that are requested directly.
After XML is retrieved, the next step in the presentation process is to transform that
data into some type of meaningful markup that clients can display. For browsers,
this might be HTML, for Wireless Application Protocol (WAP)-enabled mobile
phones, this might be Wireless Markup Language (WML). The XSL ISAPI documen-
tation is available for download from the Microsoft MSDN Web site at http://
msdn.microsoft.com/downloads/

Figure 6.4 illustrates the concept of the XSL ISAPI filter:
XSLISAPI 
Filter
<XSL>
<XHTML>
Client
<XML>
INTERNET
IIS
Client
<XSL>
<WML>
Figure 6.4
XSL ISAPI Filter Functionality
Data Services
Another important aspect of building an e-commerce solution is the need to store,
retrieve, and manage data. These services are encapsulated into a database server. It
is important that an enterprise database server deliver high performance, a high
number of concurrent users, and scalability.

Chapter 6: Physical Design Phase
71
Microsoft SQL Server 2000 is a SQL database server that offers enterprise perfor-
mance, scalability, and a high number of concurrent users. It also provides rich
support for XML, tight security, and powerful analysis tools.
Commerce Platform
Building an enterprise e-commerce solution from scratch is very time consuming
and resource intensive. Taking advantage of e-commerce functionality from an
existing product can be a way to significantly shorten time to market as well as cut
development costs.
One such product is Microsoft Commerce Server 2000.
Commerce Server 2000 is a comprehensive product that encapsulates much of the
functionality of an e-commerce solution into one package. Commerce Server 2000
provides advanced management capabilities, as well as a scalability and perfor-
mance. For more information, see the Microsoft Commerce Server Web site at http://
www.microsoft.com/commerceserver/

Analysis and Rationalization
The next part of the physical design phase, after research, is analysis and rational-
ization. Analysis and rationalization is taking the information gathered during the
research process and making decisions based on that information.
Using Existing Technology
When the design team considers using existing technology, it must weigh all of the
factors that could possibly affect the solution. These factors include, but are not
limited to, the following:
Ability – Will the technology deliver the business functionality?
Cost of ownership – Is the technology cost-effective? Consider product, develop-
ment, upgrade, license, deployment, and operation costs.
Experience – What experience and expertise does the technology require? Will
there be training costs? Are there unknowns?
Maturity and innovation – Is the product mature? Has it been accepted in the
market? Is the product innovative, and does it employ the latest technologies?
Does it stay current?
Deployment – Will the technology be difficult to implement?
Supportability – Will the technology be supportable?
Architecture – Does the technology implement an acceptable architecture? Does
that architecture meet enterprise needs?
Scalability – Will the technology scale to match growth?

72
Reference Architecture for Commerce
G
Interoperability – Will the technology work with the systems already in place
within the organization?
G
Performance – Will the technology deliver the performance needed?
G
Reliability – Will the technology meet the reliability requirements of the
application?
G
Availability – Will the technology handle the application requirements without
causing the solution to fail?
G
Manageability – Is the technology easy to manage?
G
Security – Will the technology conform to the security requirements?
G
Standards compliance – Is the technology in compliance with accepted
standards?
Additional factors, such as project timeline and budget constraints and other in-
house projects that they may be aware of, should also be considered.
Windows 2000 Server
Windows 2000 Server is the operating system for the Reference Architecture for
Commerce because it offers a set of features specifically designed for enterprise
applications. Some of these features include:
Choice of server type – The Windows 2000 Server platform runs on a variety of
servers. In the context of the Reference Architecture for Commerce solution, it
was important that the application be able to scale both up and out. Depending
on the application load requirement, an organization may choose to deploy the
solution on two or more servers running Windows 2000 Server or Windows 2000
Advanced Server. For maximum performance and load distribution across a
number of servers, you should use Microsoft Windows 2000 Datacenter Server
Network and Network Load Balancing (NLB).
Scalability – Windows 2000 Advanced Server and Datacenter Server are capable
of scaling out by using Microsoft Windows 2000 Cluster service and Network
Load Balancing.
Cluster services assure continuous service by having two servers, which run the
same application, share a common storage mechanism. If one of these servers
fails, the other one takes over. This allows an application to have zero downtime
by building in redundancy in the system infrastructure.
Figure 6.5 illustrates the concept of clustering.

Chapter 6: Physical Design Phase
73
Client
Client
Client
Client
Client
IIS
SQL
IIS
Disk Subsystem
Figure 6.5
Clustered Servers
The second method that Windows 2000 Advanced Server and Datacenter Server
use to scale out is NLB, which distributes the application load across many
servers by exposing them as a single unit behind a single Internet Protocol (IP)
address. When a server fails in an NLB setup, NLB automatically detects the
failed system, transfers the load to other systems, and then restarts the computer.
Figure 6.6 on the next page illustrates the concept of NLB.
G
Availability – By using the Clustering and NLB services provided in Win-
dows 2000 Advanced Server or Windows 2000 Datacenter Server, Windows 2000
Server provides a highly available solution. NLB and Cluster services together
eliminate single points of failure.
G
Reliability – The Windows 2000 Server platform has achieved a reliability of
“five nines,” or 99.999 percent uptime, which equates to less than 5 minutes of
downtime a year. In an enterprise e-commerce situation, downtime can mean the
loss of millions of dollars in direct revenue, unhappy customers, and complaints.
Therefore a reliable operating system is integral to an enterprise solution.

74
Reference Architecture for Commerce
Client
Client
Client
Client
Client
IIS
SQL
IIS
Client
Client
Client
Client
Client
Internet
IIS
IIS
IIS
SQL
Figure 6.6
Network Load Balancing

Chapter 6: Physical Design Phase
75
Performance – Windows 2000 Advanced Server and Datacenter Server imple-
ment Symmetric Multiprocessing (SMP) support that enables servers to use
up to 8 processors for Advanced Server and 32 processors for Datacenter Server
efficiently. In addition, Advanced Server includes enhanced memory features
that allow the server to have up to 8 gigabytes (GB) of memory, Datacenter
Server allows up to 64 GB of memory.
Manageability – Windows 2000 Server provides a diverse set of tools that allow
you to manage your Web site and plug into the Microsoft Management Console
(MMC), so server functions can be managed in a central location. Some of the
administration features of Windows 2000 include event logging, Performance
Monitor, Terminal Services, and Windows Management Instrumentation (WMI).
Security – Windows 2000 provides a secure environment in which access to
files or services can be rigorously controlled using Active Directory, security/
authentication protocols, and encrypted communication.
Component services – The Windows 2000 COM+ services provide application
functionality to developers and administrators. This built-in functionality allows
distributed transactional applications to be developed without developing the
underlying infrastructure to support atomic transactions or asynchronous
operations. You can find more information about Windows 2000 Server at http://
www.microsoft.com/windows2000/

Microsoft Internet Information Services (IIS)
Microsoft IIS comes with Microsoft Windows 2000 and provides a rich platform
with which to deliver content using the Internet. Because IIS is fully integrated at
the operating system level, it allows the development and deployment of solutions
that weave directly into the computing infrastructure.
IIS provides Internet services for the Reference Architecture for Commerce solution
because it is included with the operating system and because it has an extensive
feature set. Two key IIS features are ASPand ISAPI.
XSL ISAPI
The XSL ISAPI filter provides presentation services for the Reference Architecture
for Commerce solution. By using the XSL ISAPI filter, content can be completely
separated from presentation, allowing content delivery to be customized without
the need to modify ASP code.
The alternative to using XML combined with XSL is to build complex page logic
within the ASP pages themselves. However, there are two major drawbacks with
this approach; the first is the manageability of the complex display logic within the
code, and the second is the large overhead of running such logic.

76
Reference Architecture for Commerce
The XSL ISAPI intercepts all requests for documents with an XML or PASP file
extension. The PASP file name extension is specific to applications developed in
conjunction with the XSL ISAPI filter. Files with the PASP extension are typical ASP
files (with a few restrictions) that generate valid XML rather than HTML output.
The XSL ISAPI filter then transforms the XML output of the PASP or XML page
using an XSL style sheet, depending on the device that requested it, and then sends
it to the client.
Another benefit of using the XSL ISAPI filter is that it makes the development cycle
more manageable by separating the workload by skill set. For example, a graphic
designer can create the XSL to his or her interface specification, and an ASP devel-
oper needs to be concerned only about delivering the correct data to the interface.
SQL Server 2000
SQL Server 2000 provides data services for the Reference Architecture for Com-
merce solution. It offers a complete enterprise database solution, and Commerce
Server 2000 relies on its data services. For many e-commerce solutions, a single
SQL Server installation clustered on a Windows 2000 Datacenter Server provides
the required level of scalability. For sites requiring an extremely high volume of
stored data, SQL Server databases can be created on multiple servers and distrib-
uted partitioned views can be used to access and update the data across the physi-
cal servers.
Commerce Server 2000
The Reference Architecture uses Commerce Server 2000 because it was built for the
Windows 2000 platform, and because it provides a rich set of development, deploy-
ment, and management tools for e-commerce applications. Commerce Server
provides approximately 80 percent of the objects that were defined in the logical
phase at a fraction of the cost that it would take to develop them. These objects are
implemented as COM objects that can be used in ASP pages.
Commerce Server 2000 provides the following:
Integration with other services and software features – Because Commerce
Server 2000 was designed specifically for Windows 2000, its architecture inte-
grates fully with the operating system. Commerce Server takes full advantage
of the COM+ features in Windows 2000 Server and provides a solid basis for
enterprise e-commerce applications.
Commerce Server also integrates well with Microsoft BizTalk™ Server, allowing
it to offload certain process management features and external communication.
Pipeline components – Pipeline components are configurable sets of custom
COM objects that are called in sequence to perform particular business pro-
cesses. In a Commerce Server solution, most custom business classes can be

Chapter 6: Physical Design Phase
77
implemented as pipeline components to provide a simple way to manage busi-
ness processes. (Pipeline components are simply COM components that imple-
ment a well-known interface, IpipelineComponent). This allows Commerce
Server to identify them as Commerce Server-friendly components, which are
then called by the pipeline.
In the Reference Architecture application, pipeline components handle processes
such as customer order processing and ensure that the necessary tasks to process
an order are performed in sequence.
G
Management infrastructure – Designing and building a management frame-
work for an e-commerce site is not just a resource-consuming task, it is typically
viewed as a project that can be larger than the e-commerce application itself. The
management infrastructure of Commerce Server was a major selling point in the
decision to use Commerce Server.
The Commerce Server Business Desk is included with Commerce Server. The
Business Desk is an application that is based on Dynamic Hypertext Markup
Language (DHTML) and runs on Microsoft Internet Explorer 5.5 or later; it
allows an administrator to remotely manage auctions, promotional campaigns,
catalogs, orders, users, and provides a rich set of analysis tools.
Because Business Desk is completely DHTML-based, it can be used to remotely
administer e-commerce solutions built on Commerce Server. This approach
places the Business Desk application load on the client without affecting the
performance of the e-commerce site.
Passport Authentication
The Reference Architecture application provides its own authentication mechanism
as well as support for the Microsoft Passport single sign-in (SSI) service. Passport
allows members to use one sign-in name and password at all participating Web
sites. It is one of the foundation technologies for Microsoft’s future Internet direc-
tion (that is, .NET). Passport uses standard Web technologies and techniques such
as SSL, HTTP redirects, cookies, JavaScript, and strong symmetric key encryption
(Triple DES) to deliver the single sign-in service. No software download is required
for members, and Passport is compatible with Internet Explorer version 4.0 and
later, Netscape Navigator version 4.0 and later, and some of the more popular UNIX
versions.
Passport single sign-in is somewhat similar to the forms-based authentication
model that is commonly used on the Web today. The Passport network extends
this model to work across a distributed set of participating sites, while preserving
members’ privacy and security and the site’s ability to appropriately customize
and brand the sign-in experience.
For more information about Passport and to obtain the Passport software develop-
ment kit (SDK), see the Web site at http://www.passport.com/

78
Reference Architecture for Commerce
To obtain the SDK, you must first obtain Passport credentials.
If you need to implement an alternative authentication method in the Reference
Architecture application, you can use the Passport implementation as a reference
example, and then make the necessary changes to support the technology you
want to use.
Meeting the Business Requirements
After determining which existing technologies can be used, the team must deter-
mine how it will meet the business requirements identified earlier. To meet these
requirements, the team must make some key decisions about tools, processes, and
approach. It’s important to view these decisions in the context of the specific busi-
ness requirement that must be met.
Globalization
As identified earlier, globalization is the ability to port an application to different
cultural contexts. To satisfy this requirement, the content and presentation delivered
to the user needs to be globalized. During globalization, the content should be
divided into two types: static content and dynamic content. Each type of content
carries with it distinct globalization challenges as follows:
Static content — This includes both the text on the interface and the interface
itself; it must be localized for a given culture or language. The XSL ISAPI filter
facilitates this by allowing the development team to use different interface
designs for different languages and then deploy the application as different Web
sites or different virtual directories. That way a user can choose his or her lan-
guage and then be redirected to the appropriate site.
Note: The Reference Architecture application is not globalized; however, the application
does use the XSL ISAPI filter and thus includes the capability to permit globalization to
be done.
Dynamic content — This consists of content that the application generates as it is
needed. To support dynamic content in different languages, an application must
support different character sets. The Unicode standard is a character set that
includes all of the characters of the world’s languages. Using the Unicode stan-
dard ensures that all languages can be represented in dynamic data. To support
the Unicode standard, all database fields that persist character data must use
data types such as nVarCharnChar, and so on. The business tier must also
support the use of Unicode.
For this reason, the Reference Architecture for Commerce solution uses the
Unicode standard throughout the application.

Chapter 6: Physical Design Phase
79
Performance
To maximize performance, the design team must make several key decisions. To
maximize total system throughput (that is, the overall efficiency and performance of
the application) the design team identified the following areas of concern:
G Minimizing marshaling
G Language choice
G Asynchronous processing
Minimizing Marshaling
One way to boost system throughput is to minimize marshaling. A good way to do
this is to reduce the number of remote procedure calls made from the Web site to
components elsewhere. Many e-commerce sites are hosted on a farm of dedicated
Web servers and the business components are located on a separate cluster of
application servers. Although this is a valid architecture for security reasons, espe-
cially when the application servers are separated from the Web farm by a firewall or
packet-filtering switch, it has a detrimental effect on response time because each call
to a component must be marshaled across a network connection.
The Reference Architecture for Commerce application has components deployed on
the same server as the Web site; therefore, it avoids cross-network marshaling and
thus improves response time. (Commerce Server provides most of the business
components used by the Reference Architecture application; they are installed on
the Web server.)
Language Choice
Language choice can also impact performance. For example, although components
created for the Commerce Server pipeline can be scripted, for an enterprise applica-
tion, the components should be built in a lower-level language such as the Visual
Basic® development system or C++ for maximum performance. Although ActiveX
Data Objects (ADO), for example, runs at nearly the same speed in a Visual Basic
component as a C++ component, complex business routines can run faster in C++.
For this reason, most components in the Reference Architecture for Commerce
application were built using C++.
Asynchronous Processing
To maximize response time, many processes should be designed to run asynchro-
nously. For example, if a user checks out, the user does not need to wait for
the system to send an e-mail confirmation before the user receives an interface
response.

80
Reference Architecture for Commerce
Scalability
Addressing scalability issues can be a large undertaking. The first method of scaling
an application is scaling up; it consists of adding performance-enhancing hardware
to a single server, thereby improving speed. While relatively few design consider-
ations need to be made to scale up, this can be a very expensive way of meeting
increased demand because hardware costs rise exponentially with performance.
The other method of addressing scalability consists of adding more servers and is
known as scaling out. Although scaling out can be more cost effective in terms of
hardware, it does involve a number of design considerations. As discussed previ-
ously, the biggest issue when scaling out is maintaining session information.
To scale out successfully, the Reference Architecture application does the following:
G The ASP Session object is not used to maintain session state because it introduces
server session affinity and requires IIS to maintain session state in memory.
G With the assistance of Commerce Server objects, the user session state is saved
to a database between page requests and retrieved with each new page request.
Although this approach to session maintenance entails some additional database
overhead with each page request, it serves the scalability requirements of the site
quite well. A single high-end database server (or cluster) can provide state
persistence services for an entire farm of front-end servers.
G A per-session cookie is issued to users as they log on and is used as a ”look-up
field” to retrieve the state data for the relevant user account. Per-session cookies
are not stored on the user’s hard disk, so they are more likely to be enabled on
even the most security-conscious user’s browser. If per-session cookies are
disabled in a user’s browser, the user will not be able to log on to the site.
Manageability
A strong management infrastructure is a direct product of choosing Windows 2000
Server and Microsoft Commerce Server. As noted earlier, Commerce Server pro-
vides a powerful administration and management interface in Business Desk, and
Windows 2000 provides a powerful administration and management interface
through the Microsoft Management Console and other features.
Security
The following sections describe the security requirements defined for the Reference
Architecture application.
Authentication
Of the two models identified, impersonation/delegation and trusted server, the
design team chose the trusted server model as the authentication scheme for the
Reference Architecture for Commerce application.

Chapter 6: Physical Design Phase
81
Because the impersonation model impersonates each user, the solution must man-
age accounts for each user that accesses the site. In a small intranet-based applica-
tion where there are few users and restrictions are user-based, the impersonation
model works well; however, in larger solutions, the impersonation model can
quickly get out of hand. Therefore, the design team chose the much simpler trusted
server model, which offers better performance and less management headache.
Authorization
To adhere to the principle of least privilege as outlined in the research portion of the
physical phase, the team made the following the following deployment recommen-
dations and design decisions:
IIS virtual root permissions. When deployed, the site should be set to allow
read-only permissions to the virtual root.
NTFS permissions. When deployed, the Windows account used for anonymous
access should be given read-only permissions to the folders containing the Web
application files.
Anonymous customer permissions. The Reference Architecture for Commerce
solution should use a cookie to identify users who have not been authenticated
and should redirect them to the Logon page when they want to check out or
access any of the profile management pages.
Authenticated customer permissions. Even users who are authenticated should
have some restrictions placed upon them. For example, systems administrators
could use the Commerce Server Business Desk tools to restrict access to specific
profile settings by hiding them from the user or allowing read-only access.
In the database itself, there are more authorization issues. The only direct access
users have to the database are the permissions assigned to the account used by the
middle-tier application (in this case Commerce Server) and should be restricted to
the minimum necessary to provide data services to the site. For this reason, state-
ment permissions are not assigned to this account.
Encryption
As a sample application that must be easily installed and examined, the Reference
Architecture for Commerce application does not implement encryption. However,
in a production e-commerce system, encrypted sessions should be used when
sensitive data such as passwords or credit card details are transmitted.
Although encryption is a necessity in a production e-commerce environment, SSL
should be avoided for connections where no sensitive data is transmitted. This is
due to the overhead associated with establishing an encrypted session, which
involves passing the server’s public key to the browser, and the generation and
exchange of a session key with which to encrypt the session.

82
Reference Architecture for Commerce
Browser Independence
The Reference Architecture application uses the XSL ISAPI filter to satisfy the
requirement of browser independence. It provides an elegant mechanism with
which to separate content from presentation and gracefully handle the capabilities
of different browsers.
Implementation
The last step of the physical phase is to apply the decisions made about constraints,
requirements, and technology use to the logical design, and to actually define the
physical implementation. During this phase, the programming model, component
interfaces, and internal structure of each component are chosen.
Identifying the Components
The components of the Reference Architecture for Commerce are discussed exten-
sively in Part 3 of this Developer’s Guide. Part 3 includes explanations of the coding
practices and components used, as well as code fragments and their definitions. For
more information, please refer to the developer comments provided in the code
itself.
Creating the Specification
At the conclusion of the implementation phase, the team must document the deci-
sions made in a detailed technical specification. This document becomes the blue-
print for the application and is the reference that the development team uses when
building their team of experts, building the schedule, assigning the tasks, and
creating the test and deployment plans.
Conclusion
This chapter described the three-phase process for identifying the actual compo-
nents and technologies that will comprise an application; it also provides a sum-
mary of the reasoning behind the choices made during the development of the
Reference Architecture for Commerce application, ConsolidatedRetail.com. The
goal of this phase in the project lifecycle is to apply real-world physical design
constraints on the logical design and to develop a solid technical specification that
will guide the development effort.
The next portion of this document focuses on the actual code provided in the
Reference Architecture for Commerce: Business to Consumer application. As noted
previously, this application was developed as a reference example; however, the
application can be modified for production use.

Part 3
Solution Implementation
Part 3 of the Developer’s Guide for the Microsoft Reference Architecture for
Commerce describes how the architecture described in Part 2 was actually
used in the design and development of the Reference Architecture application,
ConsolidatedRetail.com. Part 3 is intended primarily for application developers;
however, anyone else who wants to learn about building e-commerce solutions
with Microsoft technologies will find it useful. It consists of an initial overview of
the application and its components, followed by an in-depth discussion of the
code components and technologies used to build the solution.
Part 3, “Solution Implementation,” consists of the following:
G Chapter 7, “Implementation Overview”
G Chapter 8, “Solution Roadmap”
G Chapter 9, “ConsolidatedRetail.com Functionality”
G Chapter 10, “Debugging and Testing”


7
Implementation Overview
As described in Part 2 of the Developer’s Guide, the Microsoft Reference Architecture
for Commerce is designed to accelerate the development of e-commerce solutions
for small to medium businesses by providing reusable and customizable compo-
nents. The Microsoft Reference Architecture for Commerce solution consists of
engineered code components intended to allow developers to build retail Web sites
that use Windows 2000 Server and .NET Enterprise Server products, such as Com-
merce Server 2000 and SQL Server 2000.
Part 3 of this guide is designed for application developers and anyone else who
wants to learn about building e-commerce solutions with Microsoft technologies. It
consists of an initial overview of the application and its components, a component
roadmap, and an in-depth discussion about the implementation issues encountered
during its development.
Implementation Features
The ConsolidatedRetail.com site implemented in the Reference Architecture appli-
cation is designed to include many of the features commonly found in e-commerce
solutions. For a full description of the business requirements of the application,
please refer to Part 2 of the Developer’s Guide.
Recommended Background Knowledge
To understand the details of the code functionality, readers of this Part 3 of the
Developer’s Guide should have some knowledge of the following:
ASP – The developer should know how to use Visual Basic Scripting Edition
(VBScript) to create Active Server Pages (ASP). This includes an understanding
of the core ASP objects, as well as instantiating and using Component Object
Model (COM) and COM+ components. The bulk of code produced for this
application is ASP.

86
Reference Architecture for Commerce
XML – Extensible Markup Language (XML) is used extensively in this application
as a means for passing structured data between application components. The
developer should be familiar with XML, including basic syntax, schemas, and
structure. Some of the code uses the XML Document Object Model (DOM) for
parsing XML content.
XSL – To understand how the user interface works, the developer needs to have a
good understanding of Extensible Stylesheet Language Transformations (XSLT).
Microsoft Commerce Server 2000 and its objects – Commerce Server is a sophis-
ticated system. Although this Developer’s Guide and the application itself attempt
to provide guidance on the workings of the system, the developer should refer to
the Commerce Server documentation to become familiar with Commerce Server
capabilities and components.
SQL Server – Although this application uses SQL Server extensively, most of
the actual database access is hidden from view and performed using a layer of
abstraction provided by Commerce Server objects. However, to really under-
stand how data is accessed and stored, the developer should explore the tables
and stored procedures maintained behind the scenes by Commerce Server.
Visual C++ – The custom COM components for this application were written
in Microsoft Visual C++ to maximize performance. Although understanding
the full inner workings of the components is not required for getting valuable
information from the Reference Architecture application, a full understanding
of its workings requires C++ skills.
For information on why these technologies were chosen, please refer to Part 2 of this
Developer’s Guide.
Technology Overview
The following subsections briefly describe how each of the core technologies is used
in the Reference Architecture application.
XML in the ConsolidatedRetail.com Solution
The solution is implemented as a Commerce Server 2000 site, which uses SQL
Server 2000 as a data store and Commerce Server Object Library for management.
The site itself uses XML to represent the content of the Web pages and XSL style
sheets to render the content as Hypertext Markup Language (HTML) for a Web
browser. An Internet Server Application Programming Interface (ISAPI) application
filter is used to process the XML and apply the necessary XSL transformations. This
approach allows the solution to be extended easily to other client types without
necessitating a rewrite of the business logic in the ASP pages.

Chapter 7: Implementation Overview
87
Microsoft has shown a commitment to using XML as a standard for passing struc-
tured content in a distributed computing environment. In accordance with this
initiative, the Reference Architecture for Commerce code uses XML throughout the
solution. Examples of the use of XML include:
XML output from PASP scripts and XSL transformations using the XSL ISAPI
filter – The pre-processed Active Server Pages (PASP) scripts that implement the
solution site’s front end use the XSL ISAPI filter to generate output in XML
rather than HTML format. This facilitates greater separation of content from
presentation. The XML produced by these PASP pages is then rendered using an
XSL style sheet. For more information about using PASPs and the XSL ISAPI
filter, refer to the XSL ISAPI filter documentation available for download on the
Microsoft Web site.
Note: The Reference Architecture application code includes a custom version of the XSL
ISAPI filter (XSLISAPI2.dll). This version is not available for download on Microsoft.com;
however, the documentation for the publicly available version (XSLISAPI.dll, version 2.1) is
appropriate for the custom version also.
XML output from commerce components – Many Commerce Server 2000 objects
can deliver record sets (for example, a listing of products) in either ActiveX Data
Objects (ADO) or XML format. Where possible, the ASP scripting code requests
information in XML format from commerce objects.
Refer to Appendix A for examples of XML output from the Reference Architecture
PASP pages.
ASP Use
For most Web-based application development on Microsoft platforms, the code that
drives the Web front end is implemented using ASP files written in VBScript. ASP is
used for Web programming mostly because of the flexibility and ease of develop-
ment it offers. In the rapidly evolving realm of e-commerce, it is important to be
able to quickly change the appearance or basic front-end functionality of a site.
The interpreted execution of scripting languages allows programmers and design-
ers to make rapid changes to a site’s functionality without having to go through
lengthy compilation processes: after you save the source file, the program is
changed. However, it should be noted that the major business processing tasks are
performed by components (either provided by Commerce Server or custom built)
to maximize performance and scalability.
The Reference Architecture for Commerce solution code adds a new twist to ASP
programming by using the capabilities of the XSL ISAPI filter to disassociate the
generation of content presentation from content. Rather than generating HTML

88
Reference Architecture for Commerce
content directly, the PASP scripts generate XML output, and XSL style sheets trans-
form the XML output into the correct display format. This transformation can occur
on either the server or the client — provided that the client is capable — thus
offloading CPU cycles.
Commerce Server Components
Commerce Server 2000 provides a very rich set of tools for site developers, system
administrators, and business managers to develop, deploy, and manage commerce
applications for the Web. Like any large, powerful software system, the sheer
magnitude and variety of Commerce Server offerings can be overwhelming unless
you are familiar with the system. The Reference Architecture provides a proper
introduction: it is a well-designed and well-documented small e-commerce applica-
tion that demonstrates many of the Commerce Server objects in use. Although it
doesn’t exercise every Commerce Server capability, the Reference Architecture code
demonstrates how to:
G Set up boundaries between information and operations that are available to
anonymous users and those that are available only to authenticated users.
G Maintain a user’s session state without relying on methods that introduce server
session affinity and retain session information when crossing the boundary
between anonymous and authenticated access.
G Create a catalog, navigate the catalog hierarchy, and display product details from
the catalog.
G Allow shoppers to gather a collection of products for purchase (using a shopping
cart metaphor) without requiring authentication.
G Store and retrieve user profile information so that users do not need to re-enter
that information on subsequent visits.
The Commerce Server 2000 objects used in the Reference Architecture application
are listed in later chapters of this guide.
Stored Procedures in the Data Tier
No custom stored procedures were written for this application. All stored proce-
dures in the Commerce data store on SQL Server were created by Commerce Server
to provide the data access functionality for many of the Commerce objects.
Client-Side Scripting for Input Checking
The application’s user interface employs client-side JavaScript code for input
validation in several places. The functionality of the client-side scripts is not terribly
tricky, and is somewhat peripheral to the main focus of the application, so this
guide doesn’t go into detail about those scripts.

Chapter 7: Implementation Overview
89
Conclusion
This chapter described the background knowledge necessary to make best use of
this guide. It also provided a very brief overview of the components that make up
the Reference Architecture application, ConsolidatedRetail.com. The next chapter,
“Solution Roadmap,” describes the code components in detail, provides code
samples, and includes pointers to additional information.


8
Solution Roadmap
The Reference Architecture application contains many custom Active Server Pages
(ASP) files and code components. The source code for these files is examined in
some detail in the later sections of this chapter. Figure 8.1 on the next page provides
a high-level visual representation of the components of the solution and their inter-
relationships. Use this diagram as a quick reference when reading through the
remainder of this guide and when examining the source code.
As illustrated in Figure 8.1, a customer uses a browser, in this case Microsoft
 Internet Explorer 5, to access the application. The ASP files in the Web site are
implemented as pre-processed ASP (PASP) scripts and use the programmable
objects provided by Microsoft Commerce Server 2000 (such as ProductCatalog,
AuthManager, ProfileObject, and OrderGroup) to send data to and retrieve data
from the Commerce Server site database in Microsoft SQL Server 2000. Business
processes, such as placing an order or viewing the contents of the Shopping Cart
basket, are implemented using Commerce Server Pipelines. A pipeline calls a
custom COM+ queued component to handle e-mail – messaging functionality. The
output for each Web page is represented as Extensible Markup Language (XML),
and is intercepted by the Extensible Stylesheet Language (XSL) Internet Server
Application Programming Interface (ISAPI) 2.1 filter, which applies the appropriate
XSL style sheet to the content to render it as HTML.
The next section of this chapter describes how the PASP files and XSL ISAPI filter
operate, with references to a simple example. Then, the chapter examines how
each major component category was implemented in the ConsolidatedRetail.com
application. The discussion takes a logical approach to the discussion, describing
the Web services first, then the Commerce Server objects, and then the pipeline
components.

92
Reference Architecture for Commerce
Internet Explorer 5
HTML
XML
PASP 
XSLISAPI 
XSL
Script
Filter
IIS 5.0
Custom COM+ 
Commerce 
Commerce Server 
Queued 
Server Objects
Pipelines
Component
Commerce 
Server 2000

COM+
Commerce
Database
SQL Server 2000
Figure 8.1
Reference Architecture Application Components

Chapter 8: Solution Roadmap
93
PASP Files and the XSL ISAPI Filter
ASP pages are usually designed to produce the presentation logic of a Web solution.
In the ConsolidatedRetail.com site, they are used a little differently. Most of the ASP
files in the site are implemented as PASP files. The PASP files write XML to the
response object, which is intercepted by the XSL ISAPI filter and processed. The
script in the PASP files is used to call business logic in the Commerce Server 2000
objects; the XSL ISAPI filter handles the presentation.
The XSL ISAPI filter parses the XML output from a PASP file and examines the
processing instruction. If this processing instruction includes a server-config at-
tribute that references an XML configuration file, then the XSL ISAPI filter reads the
configuration file to determine the XSL style sheet that should be applied to the
XML output from the PASP file.
The XML configuration file contains information about which style sheet should be
applied for a specific type of client, as shown in the following code sample:
<?xml version="1.0" ?>
<server-styles-config>
  <!— for WML 1.1 browsers —>
  <device target-markup="WML1.1">
    <stylesheet href="mypage-WML11.xsl"/>
  </device>
  <!— for IE 4.0 browsers —>
  <device browser="IE" version="4.0">
    <stylesheet href="mypage-IE5.xsl"/>
  </device>
    <!— for IE 5.0 browsers —>
  <device browser="IE"  version="5.0">
    <stylesheet href="mypage-IE5.xsl"/>
  </device>
</server-styles-config>
IIS identifies clients by examining the Hypertext Transfer Protocol (HTTP) request
header sent with the page request. IIS can identify many common browsers by
using the entries in the Browscap.ini file in the WINNT\System32\Inetsrv folder.
The XSL ISAPI application provides additional entries for devices such as WAP
phones in a file called Browscap-add.ini, which should be copied and appended
to the Browscap.ini file.
A Simple Example
The following is a simple example of how the XSL ISAPI filter can be used to render
the XML output produced by a PASP file.
Note: This example is designed to help you understand the functionality provided by the XSL
ISAPI filter. It does not describe any of the actual pages in the ConsolidatedRetail.com site.

94
Reference Architecture for Commerce
Assume a user with Internet Explorer 5 requests a page called Myproducts.pasp.
The script in the file is interpreted and the following XML is returned through the
following response object:
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl"
                 server-config="productconfig.xml"
                 href="csproducts.xsl"?>
<productlist>
  <product productname="Widget"/>
  <product productname="Wrench"/>
</productlist>
Now, the XSL ISAPI filter parses this XML and reads the xml-stylesheet processing
instruction, which contains the following three attributes:
type – This is the type of style sheet to be applied (in this case XSL).
server-config – This is the XML configuration file defining the style sheets to be
used with specific clients.
href – This is the default style sheet to be downloaded and applied by the client
if no corresponding style sheet is listed in the server-config file.
The XSL ISAPI filter then reads the specified server-config file (Productconfig.xml),
which contains the following entry:
  <device browser="IE" version="5.0">
    <stylesheet href="products-ie5.xsl"/>
  </device>
Because IIS identifies the client browser as Internet Explorer 5 from the request
header, the XSL ISAPI application now applies the Products-ie5.xsl style sheet to the
XML retrieved from Myproducts.pasp.
Assume that the Products-ie5.xsl style sheet contains the following XSL code:
<?xml version="1.0"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
    version="2.0">
  <xsl:template match="/">
    <HTML>
      <TITLE>Product Catalog</TITLE>
      <BODY>
        <TABLE>
          <xsl:for-each select="productlist/product">
            <TR><TD>
               <xsl:value-of select="@productname"/>
            </TD></TR>
          </xsl:for-each>
        </TABLE>
      </BODY>
    </HTML>
  </xsl:template>
</xsl:stylesheet>

Chapter 8: Solution Roadmap
95
This style sheet would be applied to XML data from Myproducts.pasp, thus produc-
ing the following HTML, which would be sent to the browser:
<HTML>
  <TITLE>Product Catalog</TITLE>
  <BODY>
    <TABLE>
     <TR><TD>Widget</TD></TR>
     <TR><TD>Wrench</TD></TR>
    </TABLE>
  </BODY>
</HTML>
Obviously, in a real e-commerce solution such as the one represented by
ConsolidatedRetail.com, the XML produced by the PASP files and the XSL style
sheets used to render it is more complex than this simple example. The principle,
however, is the same.
Web Site Files
The main ASP and PASP pages and accompanying XSL files used in the user inter-
face of the ConsolidatedRetail.com retail site are described here. As previously
mentioned, many of the ASP scripts used by the application are implemented as
PASP scripts that present XML output to the XSL ISAPI filter. A few regular ASP
scripts are also used for non-displaying scripts that accept posts from other pages.
Each PASP page has an associated <page name>-config.xml file used by the XSL
ISAPI filter to identify the appropriate style sheet to be used for specific client
types. In this implementation, only a <page name>-IE5.xsl file is provided to render
the page in HTML that is compatible with Microsoft Internet Explorer 5.5. Addi-
tional XSL files could be created to facilitate output for other browsers or devices.
Initialization Pages and Include Files
The ConsolidatedRetail.com site uses the following initialization scripts and
include files:
Global.asa – Global.asa is a Web application initialization script that defines
actions to be taken at key events in a Web application’s lifetime.
include\Site_Const.asp – This file defines numerous constants and is included
by all pages on the site.
include\Common.asp – This file defines functions that are used to render data
in XML tags. It is used by all PASP pages on the site to generate the XML to be
passed to the XSL ISAPI filter.

96
Reference Architecture for Commerce
include\Profile.asp – This file includes all of the functions for authenticating
users, logging them on or off, and retrieving or updating their personal profiles.
include\Basket.asp – This file provides the functions required for users to create
and maintain a shopping basket; that is, accumulate an order while browsing the
catalog.
include\UI_layout-IE5.xsl – This XSL style sheet provides the presentation logic
for rendering the standard layout for pages in the site. It is included by all page-
specific XSL files to ensure a consistent look and feel to the site.
include\Order.asp – This file retrieves and displays the status of a particular
order.
include\Discounts.asp – This file checks each item in the shopping basket for
discounts, and then generates appropriate XML.
include\ContentSelection.asp – This file verifies and displays advertising
content (used for targeting advertising or discounts at a specific user).
include\Catalog.asp – This is a common file that developers can use for code
specific to catalog operations.
include\Cache.asp – This script is used to cache and retrieve HTML fragments,
objects, and components.
Catalog Browsing Pages
The ConsolidatedRetail.com retail site uses the following catalog-related pages:
Default.asp – This page redirects users to the home page of the site (Index.pasp).
Because Default.asp is a traditional start page name for ASP applications, it is
placed here to redirect any requests that might come in for Default.asp to the
application’s real start page.
Index.pasp – Index.pasp is the default start page for the application. This is what
comes up when you type the site name with no additional path information;
several other pages also redirect to this page when tasks are completed or errors
are encountered.
Category.pasp – This page generates XML for the page that provides users with
a view of the products and subcategories in a particular category of a given
catalog.
Product.pasp – This page generates XML content for the page that shows details
about a single product and all its variants from a catalog. This page provides a
button that allows the user to display the detail page for the previous or next
product in a category or subcategory.
ListSearch.pasp – This page allows users to locate a public shopping list.
StepSearch.pasp – This page allows users to specify search criteria and search
the catalogs.

Chapter 8: Solution Roadmap
97
SearchResults.pasp – This page receives the input when a user enters search
criteria into the product search box, performs the search for products matching
the keywords, and returns a list of matching products to the user.
Bdrefresh.asp This script clears the Business Desk cache.
User Authentication and Profile Management Pages
The ConsolidatedRetail.com retail site uses the following user authentication and
profile management scripts:
Registration.pasp – This page allows users to register with the site.
Login.pasp. This page allows registered users to log on to the site.
ForgotPasswd.pasp – This page allows users to request that their password be
sent to them by e-mail.
Acct.pasp – This page displays account details of the user who is currently
logged on.
UserProfile.pasp – This page allows a user to edit his or her profile.
AddressBook.pasp – This page allows users to view and update the shipping
and billing addresses saved in their address books.
CreditCards.pasp – This page allows a user to save credit card numbers and
expiration dates in his or her profile. (The user can save as many credit card
numbers as he or she wants to save; there is no limit.)
EditCreditCard.pasp – This page allows a user to edit the credit card informa-
tion saved in his or her profile.
RefreshApp.asp – This script clears the Profiles cache.
Order Management Pages
The ConsolidatedRetail.com retail site uses the following order management pages:
OrderHistory.pasp – This page retrieves and displays the order history of the
current user, allowing the user to view all purchases the user has made from the
site. (Note that the order history page displays only the most recent 20 orders.)
OrderHistorydetail.pasp – This page displays the details of a specific order from
the user’s order history.
Basket.pasp – This page displays the contents of the current user’s shopping
basket, or more specifically, the products contained in the OrderGroup object
associated with the user’s current session.
OrderSummary.pasp – This page provides a summary of the current order.
Although the displayed results of this page are considerably different, the
scripting behind this page and the XML content generated by the script are
similar to Basket.pasp.

98
Reference Architecture for Commerce
ListBase.pasp – This page provides a common code base for the Save for Later,
Shopping List, and Public List pages.
AddtoList.pasp – This page allows the user to add items to a shopping list.
AddtoListResp.pasp – This page allows the user to view the contents of a re-
vised shopping list after an item is added.
Shipping.pasp – This page is invoked when the user clicks the Checkout link on
the shopping basket page or clicks the Checkout link at the top of any page. It
allows the user to specify an address for delivery of the order.
ShippingMethod.pasp – This page allows the user to select a shipping method
for the order.
MultiShipping.pasp – This page allows a user to ship items in a single order to
different addresses.
Thankyou.pasp – This page completes the processing of an order in the Com-
merce Server portion of this application by running it through a series of
Commerce pipeline processes.
Commerce Server Objects
Another important aspect of the solution is the use of Commerce Server 2000
programmable objects for business processing. These objects can be used from any
COM-aware client (such as an ASP script) to retrieve data from the site database or
to perform a task such as authenticating a user. The use of these objects is examined
in depth in Chapter 9, but the following list introduces the key Commerce Server
objects used in the ConsolidatedRetail.com application.
Utility and Configuration Objects
An e-commerce site is a highly complex application that requires many kinds of
information and functionality. To help simplify the development of an e-commerce
solution, Commerce Server 2000 provides a number of objects that can be used to
manage site configuration information and provide general functionality that can
be used throughout the site.
Many of the objects used in Commerce Server solutions are in fact Dictionary
objects or SimpleList objects. These are general-purpose objects that can
be used to maintain a collection of name/value pairs. For example, in the
ConsolidatedRetail.com application, a Dictionary object is used to store the collec-
tion of pipelines used by the site. For more detailed information about Dictionary
and SimpleList objects, refer to the Commerce Server 2000 documentation.
The ConsolidatedRetail.com application uses the following utility and configura-
tion objects throughout the site.

Chapter 8: Solution Roadmap
99
AppConfig – This is the Commerce Server Application Configuration object. It
provides methods that can be used to retrieve configuration settings for the site.
It contains an Options Dictionary object that is used to store various configura-
tion options for the site. In the ConsolidatedRetail.com site, the options dictio-
nary is used to store data source connection strings and other configuration
information.
AppDefaultConfig – Commerce Server 2000 supports the ability for the site
administrator to alter site behavior through programmatic changes to properties
stored in the Commerce Server 2000 administration database. The Reference
Architecture application provides limited support for AppDefaultConfig op-
tions as follows:
i_AddItemRedirectOptions – This specifies how the site functions after a
user adds an item to a shopping basket (a value of 1 continues displaying the
current product page; 0 redirects to the basket page).
i_FormLoginTimeOut – This specifies the number of minutes before a logon
ticket times out.
i_SitePrivacy – This specifies how much tracking is performed for anony-
mous users (a value of 1 profiles anonymous users; 2 profiles and tracks
anonymous user visits).
DataFunctions – This is a data-formatting object that holds information about
the site locale, currency and other data-related issues. It also provides methods
for handling data type specific tasks such as removing white space from strings
or converting data from one type to another.
GenID – This is a utility object used to generate Globally Unique Identifiers
(GUIDs). These can be useful for providing a unique ID to identify a specific
item.
AppFramework – This is a utility object used to simplify HTML form processing.
MessageManager – This object is used to store multilingual error messages for
use by pipeline components.
CacheManager – This object is used to manage data caching for the site. Caching
data such as catalogs, shipping methods, user profiles and so on can greatly
improve performance.
DictionaryXMLTransforms – This object is used to transform the contents of a
Dictionary object to XML (and vice-versa) using a specified XDR schema.
For more information about the AppConfigDataFunctionsGenIDAppFramework,
MessageManagerCacheManager, and DictionaryXMLTransforms objects, refer to
the Commerce Server 2000 documentation.

100 Reference Architecture for Commerce
Catalog Objects
One of the most obvious tasks that must be addressed by pages in an e-commerce
site is to retrieve product information from the catalogs associated with the site.
Commerce Server 2000 provides support for multiple catalogs in a single site. You
can structure catalogs hierarchically with nested categories and define products at
any level of the catalog, including the root. In addition, any category or product can
be related to any other category or product anywhere in the hierarchy. For example,
a product called Windows 2000 Server in the Software category could have a relation-
ship defined with a product called The Windows 2000 Server Administrators Guide in
the Books category. This makes it easy to create links to related products or catego-
ries and provide opportunities for cross selling. Figure 8.2 shows the catalog struc-
ture that Commerce Server 2000 supports:
Catalog
Product
Product
Category
Product
Category
Product
Category
Product
Figure 8.2
Commerce Server 2000 Catalog Structure
You can create catalogs from scratch or import them from an XML or CSV file
by using the Commerce Server Business Desk. For detailed information about
managing catalogs with the Business Desk, refer to the Commerce Server 2000
documentation.

Chapter 8: Solution Roadmap
101
Another feature of the catalog support in Commerce Server is that you can create
Catalog Sets. A Catalog Set is a collection of one or more catalogs that is assigned
to a particular class of user based on a property in their profile. For example, you
could create a catalog set containing catalogs with discounted prices for users
who have joined your customer loyalty scheme. For users who have no catalog set
assigned, Commerce Server sites include a default catalog set for anonymous users
and a default catalog set for authenticated users.
Programmatic access to the catalog data is provided through the following Com-
merce Server automation objects:
CatalogManager – This object represents the entire catalog management system.
CatalogSets – This object provides access to the catalog sets defined in the site.
ProductCatalog – This object represents a specific catalog.
Category – This object represents a category within a catalog.
Product – This object represents a product.
These objects provide methods for navigating through the entire catalog hierarchy
of a site. Many of the methods and properties that these objects provide return ADO
Recordsets, which contain catalog, category, or product data.
Before any catalog data can be accessed, a connection to the data source for the site
must be initialized. Generally this is achieved by calling the Initialize method of
the CatalogManager object passing either an ADO connection string to the site
database or the site name as a parameter.
For more detailed information about the CatalogManagerCatalogSets,
ProductCatalogCategory, and Product objects, refer to the Commerce Server 2000
documentation.
User Management Objects
Commerce Server provides several objects that can be used to manage user infor-
mation and status as customers interact with the site. These objects include:
AuthManager – This object is used to handle security related functionality,
allowing users to be authenticated and logged on and providing a means of
identifying the specific user making a request.
ProfileService – This object is used to connect to the data source where profile
information relating to the registered users in the site is stored.
ProfileObject – This object encapsulates the profile data for a specific user, and
can be used to set or retrieve values such as NameTelephone NumberE-mail
Address
, or any other user attribute that needs to be tracked.
For more detailed information about the AuthManagerProfileService, and
ProfileObject objects, refer to the Commerce Server 2000 documentation.

102 Reference Architecture for Commerce
Shopping Basket Objects
After a user locates a product he or she wants to purchase, it is common practice in
a Web site to allow the user to add the product to a cart or basket. In reality, the
conceptual basket is a metaphor for a software object representing the collection of
items the user has selected during the visit. Every register user is issued a virtual
shopping basket during a visit (there is a one-to-one mapping of users to baskets).
The Reference Architecture application uses the following objects provided by
Commerce Server 2000 to provide the abstract shopping basket functionality:
OrderGroup – This object represents the shopping basket.
OrderForm – This object represents the collection of items in the shopping
basket. The OrderForm object is implemented as a Dictionary object, containing
information about the order as a whole, and a SimpleList object containing item
Dictionary objects representing the individual items in the basket. An Addresses
SimpleList object is used to store a collection of address Dictionary objects,
representing the shipping and billing addresses associated with the order.
For more detailed information about the OrderGroup, and OrderForm objects, refer
to the Commerce Server 2000 documentation.
The Predictor Resource
Commerce Server 2000 provides the ability to send content, such as advertisements
and discount notifications, to specific users. To do this, Commerce Server 2000 uses
the Microsoft Windows 2000 Predictor resource, which is installed optionally with
Commerce Server 2000. The Predictor resource allows you to build complex analy-
sis models that you can use to determine the type of content, advertisements, and
additional products that might interest your users. After the Predictor builds the
analysis model, you can add the Predictor Client Object to your ASP pages, which
gives your site the ability to display recommended products and targeted content.
The Predictor resource uses a great deal of memory when building the analysis
models. You can prevent this from impacting your Web servers by building the
analysis model once and then copying it to each of your Web servers. Each Web
server can host multiple analysis models to enable different predictive capabilities.
After you build an analysis model, you can view its components by using the
Prediction Model Viewer in Commerce Server Manager and the Segment Viewer
module in the Commerce Server Business Desk.
For more detailed information about the Predictor and guidelines for its use, refer
to the Commerce Server 2000 documentation.

Chapter 8: Solution Roadmap
103
Pipelines
Commerce Server 2000 solutions usually use pipelines for business processing. A
pipeline consists of a sequence of COM components that operate on a business
object, such as an OrderForm. The components in the pipeline, and the order in
which they are called, is specified in a pipeline configuration file (*.pcf). You can
think of a pipeline as being a kind of production line in which each component
performs a specific task before passing the business object to the next component.
ConsolidatedRetail.com uses seven pipelines: Advertising.pcf, Discounts.pcf,
Final.pcf, Lists.pcf, Pagbasket.pcf, Recordevent.pcf, and Total.pcf. Six of these have
references that are stored in the application level MSCSPipelines dictionary variable
as AdvertisingDiscountsPAGFinalListsPAGBasket, and PAGTotal respec-
tively. The remaining pipeline, Recordevent.pcf, is held as a Commerce.OrderPipeline
object in Application(“CampaignsCSFEventPipe).
Pipeline Components
The components in a pipeline are COM components that implement the
IPipelineComponent interface. This interface provides an Execute method, to
which a Dictionary object can be passed. A business process is implemented by
passing a business object such as an OrderForm to the execute method of each
component in the pipeline in turn.
Commerce Server provides a number of pipeline components that can be used in
e-commerce sites. These objects are used to apply discounts to an order, charge tax,
arrange shipping, and so on. In addition, you can create your own custom pipeline
components to perform specific tasks. The ConsolidatedRetail.com site includes the
following two custom pipeline components:
PersistUtility – This is a custom pipeline component that is used for copying
non-persisted attributes of the OrderGroup object to persisted attributes. Typi-
cally, attributes from the OrderGroup object that begin with an underscore are
temporary values and are destroyed at the end of pipeline processing. Because
this application exports an order form outside of the Commerce Server realm,
some OrderGroup values that are usually discarded need to be retained to
provide context in external processing. PersistUtility copies a few underscored
attributes to names without underscores, so the values persist after pipeline
processing is complete.
QueueEMail Class – This is a custom pipeline component that takes data from
the order form, converts it to XML, and uses the QueuedEMailer.CMailer
component (described in the section, “Custom Business Components”) to send
an e-mail message to the customer.

104 Reference Architecture for Commerce
Custom Business Components
Additional custom functionality can be added to a solution by creating custom
business components. The ConsolidatedRetail.com site includes one custom busi-
ness component: QueuedEMailer.CMailerQueuedEMailer.CMailer is a custom
COM component used to send e-mail to a customer. This is used for order confirma-
tions and forgotten passwords. The component is implemented as a COM+ queued
component, allowing its methods to be called asynchronously through a message
queue. This improves response time by allowing a user’s session to proceed without
having to wait until the email processing is complete.
Conclusion
This chapter provided a very brief, high-level overview of the major code categories
in the Reference Architecture application, with reference to actual code snippets.
At this point, you should have a conceptual understanding of how the code is
structured.
The next chapter walks you through each tier of ConsolidatedRetail.com applica-
tion, and provides pseudo-code and actual code examples to illustrate the process-
ing flow.

9
ConsolidatedRetail.com
Functionality
Now that you have an overview of the various parts of the solution, you are ready
to examine the specific functionality provided by the site. This chapter discusses the
following aspects of the solution and pays particular attention to the challenges
inherent in writing code for each functional area:
G Presentation services
G User authentication and profiling
G Catalogs
G Shopping basket management
G Order processing
As you review each section of this chapter, you will see how specific functionality
has been implemented and how you can reuse part or all of the ConsolidatedRetail.com
application in your own business-to-consumer solutions.
Presentation Services
The presentation services in the ConsolidatedRetail.com site are provided by the
XSL ISAPI filter. The main development challenge is to generate appropriate XML
in each of the PASP scripts and to create suitable XSL style sheets to present that
XML as HTML (or some other presentation format).

106 Reference Architecture for Commerce
XML Output from the PASP Files in ConsolidatedRetail.com
Each PASP file in the ConsolidatedRetail.com site produces an XML document in a
consistent format. It does this by including an Include reference to the Common.asp
file in every page on the site and calling its PageStart procedure.
The PageStart procedure in the Common.asp file contains the following code:
Sub PageStart(strPageNameWithExtension)
'comments and code omitted for clarity
  ' strip off the pasp file extension
  Dim strPageName
  strPageName = Trim(Left(strPageNameWithExtension, _
    InstrRev(strPageNameWithExtension, _
    ".") - 1))
if mc_blnUsePassport = True then
  Call InitPassport(GetServerURL() & "/" & mc_strPassportReturnPage
Else
  '???????
End if
'XML header
Response.Write _
  "<?xml-stylesheet type=""text/xsl"" _
    server-config=""" & _
    strPageName & "-Config.xml"" href=""" & _
    strPageName & "-IE5.xsl""?>" & vbcrlf
  'root for the page element.
  'the tag is closed in the "PageEnd" Subroutine.
Response.Write "<page pagename=""" _
      & strPageNameWithExtension & """>" & vbcrlf
  'This information is used by the link to passport for
  'returning back to the site after passport authentication.
Call XMLTag("HTTPHost", Server.URLEncode(GetHTTPHost()))
if not LocalIsLoggedIn() then
    Call GetPassportLogo(GetServerURL() & "/" & mc_strPassportReturnPage)
end if
End Sub
This procedure creates the XML header for the document that will be produced by
the PASP file. At the end of each PASP script, the PageEnd procedure is called to
close the <page> tag and complete the XML document. The following is the rel-
evant code in the PageEnd procedure:
Sub PageEnd()
'comments and code omitted for clarity
  'get authentication information to be used to display the logoff button.
  Call GetLogOffXML()

Chapter 9: ConsolidatedRetail.com Functionality
107
  'display error messages
  Call DisplayExceptions(m_varrExceptions)
  'root for the page element. The tag is opened in the PageStart subroutine.
  Call XMLEndTag("page")
End Sub
The XMLEndTag procedure is one of a number of XML helper procedures in
Common.asp. (For more information, see the “XML Helper Procedures” section
later in this chapter.) It generates an XML closing tag using the following code:
Sub XMLEndTag(strTagName)
  Response.Write mc_strStartTag & mc_strForwardSlashTag & _
    Lcase (Replace(strTagName, mc_strBlank,_
    mc_strUnderScore)) & _
    mc_strEndTag & vbCrLf
End Sub
XML documents produced using the PageStart and PageEnd procedures will look
similar to the following code sample:
<?xml-stylesheet type="text/xsl"
                 server-config="filename-Config.xml"
                 href="filename-IE5.xsl"?>
<page pagename="filename.pasp">
  <!— XML content —>
</page>
XML Helper Procedures
In addition to the XMLEndTag procedure described earlier, Common.asp contains
multiple XML-related utility routines. These procedures are used to generate tags
to be used in the XML documents produced by the PASP pages in the
ConsolidatedRetail.com site.
Although in many ways, it would be more efficient to hard-code the required XML
characters—such as “<” and “>” (without the quotation marks)—in the various
XML-generating procedures, numerous XML character constants are declared
in Common.asp. This helps make the code legible and aids debugging. The con-
stants are:
Const mc_strStartTag = "<"
Const mc_strEndTag = ">"
Const mc_strForwardSlashTag = "/"
Const mc_strUnderScore = "_"
Const mc_strBlank = " "

108 Reference Architecture for Commerce
These constants are used in the following XML-generating procedures:
XMLBegTag – This utility writes an opening XML tag (for example, <page>)
based on an strTagName parameter.
XMLEndTag – This utility (described earlier) writes a closing tag (for example
</page>) based on an strTagName parameter.
XMLEmptyTag – This utility writes an empty XML tag (for example, <page/>)
based on an strTagName parameter.
XMLTag – This utility writes an XML tag containing a value (for example,
<page>myvalue</page>) based on two parameters: strTagName and strTagValue.
GetXMLFromRS – This utility creates an XML representation of a recordset.
GetXMLFromRSRow – This utility creates an XML representation of the current
row in a recordset.
There are also numerous procedures, generically named xxxWithDsplyNm, which
produce XML tags containing a displayname attribute, for example:
<f_name displayname=”First Name”>Joe</f_name>
The display name for the tag is based on the tag name and is retrieved from the
CatalogDefinitionProperties application-level dictionary object variable.
To gain a full understanding of the functionality provided by the XML helper
procedures, examine the source code in Common.asp.
XSL Style Sheets in the ConsolidatedRetail.com Site
As explained earlier, each page has an associated filename-Config.xml file listing the
XSL style sheet to be applied for each client browser or device type. In this imple-
mentation, only Internet Explorer 5.5 is supported, although alternative style sheets
could be created and added to the site.
In most cases, the XSL file for each PASP page is named pagename-IE5.xsl (where
pagename is the non-version specific name of the PASP page), and contains XSL code
specific to the data on that page. However, to maintain a consistent look and feel to
the site, the common user interface (UI) elements for all pages are defined in a
separate XSL file named UI_layout-IE5.xsl, which is stored in the Include directory.
Each page-specific XSL file uses the XSL Include directive to incorporate the presen-
tation logic in UI_layout-IE5.xsl into the rendering of the current page as shown by
the following code snippet:
<xsl:include href="include\UI_layout-IE5.xsl"/>

Chapter 9: ConsolidatedRetail.com Functionality
109
Templates in UI_layout-IE5.xsl
The UI_layout-IE5.xsl file contains several templates. The page template is applied
to the <page> element in the XML document generated by each PASP page. It refers
to the Stylesheet.css cascading style sheet and creates an HTML table consisting of
five rows, on which the overall page is based. Other templates in the UI_layout-
IE5.xsl file are called to populate the rows.
The first row in the table contains a call to the pageheader template defined later in
the script. This template renders the top banner of the page, including the images
linked to the  basket, profile, and home pages.
The second row is used to create a space before the third row, which contains a call
to the main template. This template includes the logic necessary to render the menu
panel at the left side of the page, including the search form. The main template
in turn calls the getCatalogsForUser template, the exceptions template, and the
advertising or profilemenu or listsmenu template (depending on the presence
of an advertisingprofilemenu, or listsmenu XML element).
The fourth row of the table, like the second, is a spacer before the fifth row, in which
the pagefooter template is called. This template renders the bottom panel of the
page, including the copyright statement.
The page template in UI_layout-IE5.xsl is shown in the following code. The
pageheadermainpagefooter, and other templates used to render the pages in the
site can be examined in UI_layout-IE5.xsl.
<?xml version="1.0" ?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
 version="2.0">
<xsl:template match="*|/">
<xsl:apply-templates/></xsl:template>
<xsl:template match="text()|@*"><xsl:value-of select="."/></xsl:template>
<xsl:template match="page">
 <html>
  <head>
   <title>ConsolidatedRetail.com</title>
   <link rel="stylesheet" type="text/css" href="stylesheet.css"/>
  </head>

110 Reference Architecture for Commerce
  <body bgcolor="#ceb6d5" leftmargin="0" marginwidth="0" topmargin="0"
  marginheight="0">
   <table width="100%" cellpadding="0" cellspacing="0" border="0">
    <tr>
     <td>
      <xsl:call-template name="pageheader"/>
     </td>
    </tr>
    <tr>
     <td height="10"/>
    </tr>
    <tr>
     <td>
      <xsl:call-template name="main"/>
     </td>
    </tr>
    <tr>
     <td height="10"/>
    </tr>
    <tr>
     <td>
      <xsl:call-template name="pagefooter"/>
     </td>
    </tr>
   </table>
  </body>
 </html>
</xsl:template>
  <!— Code for other templates omitted for clarity —>
</xsl:stylesheet>
Rendering Index.pasp
You can examine the Index.pasp page to see how this all fits together. The
Index.pasp page is the default page, or home page, for the site. Index.pasp contains
code to perform the following tasks:
1. Define a constant named mc_strPageName with the value Index.pasp.
2. Call the PageStart procedure in Common.asp to create the appropriate <page>
opening tag.
3. Create an empty <advertising/> tag using the XMLEmptyTag procedure.
4. Create the </page> closing tag by calling the PageEnd procedure.
The following code performs these tasks:
  <!—#include file = "include/Site_Const.asp" —>
  <!—#include file = "include/Common.asp"—>
<%
  Const mc_strPageName = "Index.pasp"

Chapter 9: ConsolidatedRetail.com Functionality
111
Sub Main()
  Call PageStart(mc_strPageName)
  XMLEmptyTag(mc_strAdvertisingMenu)
  Call PageEnd()
End Sub
Call Main()
%>
This code generates the following XML document:
<?xml-stylesheet type="text/xsl"
      server-config="Index-Config.xml"
      href="Index-IE5.xsl"?>
  <page pagename="Index.pasp">
  <httphost>localhost%3A81</httphost>
  <mspassport><anchor>a</anchor>
  <url>http://current-login.passporttest.com/login.asp?id=1&amp;
      ru=http%3A%2F%2Flocalhost%3A81%2F%
      5FProcessPassportLogin%2Easp&amp;
      tw=120&amp;fs=0&amp;kv=1&amp;
      ct=998426692&amp;cb=0&amp;ems=1&amp;
      ver=1.990.1052.1&amp;C=1</url>
  <passportimage><image>img</image>
  <source>http://current-www.passportimages.org/signin.gif</source>
  <width>66</width>
  <height>19</height>
  <border>0</border>
  <class>PassportSignIn</class>
  </passportimage>
  </mspassport>
  <advertising/>
   <font face="Arial" size=2>
  <p> Type mismatch: 'CachedFragmentLookup'</font>
  <font face="Arial" size=2>error '800a000d'</font>
  <p>
  <font face="Arial" size=2>Type mismatch: 'CachedFragmentLookup'</font>
  <p>
  <font face="Arial" size=2>/include/Common.asp</font>
  <font face="Arial" size=2>, line 115</font>
The XML is passed to the XSL ISAPI filter, which determines that the appropriate
style sheet is identified in Index-Config.xml. The XSL ISAPI filter examines the
HTTP request header information to determine the browser type and version. Then
it matches the browser information with the appropriate style sheet in Index-
Config.xml. If no matching entry is found, the default style sheet (Index-IE5.xsl)
is applied.

112 Reference Architecture for Commerce
Index-Config.xml looks like the following:
<?xml version="1.0" ?>
<server-styles-config>
 <!— for HDML 3.0 browsers —>
 <device target-markup="HDML 3.0">
   <stylesheet href="Index-HDML3.xsl"/>
 </device>
 <!— for WML 1.1 browsers —>
 <device target-markup="WML1.1">
  <stylesheet href="Index-WML11.xsl"/>
 </device>
 <!— for IE 4.0 browsers —>
 <device browser="IE" version="4.0">
  <stylesheet href="Index-IE5.xsl"/>
 </device>
 <!— for IE 5.0 browsers —>
 <device browser="IE"  version="5.0">
  <stylesheet href="Index-IE5.xsl"/>
 </device>
 <!— for IE 6.0 browsers —>
 <device browser="IE"  version="6.0">
  <stylesheet href="Index-IE5.xsl"/>
 </device>
 <!— for MME browsers —>
 <device browser="MME">
  <stylesheet href="Index-WML11.xsl"/>
 </device>
</server-styles-config>
When a request is received from Internet Explorer 5 browser, the Index-IE5.xsl
style sheet is used to render the page as HTML. (The other entries in the Index-
Config.xml file are for illustration only; the corresponding style sheets are not
provided in the ConsolidatedRetail.com site.)
The Index-IE5.xsl code is similar to the following:
<?xml version="1.0" ?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="2.0">
<xsl:include href="include\UI_layout-IE5.xsl"/>
<xsl:template match="*|/"><xsl:apply-templates/></xsl:template>
<xsl:template match="text()|@*"><xsl:value-of select="."/></xsl:template>
<xsl:template name="pageleft"/>
<xsl:template name="pagecenter">
  <script language="JavaScript">

Chapter 9: ConsolidatedRetail.com Functionality
113
  <![CDATA[
    function Focus(){
      document.formSearch.txtSearchPhrase.focus()
      }
  ]]>
  </script>
  <table width="100%" cellpadding="0" cellspacing="0" border="0"
  bgcolor="#ffffff">
    <tr>
      <td width="11">
      <img src="images/spacer.gif" width="1" height="1" border="0"/>
      </td>
      <td valign="top" class="content-text">
      <table width="100%" cellpadding="0" cellspacing="0" border="0">
      <tr>
      <td valign="top" colspan="3" class="content-text">
      <xsl:if test="name[string-length()>0]">
      <p class="headline-text-purple">
        Hello, <xsl:value-of select="name" />.
        Welcome back to ConsolidatedRetail.com</p>
      </xsl:if>
      <xsl:if test="name[string-length()=0]">
      <p class="headline-text-purple">Welcome to ConsolidatedRetail.com</p>
      </xsl:if>
      <p>Welcome to the site where you can purchase everything you need at one
          convenient location.</p>
      <p align="center"><a href="Registration.pasp">
      <img src="images\home_freeshipping.gif" width="271" height="46" vspace="5"
          border="0"/></a><br/><br/></p>
      </td>
      </tr>
      <tr>
      <td valign="top" class="content-text">
      <p><xsl:apply-templates select="ads"/></p>
      <p><img src="images/spacer.gif" width="200" height="1" border="0"/></p>
      </td>
      <td width="1" bgcolor="#ceb6d5">
      <img src="images/spacer.gif" width="1" height="1" border="0"/>
      </td>
      <td width="125" align="right" valign="top" class="content-text">
      <img src="images/giftregistries.gif" width="118" height="30"
          border="0"/><br/>
      <p>Look for this feature in the near future.</p>
      </td>
      </tr>
    </table>
    </td>
    <td width="11">
    <img src="images/spacer.gif" width="1" height="1" border="0"/>
    </td>
    </tr>
  </table>
</xsl:template>

114 Reference Architecture for Commerce
<xsl:template match="ads">
  <xsl:apply-templates select="ad"/>
  </xsl:template>
  <xsl:template match="ad">
    <xsl:element name="{anchor}">
      <xsl:attribute name="href" ><xsl:value-of select="url"/></xsl:attribute>
      <xsl:attribute name="target" ><xsl:value-of select="location"/></
xsl:attribute>
        <xsl:apply-templates select="adimage"/>
    </xsl:element>
  </xsl:template>
  <xsl:template match="adimage">
    <xsl:element name="{image}">
      <xsl:attribute name="src" ><xsl:value-of select="source"/></xsl:attribute>
      <xsl:attribute name="width" ><xsl:value-of select="width"/></xsl:attribute>
      <xsl:attribute name="height" ><xsl:value-of select="height"/></
xsl:attribute>
      <xsl:attribute name="border" ><xsl:value-of select="border"/></
xsl:attribute>
      <xsl:attribute name="alt" ><xsl:value-of select="alternative"/></
xsl:attribute>
    </xsl:element>
  </xsl:template>
  <xsl:template match="discounts">
    <p><xsl:apply-templates select="ad"/></p>
  </xsl:template>
  <xsl:template name="pageright">
    <p><xsl:apply-templates select="/page/discounts"/></p>
  </xsl:template>
</xsl:stylesheet>
This style sheet includes the UI_layout-IE5.xsl style sheet, which renders the com-
mon user interface elements for the page. In this case, the XML document contains
an <advertising/> tag. Therefore, UI_layout-IE5.xsl also uses the advertising
template to render the right panel of the page. The resulting Index page is similar
to Figure 9.1.
The ConsolidatedRetail.com site renders PASP pages as described in the preceding
sections. This method—generating XML content in the PASP files and defining
presentation in the XSL style sheets—allows you to easily change the style sheets
used to display the pages without affecting the business logic in the PASP files,
making this a flexible and easily reusable solution.


Chapter 9: ConsolidatedRetail.com Functionality
115
Figure 9.1
Index Page
Caching Commonly Used Information
Microsoft Commerce Server 2000 provides components that can be used to cache
commonly used sections of a commerce Web site.
The Reference Architecture uses these components to provide two types of caches:
G Caches that are not refreshed (emptied) automatically; for example, caches that
store the catalog and the shipping methods. These caches are loaded when the
application starts and always contain valid (static) data. They are refreshed only
when and if the Web site owner uses Commerce Server Business Desk to modify
them.
G Caches that are refreshed automatically; for example, caches that store search
results and product detail information. These caches store the XML for pages as
the user requests them. These caches are emptied at regular intervals as specified
in the Global.asa file. They are also refreshed when the catalog changes.
The Web site’s PASP pages produce XML output strings, which both cache types
store. Using a caching mechanism to store processed XML allows Web pages to be
displayed quickly without further processing, thus improving performance and
saving system resources. Caches are of the type Commerce.LRUCache because this
component automatically removes items from the cache when the cache is filled,
and allows the caches to refreshed automatically using the Commerce Server 2000
Commerce.LRUCacheFlush component.

116 Reference Architecture for Commerce
Specific changes in Business Desk are immediately reflected in the caches when the
catalog is refreshed or updated (or when the transactions are published using
Business Desk). This happens because code in the BDRefresh.asp page refreshes the
relevant caches. Refer to the Commerce Server documentation for details regarding
how application caches are tied to Business Desk.
Note: Cache keys for certain caches contain compound information (for example, catalog name
and category name), which is stored in a concatenated form delimited by the greater than
(right chevron) sign (>).
Caching of Catalog Names
The Reference Architecture stores catalog names in a cache because these names are
displayed on every page, thus they must be retrieved from the Commerce Server
2000 database for every page. In addition, catalog information rarely changes in
production sites. Therefore, the catalog names cache is not refreshed automatically.
Similar functionality is implemented in the Commerce Server 2000 Retail
Solution site available for download from the MSDN Web site at http://
www.msdn.microsoft.com/

Pages Affected
Caching of catalog names affects the following pages:
G Global.asa
G include\Cache.asp
G include\Common.asp
G include\Site_const.asp
Implementation Details
The cache for catalog names, CatalogSetCache, is created in Global.asa with a
RefreshInterval of zero (0). This ensures that the cache never refreshes automati-
cally; that is, the Refresh interval is forever. The cache is also populated in
Global.asa with the XML for the catalogs for each CatalogsetId in the Commerce
Server 2000 database. The CatalogsetId also serves as the cache key.
The CatalogSetId uniquely identifies the catalogs associated with a user. Therefore,
the XML to be displayed varies as the CatalogsetId changes to correspond with
current user.
If you use Business Desk to make any changes to the catalogs, code in
BDRefresh.asp automatically propagates the changes to the cache. This design
ensures that CatalogSetCache always contains up-to-date information and that the
cache can be used directly without performing an “if… exists” check each time.

Chapter 9: ConsolidatedRetail.com Functionality
117
Caching of Categories
The Reference Architecture stores category pages in a cache because they are pages
that are commonly viewed by most users.
Similar functionality is implemented in the Commerce Server 2000 Retail Solution
site.
Pages Affected
Caching of category pages affects the following pages:
G Category.pasp
G Global.asa
G include\Common.asp
G include\Site_const.asp
Implementation Details
The cache for category pages, CategoryCache, is created in Global.asa with a zero
RefreshInterval. This ensures that the cache does not refresh itself automatically.
The cache is populated when the user first encounters the category page. Subse-
quent access requests for the same page are fulfilled from the cache, until the cache
is refreshed or the LRUCache component removes it from the cache.
The cache key is a concatenated string consisting of the catalog name and the
category name in the form:
CatalogName + > + CategoryName
Together, the catalog name and category name provide enough information for the
Category.pasp page to obtain the listed products and subcategories.
If you use Business Desk to make any changes to the catalogs, code in
BDRefresh.asp automatically empties the CategoryCache. This design ensures that
CategoryCache contains the most current version of a recently viewed category
page.
Caching of Product Information
The Reference Architecture stores product pages in a cache because they are pages
that are commonly viewed by most users.
Similar functionality is implemented in the Commerce Server 2000 Retail Solution
site.
The Reference Architecture and Commerce Server 2000 Retail Solution Site use the
same cache name for this functionality: ProductPageCache.

118 Reference Architecture for Commerce
Pages Affected
Caching of product information affects the following pages:
G Global.asa
G include\Common.asp
G include\Site_const.asp
G Product.pasp
Implementation Details
The cache for product pages, ProductPageCache, is created in Global.asa with a
non-zero RefreshInterval. This ensures that the cache refreshes (that is, it empties
itself) automatically at regular intervals. The cache is populated when the user first
encounters the product page. Subsequent access requests for the same page are
fulfilled from the cache, until the cache is refreshed or the LRUCache component
removes it from the cache.
The cache key is a concatenated string consisting of the catalog name, the category
name, and the product ID in the form:
CatalogName + > + CategoryName + ProductId
Together, the catalog name, category name, and product ID provide enough infor-
mation for the Product.pasp page to obtain the product information.
If you use Business Desk to make any changes to the catalogs, code in BDRefresh.asp
automatically empties the ProductPageCache. This design ensures that
ProductPageCache contains the most current version of recently viewed product
information.
Caching of Shipping Methods
The Reference Architecture stores shipping methods in a cache because these
methods rarely change and are used by all users during the check out (or purchas-
ing) phase.
Similar functionality is implemented in the Commerce Server 2000 Retail Solution
site.
The Reference Architecture and Commerce Server 2000 Retail Solution Site use the
same cache name for this functionality: StaticSectionsCache.
Pages Affected
Caching of shipping methods affects the following pages:
G Global.asa
G include\Common.asp
G include\Cache.asp

Chapter 9: ConsolidatedRetail.com Functionality
119
G include/Site_const.asp
G MultiShipping.pasp
G OrderSummary.pasp
G Shipping.pasp
G ShippingMethod.pasp
Implementation Details
The cache for shipping methods, StaticSectionsCache, is created in Global.asa with
RefreshInterval of zero (0). This ensures that the cache never refreshes automati-
cally; that is, the Refresh interval is forever. The cache is populated in Global.asa
with the XML for the shipping methods from the Commerce Server 2000 database.
The cache key is a string constant, ShippingMethodsXML.
If you use Business Desk to make any changes to the shipping methods, code in
BDRefresh.asp automatically propagates the changes to the cache. This design
ensures that the StaticSectionsCache always contains up-to-date information and
that the cache can be used directly without performing an “if… exists” check
each time.
Caching of Search Results
The Reference Architecture stores search results in a cache because the search
facility is commonly used by all users.
Similar functionality is implemented in the Commerce Server 2000 Retail Solution
site.
The Reference Architecture and Commerce Server 2000 Retail Solution Site use the
same cache name for this functionality: FTSearchPageCache.
Pages Affected
Caching of search results affects the following pages:
G Global.asa
G include\Common.asp
G include\Site_const.asp
G SearchResults.pasp
Implementation Details
The cache for search results, FTSearchPageCache, is created in Global.asa with a
non-zero RefreshInterval. This ensures that the cache refreshes automatically at
regular intervals. The cache is populated when the user first encounters the product
page. Subsequent requests to the same page are fulfilled from the cache, until the
cache is refreshed or the LRUCache component removes the page from the cache.

120 Reference Architecture for Commerce
The cache key is a concatenated string consisting of relevant search information, as
follows:
CatalogName + > + CatalogSetId + > + CategoryName + > + SearchPhrase + > +
ProductID + > + VariantID + > + SearchStartPosition + > +
NumberOfSearchedItemsToDisplay
This key is unique and is the only information that the SearchResults.pasp page
needs.
If you use Business Desk to make any changes to the catalogs, code in
BDRefresh.asp automatically refreshes the FTSearchPageCache. This ensures that
FTSearchPageCache contains the most current version of the search results page.
User Authentication and Profiling
Microsoft Commerce Server 2000 provides support for an extensible profile system
that can store a great deal of user data. This user data, or customer profile, can
include shipping addresses and contact information. Customers can use these
profiles to store personal data so that they aren’t required to reenter the information
each time they visit the site. Thereafter, a company can then use the profile informa-
tion for business analysis, targeted advertising campaigns, and discount offers.
To create and maintain a profile, a customer must register with the site and log on.
This creates a unique user ID that identifies the user and retrieves the correspond-
ing profile information from the database. The customer’s user ID is stored in a
cookie on the client browser. If a user has not yet logged on, the cookie contains the
user ID associated with the anonymous user, and profile information is not avail-
able. When the user logs on, the appropriate user ID is retrieved and written to the
cookie; thereby making the profile information available for the remainder of the
session.
Note: Just as the Bdrefresh.asp script clears the Business Desk cache, the RefreshApp.asp
script clears the Profiles cache. Clearing either of these caches repeatedly could lead to a
denial of service for users.
The site requires browsers to be configured to allow cookies. If a user accesses the
site with a browser configured to allow per-session cookies (cookies that are not
stored on the user’s hard disk) but not stored cookies, the user can log on and use
the site but is not able to place products in the shopping basket. If no cookies are
allowed at all, the user is not able to access the site.

Chapter 9: ConsolidatedRetail.com Functionality
121
Registering a User
A user can register with the site by using the Registration.pasp page. When this
page is rendered using the Registration-IE5.xsl style sheet, it contains a form that
posts the data back to itself.
The Registration.pasp page contains code to perform the following tasks:
1. Examine the data in the form to determine the Mode and ProcessAction param-
eters. Mode is used to indicate the page the user should be redirected to when
registration is complete (the default is Acct.pasp). ProcessAction is used to decide
if the registration form should be displayed so that a user can register, or if the
form is being posted back for processing.
2. Pass the registration data to the PutUserObject so that a new profile can be
created. PutUserObject is defined in the Profile.asp include file.
3. Redirect the user to the Acct.pasp page (or another page determined by the Mode
parameter).
The Registration.pasp page retrieves the Mode and ProcessAction values from the
query string by using the MSCSAppFrameWork application-level variable, as shown
in the following code:
strPageMode = _
  Application("MSCSAppFrameWork").RequestString( _
    "Mode", Null, , , True, True, 0, Null)
strProcessingAction = _
  Application("MSCSAppFrameWork").RequestString( _
    "ProcessAction", Null, , , True, True, 0, Null)
Mode is usually null, meaning that when a user successfully registers, he or she
should be redirected to the account management page (Acct.pasp). In some circum-
stances, Mode contains the name of an alternate page to which the user should be
redirected. For example, if an anonymous user adds products to a shopping basket
before registering, you may want to send the user back to the checkout page after he
or she registers.
The ProcessAction parameter is used to determine whether the user accessed the
registration page from another page in the site, in which case the registration form
renders, or from the registration page itself, in which case the contents of the regis-
tration form are used to register the user. If the ProcessAction parameter is
EditUserObject, then the user can be registered using the data in the form on
the page.
Next, the script retrieves the form data and passes it to the PutUserObject function,
which is defined in the Profile.asp include file. This include file contains numerous

122 Reference Architecture for Commerce
procedures for managing user profiles that are used by various pages in the site.
The PutUserObject function is used to add or update a user profile and returns a
Boolean value indicating success or failure. If the user creation is successful, the
user is logged on and redirected to another page. If not (for example, because the
specified user name already exists), the Registration.pasp page redisplays with an
error message indicating the problem.
The code calls the GetGuaranteedUserID function in Profile.asp to retrieve the user
ID. This function returns an authenticated user ID for a user who is logged on or a
profile user ID for an anonymous user.
Profile.asp uses the following code to check whether a user with the specified user
name already exists:
If Not Application("MSCSProfileService") Is Nothing Then
  strUserID = GetUserID
If Not IsNull(strUserName) Then
  Set objMSCSProfile = Application("MSCSProfileService").GetProfile(strUserName,
mc_strUserObject, blnReturnCode)
If Not (objMSCSProfile Is Nothing) Then
  Call AddException(m_varrExceptions, 1,
    "Username already exists.", mc_strPageName)
  Set objMSCSProfile = Nothing
If the user name has not been used already, the code generates a globally unique
identifier (GUID) to add the user and calls the CreateProfile method of the
ProfileService object. The values passed from the registration form are assigned
to the profile:
strUserID = GenerateGUID()
Set objMSCSProfile =
  Application("MSCSProfileService").CreateProfile(_
    strUserName, mc_strUserObject)
objMSCSProfile.Fields(mc_strGeneralInfo).Value_
  (mc_strUser_ID)= cstr(strUserID)
objMSCSProfile.Fields(mc_strAccountInfo).Value_
  (mc_strAccount_Status)= CInt(1)
objMSCSProfile.Fields(mc_strGeneralInfo).Value_
("user_type")= strUserType
objMSCSProfile.Fields(mc_strGeneralInfo).Value_
(mc_strUser_Security_Password)= strPassword
objMSCSProfile.Fields(mc_strAccountInfo).Value_
("date_registered")= Now()
objMSCSProfile.Fields(mc_strProfileSystem).Value_
("date_created") = strCreateDate

Chapter 9: ConsolidatedRetail.com Functionality
123
Most of the code on the remainder of Profile.asp is used to update existing user
objects. Finally, the profile object is updated and the function returns True:
objMSCSProfile.Update
Set objMSCSProfile = Nothing
PutUserObject = True
When this function completes, the new user is registered in the site database.
After the user registers, Registration.pasp redirects the browser to Acct.pasp (if the
Mode parameter is NULL) or to an alternate page specified in the Mode parameter:
If blnRegistered Then
  If IsNull(strPageMode) Then
    Response.redirect "Acct.pasp?Mode=" & strPageMode
  Else
    Response.Redirect strPageMode & "?Mode=" & strPageMode
  End If
 End If
Authenticating a User
To access their profile information, registered users must log on and be authenti-
cated. As explained earlier, newly registered users are automatically logged on by
the code in Registration.pasp. Returning customers, however, must provide a user
name and password to be authenticated.
Note: In this sample application, the logon details are passed in plain text using HTTP. In a
production site, Hypertext Transfer Protocol, Secure (HTTPS) should be used to encrypt the
security credentials. The security of information, including credentials and confidential user
data, is the responsibility of the production site developer. Developers should take all neces-
sary precautions to ensure that authentication credentials and confidential information, such
as credit card numbers, order history, shopping lists, and so on, are adequately protected.
Users can log on by using the Login.pasp page. Like Registration.pasp, this page
posts data to itself and uses the functionality of Profile.asp to process the data.
The Login.pasp page contains code to perform the following tasks:
1. Examine the data in the form to determine the Mode and ProcessAction param-
eters. Mode indicates the page that the user should be redirected to when the
logon process is complete (the default is Acct.pasp). ProcessAction designates
whether the user credentials form should be displayed so that a user can log
on, or if the form is being posted back for processing.
2. Retrieve the user credentials from the form.
3. Pass the credentials to the Logon function in Profile.asp.

124 Reference Architecture for Commerce
4. Redirect the user to the Acct.pasp page (or another page determined by the Mode
parameter).
The most important code in Login.pasp is a call to the Logon function in Profile.asp:
blnLoginSuccessful = Logon(strUserName, strPassword)
The Logon function is used to validate a user’s user name and password and send
an authentication ticket in the form of a cookie to the client browser. The Logon
function performs the following tasks:
1. Create and initialize an AuthManager object, as follows:
Set objMSCSAuthMgr = _
  Server.CreateObject(mc_strAuthManager)
Call objMSCSAuthMgr.Initialize _
  (Application("MSCSDictConfig").s_SiteName)
2. Remove any existing authentication ticket that the user may have from a previ-
ous session:
If objMSCSAuthMgr.IsAuthenticated Then
 call objMSCSAuthMgr.SetAuthTicket _
        ("", blnCookieSupport, _
         Application("MSCSDictConfig")._
         i_FormLoginTimeOut)
End If
3. Check to ensure that a non-blank user name has been provided, and then use the
application-level MSCSProfileService object to load the profile for the user with
the specified name:
Set objMSCSProfileObject = _
Application("MSCSProfileService").GetProfile(strUserName, _
mc_strUserObject, blnReturnCode)
4. If a matching profile for a registered user is found, retrieve the password and
user ID, and then compare the password to the password provided by the user:
strProfilePassword = _
  objMSCSProfileObject(mc_strGeneralInfo).Value _
  (mc_strUser_Security_Password)
strUserID = objMSCSProfileObject(mc_strGeneralInfo). _
   Value (mc_strUser_ID)
If CStr(strProfilePassword) = CStr(strPassword) Then
   ...

Chapter 9: ConsolidatedRetail.com Functionality
125
5. One of the design features of the ConsolidatedRetail.com site is the ability to add
products to a shopping basket while browsing anonymously. If the user adds
items to the shopping basket prior to logging on, the user will have been issued
an anonymous profile ticket. The AuthManager object now retrieves this ticket
so that the contents of the anonymous user’s shopping basket can be transferred
to the authenticated user’s shopping basket:
strProfileUserID = _
  objMSCSAuthMgr.GetUserID(mc_bytProfileTicketType)
6. Issue a new (authenticated user) ticket to the user and set the anonymous cookie
to a blank value (thus deleting it):
Call objMSCSAuthMgr.SetAuthTicket _
  (strUserID, blnCookieSupport, _
  Application("MSCSDictConfig"). _
  i_FormLoginTimeOut)
Call objMSCSAuthMgr.SetUserID(mc_bytAuthTicketType, _
  strUserID)
Call objMSCSAuthMgr.SetUserID(mc_bytProfileTicketType, "")
Call objMSCSAuthMgr.SetProfileTicket("", blnCookieSupport)
7. Transfer any products in the anonymous shopping basket to the authenticated
user’s shopping basket, and then declare the logon a success:
If (Len(strProfileUserID) > 0) Then
   ' get the profile object from their anonymous
   '  session
  Set objMSCSUnRegProfileObject = Application( _
     "MSCSProfileService").GetProfilebykey( _
      mc_strUser_ID, strProfileUserID, _
      mc_strUserObject, blnReturnCode)
  ' if we get a matching anonymous profile back
  If Not (objMSCSUnRegProfileObject Is Nothing) Then
      ' transfer basket contents from anon id to registered
      ' id
     Call MoveBasketItems(strProfileuserid, strUserID)
     ' delete the anonymous profile from the profile store
    Call Application("MSCSProfileService"). _
         DeleteProfileByKey(mc_strUser_ID, _
         strProfileUserID, mc_strUserObject)
  End If
  Set objMSCSUnRegProfileObject = Nothing
End if
' return successful logon value
Logon = True

126 Reference Architecture for Commerce
For the remainder of the session, the authentication cookie is presented with each
request, and the code is able to retrieve the user’s profile information.
Using Passport Authentication
The Reference Architecture application provides its own authentication mechanism
as described earlier, as well as support for Microsoft Passport single sign-in (SSI)
service.
The Reference Architecture application (ConsolidatedRetail.com) displays the
Passport Sign In button immediately below the Logon button.
A user who has a Passport account can choose to click the Passport Sign In button
and use Passport’s standard authentication steps to log on to the site. After the
authentication process completes, the user is redirected to ConsolidatedRetail.com.
If the user is new to the Reference Architecture application, the application creates a
profile for that user and stores it in its Commerce Server 2000-based profile store.
After the profile is created, the user is logged on to the Reference Architecture’s
authentication system.
After logon, the Reference Architecture application manages a Passport user as it
does any other user, except that a search for the user’s public lists does not reveal
his or her user name. This is because Passport participant sites have guaranteed
access to the user’s Pairwise Unique ID (PUID) but not to any other user identifica-
tion information, such as a name. (The PUID is the 64-bit unique user ID used by
the Passport service.) The Reference Architecture application does not display a
user’s PUID.
Note that the Reference Architecture uses Passport in Test mode. Certain Passport
features behave differently in Passport Test mode than in Production mode. In the
following description, these differences are noted when relevant.
Note also that the Reference Architecture does not provide a log off feature; there-
fore, ConsolidatedRetail.com does not display a Passport Sign Out button.
Passport authentication requires modifications to the schema as well as new code to
implement the authentication process. To modify the schema, the logon_name
profile property is set to the PUID.
Support for Passport is incorporated in the following Reference Architecture files:
G include/Common.asp – This file Initializes the Passport Manager and determines
when to display the Passport Sign In button.
G _processPassportLogin.asp – This file retrieves the user’s PUID and e-mail ad-
dress and determines whether the user has a Reference Architecture application
user profile.
G include/UI_layout-ie5.xsl – The  mspassport XSL template in this file displays the
Passport Sign In button.

Chapter 9: ConsolidatedRetail.com Functionality
127
Passport authentication involves the following steps:
1. The include/Common.asp file contains code that initializes the Passport Man-
ager object. It also contains code that determines when to display the Passport
Sign In
 button on the left side of a page and on the Logon page. The
GetPassportLogo function determines the display of the Passport Sign In
button. GetPassportLogo is called only if the user is anonymous. The operations
in GetPassportLogo performs the following tasks:
a. It obtains the session expiration time from the Commerce Server 2000 Appli-
cation Default Configuration options variable, i_FormLoginTimeOut.
b. It calls the IsAuthenticated method of the Passport Manager object.
IsAuthenticated checks whether the user is still signed in to Passport, but has
timed out of the Reference Architecture. In this case, the user is logged on
automatically to the Reference Architecture application.
2. Next, the code determines whether the user signed in using the Passport Auto-
matic Sign In facility. If the user did sign in to Passport automatically, he or she is
logged on to the Reference Architecture, using the following code:
If PassportManager.HasTicket then
  If PassportManager.HasSavedPassword Then
    Server.Execute(PassportReturnPage)
    Exit Sub
  End If
End If
When Passport runs under Test mode, certain Passport cookies are not removed
when the user’s session times out or when the user closes the browser. If not
removed, these cookies generate a Passport Sign Out button rather than a
Passport Sign In button the next time the user accesses the site. To resolve this
issue, the code removes these cookies so that the Passport Sign In button can
display. (Typically, these cookies are deleted using a log off page. However,
because the Reference Architecture does not provide a log off page, the cookies
must be deleted by the same page that contains the Passport Sign In button.)
To ensure that the cookie deletion code is not called when it isn’t needed, the
code is enclosed in an appropriate conditional statement:
If PassportManager.HasTicket then
.
.
.
End If
3. The code uses the LogoTag() method of the Passport Manager object to display
the Passport Sign In button, which is appropriately inserted into the outgoing
XML stream.

128 Reference Architecture for Commerce
4. After the user successfully logs on, Passport redirects the user to
ProcessPassportLogin.asp. This page retrieves the user’s PUID and e-mail
address and determines whether the user has a Reference Architecture applica-
tion user profile. If not, it uses the PutUserObject function to create the user
profile. A Passport user’s profile is distinguished from non-Passport user profiles
because it has an empty password. After creating the profile, the user is logged
on to the Reference Architecture application, and then redirected to an appropri-
ate page.
Retrieving and Updating Profile Information
The site allows a user to access, view, and edit his or her profile information from
numerous pages. Each page uses similar code to update fields in the user’s profile;
therefore, this chapter discusses only the UserProfile.pasp page in detail. You may
want to examine the code in EditAddressBook.pasp and ChangePasswd.pasp,
which perform similar functions.
Note: The ConsolidatedRetail.com site does not make any provisions for deleting or removing
expired or stale user information. If you use the Commerce Server 2000 Business Desk to
delete a user, that user’s personal information may be persisted in the site databases. This
information includes, but is not limited to, addresses, credit card numbers, and order history.
You will need to add functionality or processes to delete that information if your business rules
so dictate.
The  UserProfile.pasp page contains a form that allows a user to view and change
the profile values for first name, last name, e-mail address, phone, and fax number.
It is similar in design to the Registration.pasp page discussed earlier, and it contains
code to perform the following tasks:
1. Check the ProcessAction query string value.
G If the query string value is EditUserObject, then the page has posted the form
contents to itself and the profile must be updated. Go to Step 2.
G If the query string value is not EditUserObject, there are no changes to the
profile. Go to Step 4.
2. Retrieve the form values from the query string.
3. Pass the form values to the PutUserObject function in Profile.asp.
4. If the form values are not saved successfully or there are no changes to the
profile (that is, the query string value is not EditUserObject), format the existing
profile values as XML.
As explained earlier, the PutUserObject function is used to register a new user when
a user name is passed to it. If no user name is passed, then the function assumes that
the user already exists and attempts to update the data in the existing profile.

Chapter 9: ConsolidatedRetail.com Functionality
129
To access the profile, PutUserObject uses the GetUserID function in Common.asp
to retrieve the current user’s ID from the authentication ticket, as follows:
Function GetUserID()
 Dim objMSCSAuthMgr 'Authentication Manager
 Dim strUser_ID
' user id retrieved from the
 ' authentication manager
 ' Instantiate and initialize AuthManager object.
 Set objMSCSAuthMgr = _
  Server.CreateObject(mc_strAuthManager)
 Call objMSCSAuthMgr.Initialize _
  (Application("MSCSDictConfig").s_SiteName)
 strUser_ID = Null
 ' If user has authenticated and auth ticket hasn't
 ' timed out
 If objMSCSAuthMgr.IsAuthenticated Then
  ' grab the unique logon id they authenticated to.
  strUser_ID  = _
    objMSCSAuthMgr.GetUserID(mc_bytAuthTicketType)
 ' otherwise, If they're browsing anonymously
 Else
  ' get profile user id, which is a GUID.
  ' If the getuserid method return a empty string
  ' convert the string to Null
  strUser_ID = _
    objMSCSAuthMgr._
    GetUserID(mc_bytProfileTicketType)
  If not isNull(strUser_ID) Then
    If len(trim(strUser_ID)) = 0 Then
      strUser_ID = Null
    End If
  End If
 End If
 ' return the new GUID or their current authenticated
 ' username
 GetUserID = strUser_ID
 Set objMSCSAuthMgr = Nothing
End Function
To retrieve the user profile, the code in the PutUserObject function in Profile.asp
uses the GetProfileByKey method of the ProfileService object:
Set objMSCSProfile = Application("MSCSProfileService").GetProfilebyKey( _
  mc_strUser_ID, strUserID, mc_strUserObject, blnReturnCode)

130 Reference Architecture for Commerce
Finally, the code updates the profile fields for the user:
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strFirst_Name) = strFirstName
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strLast_Name) = strLastName
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strEmail_Address)= strEmailAddress
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strTel_Number) = strTelNumber
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strWork_Number) = strWorkNumber
objMSCSProfile.Fields(mc_strGeneralInfo).Value( _
  mc_strWork_Extension) = strWorkExtension
objMSCSProfile.Fields(mc_strProfileSystem).Value( _
  mc_strDate_Last_Changed) = Now
objMSCSProfile.Update
If the profile was not updated (that is, the ProcessAction query string was not set to
EditUserObject) or the attempt to update the profile was unsuccessful, then the
code in UserProfile.pasp calls the GetUserObjectXML procedure to render the
entire user profile as XML (only the fields referenced in UserProfile-IE5.xsl are
actually displayed, but the style sheet could be modified to show additional profile
information without changing this code). The GetUserObjectXML procedure uses
the GetProfileByKey method of the ProfileService object to retrieve the user’s
profile. Then the XML helper routines in include/Common.asp are used to render
the data.
The GetUserObjectXML routine (located in Profile.asp) contains code similar to the
following:
Sub GetUserObjectXML()
 Dim objMSCSProfile
 Dim strUserID
 Dim Field
 Dim Group
 Dim blnReturnCode
  strUserID = GetUserID
 If Not IsNull(strUserID) Then
  ' initialize profile service & connect to profile store using specified
  ' schema
  If Not Application("MSCSProfileService") Is Nothing Then
  ' use profile service to retrieve profile object for user, and assign
  ' that object to function's return value
   Set objMSCSProfile = Application("MSCSProfileService") _
    .GetProfilebyKey(mc_strUser_ID, GetUserID, _

Chapter 9: ConsolidatedRetail.com Functionality
131
    mc_strUserObject, blnReturnCode)
   If Not objMSCSProfile Is Nothing Then
    Call XMLBegTag(c_strProfile)
    For Each Group In objMSCSProfile.Fields
     Call XMLBegTag(Group.Name)
     For Each Field In Group.value
       If Field.Name <> PASSPORT_DEFINATION Then
         Call XMLTag(Field.Name, Field.Value)
       End If
     Next
     Call XMLEndTag(Group.Name)
    Next
    Call XMLEndTag(c_strProfile)
   End If
   Set objMSCSProfile = Nothing
  End If
 End If
End Sub
UserProfile.pasp produces the following XML output:
<?xml-stylesheet type="text/xsl" server-config="UserProfile-Config.xml"
href="UserProfile-IE5.xsl"?>
<page pagename="UserProfile.pasp">
<httphost>MYCOMP%3A85</httphost>
<profilemenu/>
<pagemode/>
<validate><maxlengthname>15</maxlengthname>
<validateitem><functionname>CheckName</functionname>
<fieldname>txtFirstName</fieldname>
<errormessage>Please enter a valid first name.</errormessage>
</validateitem>
<maxlengthname>15</maxlengthname>
<validateitem><functionname>CheckName</functionname>
<fieldname>txtLastName</fieldname>
<errormessage>Please enter a valid last name.</errormessage>
</validateitem>
<maxlengthemail>40</maxlengthemail>
<validateitem><functionname>CheckEmail</functionname>
<fieldname>txtEmailAddress</fieldname>
<errormessage>Please enter a valid email address.</errormessage>
</validateitem>
<maxlengthphonefax>14</maxlengthphonefax>
<validateitem><functionname>CheckPhoneFaxNumber</functionname>
<fieldname>txtTelNumber</fieldname>
<errormessage>Please enter a valid phone number.</errormessage>
</validateitem>
<maxlengthphonefax>14</maxlengthphonefax>
<validateitem><functionname>CheckPhoneFaxNumber</functionname>
<fieldname>txtWorkNumber</fieldname>

132 Reference Architecture for Commerce
<errormessage>Please enter a valid fax number.</errormessage>
</validateitem>
</validate>
<userobject><accountinfo><org_id/>
<account_status>1</account_status>
<user_catalog_set/>
<date_registered>8/28/2001 5:53:00 PM</date_registered>
</accountinfo>
<advertising><campaign_history/>
</advertising>
<businessdesk><partner_desk_role/>
</businessdesk>
<generalinfo><user_id>{AD855214-144A-432B-A03C-7F6F261B64EF}</user_id>
<logon_name>Kim</logon_name>
<email_address>KimAbercrombie@someservice.net</email_address>
<user_type>1</user_type>
<user_title/>
<last_name>Abercrombie</last_name>
<first_name>Kim</first_name>
<tel_number>555-555-5555</tel_number>
<tel_extension/>
<fax_number>555-555-5555</fax_number>
<fax_extension/>
<user_id_changed_by/>
</generalinfo>
<profilesystem><date_last_changed>8/28/2001 5:54:58 PM</date_last_changed>
<date_created>8/28/2001 5:52:23 PM</date_created>
</profilesystem>
</userobject>
<notpassportuser/>
<getcatalogsforuser><selectiontitle>Browse Catalogs:</selectiontitle>
<catalog>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
</catalog>
<catalog>
<catalogname>Hardware</catalogname>
<catalognameurl>Hardware</catalognameurl>
</catalog>
</getcatalogsforuser>
<profile auth="auth"/><exceptions></exceptions>
</page>
The ConsolidatedRetail.com site provides effective profile functionality and demon-
strates the basic techniques for creating, retrieving, and updating user profile
information. You could extend this functionality to creating custom profile proper-
ties by using the Commerce Server Manager, and you could use the profile informa-
tion to personalize the site for individual users. For more information about using
Commerce Server 2000 profiling functionality, refer to the Commerce Server 2000
documentation.

Chapter 9: ConsolidatedRetail.com Functionality
133
Product Catalogs
One of the most important aspects of implementing an e-commerce site is providing
an easy way for customers to browse the catalogs. The ConsolidatedRetail.com site
does this in four ways:
G Catalogs are always listed in the user interface.
G Users can browse through hierarchically organized categories.
G Users can search all or some of the catalogs for a particular string.
G Users can browse through the product detail pages in a single catalog or in a
search result (wizard browsing).
Catalog Access
There may be catalogs for which limited access is appropriate. To require authenti-
cation for access to a specific catalog, you can use the Business Desk to specify that
user authentication is required. Thereafter, each time a user attempts to browse,
search, or use a list to view products in a restricted catalog, the Reference Architec-
ture application checks to see that the user is authenticated and has access to that
catalog. (To prevent performance degradation, this validation process uses the
CatalogsetId and CatalogSetCache.) The Reference Architecture code performs this
validation when a user attempts to access the following pages:
G Public or private Shopping List
G Save for Later basket
G Product detail page
G Category browse page
G Search results
G Advanced search results
Code to enable this validation appears in the following files:
G Include/Basket.asp
G Include/Site_Const.asp
G Xml/rc.xml
G _additem.asp
G _additemsfromlist.asp
G _moveitemsfromsfl.asp
G Basket.asp
G Category.pasp
G Product.pasp
G SearchResults.pasp
G StepSearch.pasp

134 Reference Architecture for Commerce
The catalogs available to the current user are always listed in the left pane of the user
interface. This is achieved by including the code to determine the available catalogs
and display them in the PageEnd procedure in Common.asp, as described next:
1. Retrieve a list of catalogs based on user type by checking the constant for
CatalogSetCache, which identifies the catalog set assigned to the user:
Sub PageEnd()
Dim strOut
strOut = CachedFragmentLookup( CATALOGSET_CACHE , GetDefaultCatalogSet() )
Response.Write strOut
2. Call GetDefaultCatalogSet, which returns the registered default catalog set for
an authenticated, registered user or the anonymous default catalog set for all
other users. To confirm the user’s authentication credentials, instantiate and
initialize an AuthManager object:
GetDefaultCatalogSet()
Dim objMSCSAuthMgr
Set objMSCSAuthMgr = Server.CreateObject(mc_strAuthManager)
Call objMSCSAuthMgr.Initialize(Application("MSCSDictConfig").s_SiteName)
3. If the user is authenticated, and the authentication ticket has not timed out,
retrieve the catalog set assigned to that user.
  If objMSCSAuthMgr.IsAuthenticated() Then
    'DefaultRegisteredCatalogSet
    GetdefaultCatalogSet = Application("MSCSDictConfig").
    s_AuthenticatedUserDefaultCatalogSet
4. Otherwise, retrieve the catalog set for anonymous users, and clear the
AuthManager object.
  Else
    'DefaultAnonymousCatalogSet
    GetDefaultCatalogSet = Application("MSCSDictConfig").s_
    AnonymousUserDefaultCatalogSet
  End If
Set objMSCSAuthMgr = Nothing
End Function
When the XML produced by this code is rendered using the UI_layout-IE5.xsl style
sheet, the resulting Web page displays the name of each catalog in the catalog set as
a link to Category.pasp. The XML fragment generated looks like the following:
<catalog>
  <catalogname>Books</catalogname>
  <catalognameurl>Books</catalognameurl>
</catalog>
<catalog>

Chapter 9: ConsolidatedRetail.com Functionality
135
  <catalogname>Hardware</catalogname>
  <catalognameurl>Hardware</catalognameurl>
</catalog>
Browsing the Catalogs
The catalogs in the ConsolidatedRetail.com site are implemented as hierarchical
structures. Two catalogs, called books and hardware, each contain several categories.
The books catalog also contains a layer of sub-categories. Products can be stored in
any level of the catalog.
The page used to browse the catalog data in the ConsolidatedRetail.com site is
Category.pasp. The page can be used in one of two modes: root-level mode and
category mode. In root-level mode, the page retrieves the products and categories
from the root of the specified catalog. In category mode, the page retrieves the
products, sub-categories, and parent categories from the specified category.
The page contains code to perform the following tasks:
1. Use the MSCSAppFrameWork object to retrieve the txtCatalog and txtCategory
values passed in the request string. If no txtCatalog value is found, the page
redirects the user to Index.pasp.
2. Call PageStart to generate the XML header for the page.
3. Retrieve the ProductCatalog object for the specified catalog from the
MSCSCatalogManager application variable, and write the catalog name into a
<searchscope> XML element.
4. Render the properties of the catalog as XML. This allows properties such as the
catalog name to be rendered in the user interface.
5. Determine whether or not a category name was passed in the request string. If
no category name was specified, then the page retrieves the categories and
products from the root of the catalog and formats them as XML. If a category
was provided, then the page retrieves the data from that category and formats it
as XML.
6. Call the PageEnd procedure to close the XML document.
Before using the Commerce Server Catalog objects to retrieve catalog information,
the page uses the following code to create a <searchscope> element:
Call XMLTag(c_strSearchScope, strCatalogName)
The UI_layout-IE5.xsl style sheet uses this element to pass the current catalog name
to the search functionality, thus scoping the search. (The search functionality is
described in detail later in this chapter.)

136 Reference Architecture for Commerce
The actual catalog data is retrieved using a hierarchy of Commerce Server automa-
tion objects. At the top of the hierarchy is the CatalogManager object, which is used
for all programmatic access to the catalog system. The CatalogManager object
contains ProductCatalog objects, which represent the catalogs in the site. In
Category.pasp¸ the GetCatalog method of the MSCSCatalogManager application-
level variable is used to retrieve the specified catalog as shown in the following
code snippet:
Set objMSCSPrdCat = Application("MSCSCatalogManager"). _
  GetCatalog(strCatalogName)
The properties of a ProductCatalog object can be retrieved as an ActiveX® Data
Objects (ADO) recordset by using the GetCatalogAttributes method. The code in
Category.pasp uses this method and passes each row in the recordset to the
GetXMLFromRSWithDsplyNm routine in Common.asp, which formats the row
as XML:
Set rsProperties = objMSCSPrdCat.GetCatalogAttributes
  If Not (rsProperties.EOF And rsProperties.BOF) Then
    strOut = strOut & XMLBegTagEx(c_strGetCatalogAttributes)
    Do While Not rsProperties.EOF
      'get xml version of recordset row
      strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProperties)
      rsProperties.MoveNext
    Loop
      If IsNull(strCategoryName) Then
        strOut = strOut & XMLTagEx("currentcatagoryname", "")
      Else
        strOut = strOut & XMLTagEx("currentcatagoryname", strCategoryName)
      End If
    strOut = strOut & XMLEndTagEx(c_strGetCatalogAttributes)
  End if
This results in an XML fragment with the following format:
<getcatalogattributes>
  <catalogname>Books</catalogname>
  <catalognameurl>Books</catalognameurl>
  <locale>8</locale>
  <localeurl>8</localeurl>
  <startdate>12/8/1999</startdate>
  <startdateurl>12%2F8%2F1999</startdateurl>
  <enddate>12/8/2006</enddate>
  <enddateurl>12%2F8%2F2006</enddateurl>
  <variantid>ISBN</variantid>
  <variantidurl>ISBN</variantidurl>
  <productid>Title</productid>
  <productidurl>Title</productidurl>
  <currency>USD</currency>

Chapter 9: ConsolidatedRetail.com Functionality
137
  <currencyurl>USD</currencyurl>
  <weightmeasure>lbs</weightmeasure>
  <weightmeasureurl>lbs</weightmeasureurl>
  <catalogid>1</catalogid>
  <catalogidurl>1</catalogidurl>
  <customcatalog>False</customcatalog>
  <customcatalogurl>False</customcatalogurl>
  <freetextindexcreated>6/7/2001 11:23:01 AM</freetextindexcreated>
  <freetextindexcreatedurl>6%2F7%2F2001+11%3A23%3A01+AM
    </freetextindexcreatedurl>
  <producttableupdated>6/7/2001 11:22:17 AM</producttableupdated>
  <producttableupdatedurl>6%2F7%2F2001+11%3A22%3A17+AM
    </producttableupdatedurl>
  <currentcategoryname></currentcategoryname>
</getcatalogattributes>
A recordset object is also used to represent the categories in the root of a catalog.
The RootCategories method is used to retrieve this as shown in the following code
snippet from Category.pasp (note the use of the Fields collection property to re-
trieve a named data field from the recordset):
Set rsCategories = objMSCSPrdCat.RootCategories
  If Not (rsCategories.EOF And rsCategories.BOF) Then
    strOut = strOut & XMLBegTagEx(c_strRootCategories)
    Do While Not rsCategories.EOF
      strOut = strOut & XMLBegTagEx(c_strRootCategory)
      strOut = strOut & XMLTagWithDsplyNmEx("catalogname",
objMSCSPrdCat.catalogname)
      strOut = strOut & XMLTagWithDsplyNmEx("catalognameurl",
Server.URLEncode(objMSCSPrdCat.catalogname))
      strOut = strOut & XMLTagWithDsplyNmEx("categoryname",
rsCategories.fields("CategoryName").value)
      strOut = strOut & XMLTagWithDsplyNmEx("categorynameurl",
Server.URLEncode(rsCategories.fields("CategoryName").value))
      strOut = strOut & XMLEndTagEx(c_strRootCategory)
      rsCategories.MoveNext
    Loop
This produces an XML fragment, similar to the following:
<rootcategories>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Business Software</categoryname>
<categorynameurl>Business+Software</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Development Tools</categoryname>

138 Reference Architecture for Commerce
<categorynameurl>Development+Tools</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Featured Products</categoryname>
<categorynameurl>Featured+Products</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Games</categoryname>
<categorynameurl>Games</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Hardware</categoryname>
<categorynameurl>Hardware</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Home Productivity</categoryname>
<categorynameurl>Home+Productivity</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Internet Products</categoryname>
<categorynameurl>Internet+Products</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Operating Systems  Servers</categoryname>
<categorynameurl>Operating+Systems++Servers</categorynameurl>
</rootcategory>
<rootcategory>
<catalogname>Books</catalogname>
<catalognameurl>Books</catalognameurl>
<categoryname>Reference</categoryname>
<categorynameurl>Reference</categorynameurl>
</rootcategory>
<selectiontitle>Browse Categories:</selectiontitle>
</rootcategories>
Similarly, a recordset containing products in the root of a catalog can be retrieved
using the RootProducts method:
Set rsProducts = objMSCSPrdCat.RootProducts

Chapter 9: ConsolidatedRetail.com Functionality
139
XML similar to the following is generated for each product in the rsProducts
recordset:
<product>
  <oid>64</oid>
  <definitionname>SDKBook</definitionname>
  <cy_list_price displayname="Price">19.99</cy_list_price>
  <originalprice displayname="Your Price">19.99</originalprice>
  <i_classtype>4</i_classtype>
  <parentoid>-1</parentoid>
  <productid>
    Microsoft Age of Empires II: The Age of Kings: Inside Moves
  </productid>
  <variantid/>
  <title displayname="Title">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</title>
  <isbn displayname="ISBN">0-7356-0513-0</isbn>
  <description>Master all the vital strategic gambits, tips, and tricks for
winning with this official guide to the exciting new version of Microsoft Age of
Empires! MICROSOFT AGE OF EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
survive and thrive in the thousand years from the fall of Rome to the Middle
Ages.</description>
  <image_filename>boxshots/press/2388.gif</image_filename>
  <image_height>120</image_height>
  <image_width>120</image_width>
  <author displayname="Author">Microsoft Corporation</author>
  <name displayname="Name">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</name>
  <pagecount displayname="No. Pages">280</pagecount>
  <producturl displayname="Product Info. Url">a href=http://mspress.microsoft.com/
prod/books/2388.htm  target =_a   http://mspress.microsoft.com/prod/books/2388.htm
/a</producturl>
  <publication_year displayname="Year published">1999</publication_year>
  <publisher displayname="Publisher">Microsoft Press</publisher>
  <reading_level displayname="Reading Level:">All Levels</reading_level>
  <catalogname>Books</catalogname>
</product>
If your code needs to delve deeper into the catalog and retrieve the contents of one
of the categories, you can use a Category object. The Category.pasp page uses a
Category object to access the contents of a specified category. The object is instanti-
ated using the GetCategory method of the ProductCatalog object, as shown in the
following code snippet:
Set objMSCSCategory = _
  objMSCSPrdCat.GetCategory(strCategoryName)

140 Reference Architecture for Commerce
You can retrieve the products in a category as a recordset by using the Products
property:
Set rsProducts = objMSCSCategory.products
The Category object also provides a ChildCategories property for retrieving a
recordset of sub-categories and a ParentCategories property for returning a record-
set of the parent level of categories.
You can use the Commerce Server Business Desk to create relationships between
categories and products in a product catalog, regardless of their location in the
hierarchy. The Category object provides RelatedCategories and RelatedProducts
properties to retrieve recordsets containing these. You can see examples of the use
of all of these objects in Category.pasp.
Viewing a Product
The style sheet used to render the catalog data generates HTML, so that when a
user clicks the Get Details link for a particular product, the Product.pasp page is
requested. This page displays data specific to the selected product.
The code in Product.pasp begins very similarly to Category.pasp. It checks the
request string to retrieve the catalog, product ID, and optional product variant
values, and then redirects the user to Index.pasp if the catalog or product ID param-
eters are missing. Then it calls PageStart to begin generating the XML for the page.
The code begins to get interesting when a Commerce Server Product object is
retrieved from the Catalog object by using the GetProduct method:
Set objMSCSPrd = objMSCSPrdCat.GetProduct(strProductID)
You can retrieve the properties of the product, such as its name and price, in a
recordset object by using the GetProductProperties method:
Set rsProduct = objMSCSPrd.GetProductProperties
Products in a Commerce Server catalog support variants (such as color or size). You
can retrieve the list of variants for a particular product as a recordset by using the
Variants property. Additionally, you can retrieve any related products or categories
by using the RelatedProducts and RelatedCategories properties, which allow links
to be created for cross-selling opportunities. These properties are all used in the
Product.pasp page to produce the XML data for the product, a fragment of which is
shown in the following code:

Chapter 9: ConsolidatedRetail.com Functionality
141
<getproduct>
  <product>
    <catalogname>Books</catalogname>
    <definitionname>SDKBook</definitionname>
    <definitionnameurl>SDKBook</definitionnameurl>
    <cy_list_price displayname="Price">19.99</cy_list_price>
    <cy_list_priceurl>19%2E99</cy_list_priceurl>
    <originalprice displayname="Your Price">19.99</originalprice>
    <originalpriceurl.19%2E99</originalpriceurl>
    <i_classtype>4</i_classtype>
    <i_classtypeurl>4</i_classtypeurl>
    <productid>Microsoft Age of Empires II: The Age of Kings: Inside Moves</
productid>
    <productidurl>Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings:+Inside Moves</
productidurl>
    <variantid/>
    <author displayname="Author">Microsoft Corporation</author>
    <authorurl>Microsoft+Corporation</authorurl>
    <description>Master all the vital strategic gambits, tips, and tricks for
winning with this official guide to the exciting new version of Microsoft Age of
Empires! MICROSOFT AGE OF EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
survive and thrive in the thousand years from the fall of Rome to the Middle
Ages.</description>
    <descriptionurl>Master+all+the+vital+strategic+gambits%2C+tips%2C+and+
tricks+for+winning+with+this+official+guide+to+the+exciting+new+version+of+
Microsoft+Age+of+Empires%21+MICROSOFT+AGE+OF+EMPIRES+II%3A+AGE+OF+KINGS%3A+INSIDE+
MOVES+shows+you+how+to+survive+and+thrive+in+the+thousand+years+from+the+fall+of+Rome+
to+the+Middle+Ages%2E</descriptionurl>
    <image_filename>boxshots/press/2388.gif</image_filename>
    <image_filenameurl>boxshots%2Fpress%2F2388%2Egif</image_filenameurl>
    <image_height>120</image_height>
    <image_heighturl>120</image_heighturl>
    <image_width>120</image_width>
    <image_widthurl>120</image_widthurl>
    <isbn displayname="ISBN">0-7356-0513-0</isbn>
    <isbnurl>0%2D7356%2D0513%2D0</isbnurl>
    <name displayname="Name">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</name>
    <nameurl>Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
</nameurl>
    <pagecount displayname="No. Pages">280</pagecount>
    <pagecounturl>280</pagecounturl>
    <producturl displayname="Product Info. Url">
a href=http://mspress.microsoft.com/prod/books/2388.htm  target =_a   http://
mspress.microsoft.com/prod/books/2388.htm /a</producturl>
    producturlurl> a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod%2Fbooks%
2F2388%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod%
2Fbooks%2F2388%2Ehtm+%2Fa </producturlurl>
    <publication_year displayname="Year published">1999</publication_year>
    <publication_yearurl>1999</publication_yearurl>
    <publisher displayname="Publisher">Microsoft Press</publisher>
    <publisherurl>Microsoft+Press</publisherurl>
    <reading_level displayname="Reading Level:">All Levels</reading_level>

142 Reference Architecture for Commerce
    <reading_levelurl>All+Levels</reading_levelurl>
    <title displayname="Title">Microsoft Age of Empires II: The Age of Kings:
Inside Moves</title>
    <titleurl>
Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves</titleurl>
  </product>
</getproduct>
Depending on the user’s request, the XML is then rendered using the appropriate
XSL style sheet.
G If the user’s request returns a category of products, the Category-IE5.xsl style
sheet is used. The category page uses the productvariant/productfamily tem-
plate to display product variants, as shown in the following code sample:
<xsl:template match="productvariant | productfamily">
  <tr>
    <td colspan="5" class="menu-text">
            Family:
      <a>
        <xsl:attribute name="href">Product.pasp?txtCatalog=<xsl:value-of
select="catalogname" />&amp;txtCategory=<xsl:value-of select="//
getcategoryproperties/category/categoryname" />&amp;txtProductID=<xsl:value-of
select="productidurl" />&amp;isVariant=1</xsl:attribute>
  <xsl:value-of select="name" disable-output-escaping="yes"/> —
  <xsl:value-of select="description" disable-output-escaping="yes"/>
      </a>
    </td>
  </tr>
  <tr>
    <td colspan="5" bgcolor="#CCCCCCC"/>
  </tr>
</xsl:template>
G If the user’s request returns one or more products, the Product-ie5.xsl style sheet
is used. The product page uses the productvariant/productfamily template and
the variant template to display product variants, as shown in the following code
sample:
<xsl:template match="productvariant | productfamily">
  <table width="100%" cellpadding="0" cellspacing="0" border="0">
  <tr>
    <td colspan="3" class="menu-text">
          <xsl:value-of select="name"  disable-output-escaping="yes"/>
    </td>
  </tr>
  <tr>
    <td colspan="3">
      <img src="images/spacer.gif" width="1" height="10" border="0"/>
    </td>
  </tr>

Chapter 9: ConsolidatedRetail.com Functionality
143
  <tr>
    <td>
          <img id="picture1" alt="{productid}" src="{image_filename}"/>
    </td>
    <td>
      <img src="images/spacer.gif" width="5" height="1" border="0"/>
    </td>
    <td class="content-text">
      <table border="0">
        <tr>
          <td align="right" class="menu-text">
            price:
          </td>
          <td class="menu-text-orange">
            $<xsl:value-of select="format-number(cy_list_price, '0.00')"/>
          </td>
        </tr>
      <form method="post" name="frmOrder" action="_additem.asp">
        <tr>
          <td colspan="2">
            <input type="hidden" name="txtProductID" value="{productid}"/>
            <input type="hidden" name="txtCategory" value="{//categoryname}"/>
            <input type="hidden" name="txtCatalog" value="{catalogname}"/>
            <input type="hidden" name="isVariant" value="1"/>
          </td>
        </tr>
        <tr>
          <td align="right" class="menu-text">
            qty:
          </td>
          <td>
            <input type="text" name="txtQty" value="1" maxlength="3"
class="textbox" size="2"/>
          </td>
        </tr>
        <tr>
          <td colspan="2" align="center">
            <xsl:apply-templates select="variants"/>
          </td>
        </tr>
        <tr>
          <td colspan="2" align="center">
            <input type="image" value="submit" src="images/addtocart.gif"
alt="add to shopping cart" border="0"/>
            <xsl:if test="/page/showlists">
              <br/><a href="#stayhere"><img src="images/addtolistwt.gif"
alt="add to shopping list" border="0"
onclick="javascript:open_list('{productidurl}', '{catalogname}',
'{categoryname}', document.frmOrder.txtQty.value ,
document.frmOrder.txtVariantID);"/></a>
              <br/><a href="javascript:save_list('{productid}',
'{catalogname}', '{categoryname}',
document.frmOrder.txtQty.value,document.frmOrder.txtVariantID);"><img

144 Reference Architecture for Commerce
src="images/saveforlater.gif" alt="save for later" border="0" /></a>
            </xsl:if>
          </td>
        </tr>
      </form>
        <xsl:if test="(//a_noofitems)">
          <tr>
            <td class="menu-text" align="center" colspan="2">
              <label class="basket-visualcue">Item added</label>
            </td>
          </tr>
          <tr>
            <td align="center" colspan="2"><label class="basket-visualcue-
msg">(<xsl:value-of select="//a_noofitems"/> items in shopping cart)</label></
td>
          </tr>
        </xsl:if>
      </table>
    </td>
  </tr>
  <tr>
    <td colspan="3" class="menu-text">
      About the <xsl:value-of select="catalogname"/>
    </td>
  </tr>
  <tr>
    <td colspan="3" height="1" bgcolor="#cccccc"/>
  </tr>
  <tr>
    <td colspan="3" class="content-text">
      <xsl:value-of select="description" disable-output-escaping="yes"/>
      <br/>
      <xsl:value-of select="benefits" disable-output-escaping="yes"/>
      <p><xsl:value-of select="features" disable-output-escaping="yes"/></p>
    </td>
  </tr>
  <form method="post" action="./Product.pasp" name="frmProduct">
    <xsl:if test="/page/predictioninfo">
  <tr>
    <input type="hidden" name="txtProductID" value=""/>
    <input type="hidden" name="txtCategory" value=""/>
    <input type="hidden" name="txtCatalog" value=""/>
  </tr>
  <tr>
    <td class="content-text">
    <xsl:if test="count(/page/predictioninfo/prediction) &gt; 1">
    <br/>   If you are interested in this product, you may also be interested
in these <xsl:value-of select="count(/page/predictioninfo/prediction)"/> items.
    </xsl:if>
    <xsl:if test="count(/page/predictioninfo/prediction) = 1">
      <xsl:if test="/page/predictioninfo/prediction/predictionprodid != /page/

Chapter 9: ConsolidatedRetail.com Functionality
145
productid">
    <br/>       If you are interested in this product, you may also be inter-
ested in this 1 item.
      </xsl:if>
    </xsl:if>
    </td><br/>
  </tr>
  <tr>
    <td>
      <xsl:for-each select="/page/predictioninfo/prediction">
        <xsl:if test="predictionprodid != /page/productid">
          <a
href="javascript:document.frmProduct.txtProductID.value='{predictionprodid}';
document.frmProduct.txtCatalog.value='{predictioncategory}';document.frmProduct
.submit()">
          <br/>
          <xsl:value-of select="name"  disable-output-escaping="yes"/>
          </a>
        </xsl:if>
      </xsl:for-each>
      </td>
    </tr>
    </xsl:if>
    </form>
  </table>
  <table>
    <tr align="center">
      <xsl:choose>
        <xsl:when test="/page/previous">
          <form method="get" action="./Product.pasp" name="frmPrevious">
            <td width="250">
              <input type="hidden" name="txtProductID" value=""/>
              <input type="hidden" name="txtCategory" value=""/>
              <input type="hidden" name="txtCatalog" value=""/>
              <a href="javascript:document.frmPrevious.txtProductID.value='{/
page/previous/productid}';document.frmPrevious.txtCatalog.value='{/page/
previous/catalogname}';document.frmPrevious.txtCategory.value='{/page/
categoryname}';document.frmPrevious.submit()">
                <img border="0" src="images/previous.gif"/>
              </a>
            </td>
          </form>
          </xsl:when>
        <xsl:otherwise>
          <td width="250">
            <img src="images/spacer.gif"/>
          </td>
        </xsl:otherwise>
      </xsl:choose>
        <td width="200">
          <img src="images/spacer.gif"/>
        </td>
      <xsl:choose>

146 Reference Architecture for Commerce
        <xsl:when test="/page/next">
          <form method="get" action="./Product.pasp" name="frmNext">
        <td width="250">
          <input type="hidden" name="txtProductID" value=""/>
          <input type="hidden" name="txtCategory" value=""/>
          <input type="hidden" name="txtCatalog" value=""/>
          <a href="javascript:document.frmNext.txtProductID.value='{/page/next/
productid}';document.frmNext.txtCatalog.value='{/page/next/
catalogname}';document.frmNext.txtCategory.value='{/page/
categoryname}';document.frmNext.submit()">
            <img border="0" src="images/next.gif"/>
                </a>
              </td>
            </form>
          </xsl:when>
          <xsl:otherwise>
            <td width="250">
              <img src="images/spacer.gif"/>
            </td>
          </xsl:otherwise>
        </xsl:choose>
      </tr>
    </table>
  </xsl:template>
.
.
.
<xsl:template match="variants">
  <table border='1' cellspacing='0' cellpadding='5' class="menu-text">
    <th align="center">
      <xsl:for-each select="displaynames/displayname">
        <td>
          <xsl:value-of select="."/>
        </td>
          </xsl:for-each>
        </th>
        <xsl:for-each select="v_product">
        <tr align="center">
          <td>
            <xsl:if test="not (/page/variantid)">
              <xsl:choose>
                <xsl:when test="position()=1">
                  <input type="radio" name="txtVariantID" value="{varid}"
checked="checked"/>
                </xsl:when>
                <xsl:otherwise>
                <input type="radio" name="txtVariantID" value="{varid}"/>
                </xsl:otherwise>
              </xsl:choose>
            </xsl:if>
            <xsl:if test="(/page/variantid)">
              <xsl:choose>

Chapter 9: ConsolidatedRetail.com Functionality
147
                <xsl:when test="./varid=/page/variantid">
                <input type="radio" name="txtVariantID" value="{varid}"
checked="checked"/>
                </xsl:when>
                <xsl:otherwise>
                  <input type="radio" name="txtVariantID" value="{varid}" />
                </xsl:otherwise>
              </xsl:choose>
            </xsl:if>
          </td>
          <xsl:for-each select="value">
          <td>
              <xsl:value-of select="."/>
          </td>
        </xsl:for-each>
      </tr>
    </xsl:for-each>
  </table>
</xsl:template>
Navigating the Product Detail Pages
The Product.pasp pages include Next and Previous buttons, which allow the user
to move from one product detail page to the next and back again. The code imple-
ments this functionality as follows.
1. Determine if there are next and/or previous products in the category, and if so,
assign a product identifier to them:
If Not IsNull(strCategoryName) Then
  Set objMSCSPrdCat =
Application("MSCSCatalogManager").GetCatalog(strCatalogName)
  If Not (objMSCSPrdCat Is Nothing) Then
    Set objMSCSCategory = objMSCSPrdCat.GetCategory(strCategoryName)
    If Not (objMSCSCategory Is Nothing) Then
      Set rsProducts = objMSCSCategory.Products
      If Not (rsProducts Is Nothing) Then
        rsProducts.Find "productid = #" & strProductID & "#"
2. If the user clicks the Previous button and this isn’t the first product in the record-
set, display the detail page for the product identified as the previous product:
        rsProducts.MovePrevious
        If Not (rsProducts.BOF) Then
          strOut = strOut & XMLBegtagEx("Previous")
            strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProducts)
          strOut = strOut & XMLEndTagEx("Previous")
        End If

148 Reference Architecture for Commerce
3. If the user clicks the Next button and this isn’t the last product in the recordset,
display the detail page for the product identified as the next product:
        rsProducts.MoveNext
        rsProducts.MoveNext
        If Not (rsProducts.EOF) Then
          strOut = strOut & XMLBegtagEx("Next")
            strOut = strOut & GetXMLFromRSWithDsplyNmEx(rsProducts)
          strOut = strOut & XMLEndTagEx("Next")
        End If
Note: The Category browse page displays products with variants at the end of the page. For
example, if the user displays the Featured Products category of the Hardware catalog, a
product with variants — such as the Microsoft IntelliMouse® with IntelliEye™ — is listed at the
end of the page. However, if a user clicks the Next or Previous button to display product
details, the product pages are displayed sequentially based on their product ID values.
For example, if a category contains five products that have product IDs of 1, 2, 3, 4, and 5, and
products 2 and 4 have variants, the Category browse page displays the products in the
following order: 1, 3, 5, 2, and 4 (products with variants are displayed at the end of the page).
If a user selects the product with product ID 1, clicks the Get Details button, and then clicks
the Next button, the next product to be displayed is product ID 2 (despite the fact that it has
variants).
Searching the Catalogs
In addition to providing pages that allow users to browse the catalogs, an effective
site also provides a search capability. In the ConsolidatedRetail.com site, users can
enter search criteria and search all catalogs or a single catalog for a specific product.
In addition, users can specify parameters, such as greater than (>), less than (<),plus
(+), and minus (-) in their search criteria.
The search functionality in Commerce Server 2000 can be used to search within the
current catalog or a catalog set based on the current user. The search functionality is
implemented in SearchResults.pasp, which contains code to perform the following
tasks:
1. Retrieve the search phrase, catalog, number of rows to return, and start position
parameters from the query string (assigning default values to the number of
rows and start position parameters as necessary and raising an exception if no
search phrase is supplied).
2. If no catalog is specified, retrieve a catalog set based on the current user’s profile.
3. Search either the specified catalog, or the list of catalogs in the user’s catalog set,
for the specified search phrase.
4. Render the search results as XML.

Chapter 9: ConsolidatedRetail.com Functionality
149
The actual code to search the catalogs uses the FreeTextSearch method of the
application-level MSCSCatalogManager object to retrieve the search results in a
recordset. This method accepts the following parameters:
G The search phrase or criteria
G A comma-delimited list of catalogs to search
G A comma-delimited list of properties that should be returned
G A list of properties on which to sort the results
G A Boolean value to indicate an ascending sort order
G A record number from which to start the search
G The number or rows to return
G An output parameter for the total number of rows actually returned
If the user doesn’t specify a catalog, the default catalog set for the current user
is retrieved as a recordset, and each catalog name is concatenated to a comma-
delimited string:
Set objCatalogSets = Server.CreateObject(mc_strCatalogSets)
Call objCatalogSets.Initialize _
  (Application("MSCSDictConfig").s_CatalogConnectionString, _
  Application("MSCSDictConfig").s_TransactionsConnectionString)
Set rsCatalogs = objCatalogSets.GetCatalogsForUser _
  (Application("MSCSProfileService"), GetUserID & "", _
  GetDefaultCatalogSet)
strCatalogsToSearch = ""
If Not (rsCatalogs.EOF And rsCatalogs.BOF) Then
  Do While Not rsCatalogs.EOF
    strCatalogsToSearch = strCatalogsToSearch & "," & _
      rsCatalogs.Fields("CatalogName").Value & ""
    rsCatalogs.MoveNext
  Loop
  strCatalogsToSearch = Trim(Mid(strCatalogsToSearch, 2))
End If
Alternatively, if a catalog has been specified, its name is simply assigned to the
strCatalogsToSearch variable:
strCatalogsToSearch = strCatalogName
Finally, the FreeTextSearch method is called:
Set rsProducts = Application("MSCSCatalogManager").FreeTextSearch(strSearchPhase,_
  strCatalogsToSearch, iClassType, "CatalogName, CategoryName, DefinitionName,_
  OriginalPrice, cy_list_price, i_ClassType, ProductID, Description,_
  image_filename, image_width, image_height, Name", "i_ClassType, CatalogName",_
  True, lngSearchStartPos, lngSearchRowToReturn, lngTotalRecordsInQuery)

150 Reference Architecture for Commerce
The remaining code on the page simply formats the rows in the recordset returned
by FreeTextSearch as XML so that the XSL ISAPI application can render the search
results for presentation. The XML produced for the search results has the following
format:
<searchscope>Books</searchscope>
<searchstring>Age of Empires</searchstring>
<searchcount>4</searchcount>
<searchrowstoreturn>15</searchrowstoreturn>
<searchstartpos>1</searchstartpos>
<searchresults>
  <book>
    <catalogname>Books</catalogname>
    <definitionname>SDKBook</definitionname>
    <originalprice displayname="Your Price">19.99</originalprice>
    <cy_list_price displayname="Price">19.99</cy_list_price>
    <i_classtype>4</i_classtype>
    <productid>Microsoft Age of Empires II: The Age of Kings: Inside Moves</
productid>
    <description>Master all the vital strategic gambits, tips, and tricks for
winning with this official guide to the exciting new version of Microsoft Age of
Empires! MICROSOFT AGE OF EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
survive and thrive in the thousand years from the fall of Rome to the Middle
Ages.</description>
    <image_filename>boxshots/press/2388.gif</image_filename>
    <image_width>120</image_width>
    <image_height>120</image_height>
    <name displayname="Name">Microsoft Age of Empires II: The Age of Kings: Inside
Moves</name>
</book>
<!— Other results omitted for clarity —>
<selectiontitle>product(s) found for search criteria 'Age of Empires'.</
selectiontitle>
</searchresults>
Depending on the user’s request, the XML is then rendered using the appropriate
XSL style sheet.
G If the user uses the Search box to search by keywords, the SearchResults-IE5.xsl
style sheet is used. The search results page uses the productvariant/
productfamily
 template to display product variants, as shown in the following
code sample:
<xsl:template match="productvariant | productfamily">
  <tr>
    <td colspan="5" class="menu-text">
      Family:
      <a>
        <xsl:attribute name="href">Product.pasp?txtCatalog=<xsl:value-of
select="catalogname" />&amp;txtCategory=<xsl:value-of select="categorynameurl"
/>&amp;txtProductID=<xsl:value-of select="productidurl" />&amp;isVariant=1</

Chapter 9: ConsolidatedRetail.com Functionality
151
xsl:attribute>
        <xsl:value-of select="name" disable-output-escaping="yes"/> —
        <xsl:value-of select="description" disable-output-escaping="yes"/>
      </a>
    </td>
  </tr>
  <tr>
    <td colspan="5" bgcolor="#CCCCCCC"/>
  </tr>
</xsl:template>
G If the user uses Advanced Search, the StepSearch-IE5.xsl style sheet is used. The
search results page uses the productvariant/productfamily template to display
product variants, as shown in the following code sample:
<xsl:template match="productvariant | productfamily">
  <tr>
    <td colspan="5" class="menu-text">
    Family:
      <a>
        <xsl:attribute name="href">Product.pasp?txtCatalog=<xsl:value-of
select="catalogname" />&amp;txtCategory=<xsl:value-of select="categorynameurl"
/>&amp;txtProductID=<xsl:value-of select="productidurl" />&amp;isVariant=1</
xsl:attribute>
        <xsl:value-of select="name" disable-output-escaping="yes"/> —
        <xsl:value-of select="description" disable-output-escaping="yes"/>
      </a>
    </td>
  </tr>
  <tr>
    <td colspan="5" bgcolor="#CCCCCCC"/>
  </tr>
</xsl:template>
Adding a New Catalog
To add a catalog to the Reference Architecture application, follow the instructions
provided in Chapter 2 to import a catalog through Commerce Server 2000
Business Desk.
Shopping Basket Management
Like most business-to-consumer sites, ConsolidatedRetail.com uses the concept
of a shopping cart or basket to contain products that a user selects for purchase.
ConsolidatedRetail.com allows customers who log on as well as anonymous users
to add products to a shopping basket; however, anonymous users must log on
before checking out.

152 Reference Architecture for Commerce
Adding Products to the Shopping Basket
When a user clicks the add to cart button on the product detail page, the product
and quantity information are posted to the _additem.asp page. Before redirecting
the user to the Basket.pasp page, where the contents of the shopping basket are
displayed, this page contains code to perform the following tasks:
1. Use the catalogset ID to confirm that the user can view and order the requested
item. (To prevent performance degradation, this validation step uses the
CatalogSetCache.)
2. Retrieve the category, product, variant, and catalog values posted in the query
string.
3. Validate the quantity value passed in the query string (if no quantity is passed,
then 1 instance of the item is added).
4. Load the user’s shopping basket into an OrderGroup object.
5. If the product is already listed in the shopping basket, add the specified quantity
to the existing entry; otherwise, create a new entry for this product.
6. Redirect the user to Basket.pasp.
The _additem.asp page calls the LoadBasket function in the Basket.asp include file
to retrieve an OrderGroup object containing the current user’s shopping basket.
The LoadBasket function looks like the following:
Function LoadBasket(strUserID)
  Dim objMSCSOrderGroup
  Set objMSCSOrderGroup = Server.CreateObject( _
    mc_strOrderGroup)
  Call  objMSCSOrderGroup.Initialize(Application( _
    "MSCSDictConfig").s_TransactionsConnectionString, _
    strUserID)
  Call objMSCSOrderGroup.LoadBasket()
  Set LoadBasket = objMSCSOrderGroup
  Set objMSCSOrderGroup = Nothing
End Function
Notice that an OrderGroup object is created and initialized by passing the transac-
tion connection string defined in the MSCSDictConfig application variable and the
current user’s user ID. (The user ID is obtained from the GetGuaranteedUserID
function in the Profile.asp include file, which returns an authenticated user ID for a
user who is logged on or a profile user ID for an anonymous user.)
Next the LoadBasket method of the OrderGroup object is called to retrieve the
contents of the shopping basket associated with the current user.
After loading the shopping basket, the code in _additem.asp searches the line items
in the shopping basket to find out if the requested product is already listed. If it is

Chapter 9: ConsolidatedRetail.com Functionality
153
already in the shopping basket, the specified quantity is added to the order, as
follows:
blnSkuMatched = False
'If there are line items
If objMSCSOrderGroup.Value("total_lineitems") > 0 Then
  'loop through each one to look for a matching sku
  For Each colItem in objMSCSOrderGroup.Value _
    ("OrderForms").Value("default").Items
    If IsNull(strVariantID) Then
      If (Trim(Cstr(colItem.product_id)) = _
        Trim(Cstr(strProductID))) And _
        IsNull(colItem.product_variant_id) Then
        blnSkuMatched = True
        Exit For
      End If
  Else
    If (Trim(Cstr(colItem.product_id)) = Trim(Cstr(strProductID))) Then
      If Not IsNull(colItem.product_variant_id) Then
        If (Trim(Cstr(colItem.product_variant_id)) = Trim(Cstr(strVariantID)))_
          Then blnSkuMatched = True
          Exit For
        End If
      End If
    End If
  End If
  Next
  If blnSkuMatched Then
  ' item exist in basket, add new item quantity to existing item quantity
      Dim intItemtotal
      intItemtotal = colItem.Quantity + intProductQty
      If intItemtotal > MAX_ITEM_QUANTITY Then
  intItemtotal = MAX_ITEM_QUANTITY
      End If
      colItem.Quantity = intItemtotal
      'Save the new basket
      Call objMSCSOrderGroup.SaveAsBasket()
If the product is not already listed in the shopping basket, the code calls the
AddItemToBasket local function to add it. The AddItemToBasket function creates
a Dictionary object to represent the item, and then adds it to the shopping basket by
using the AddItem method of the OrderGroup object. Then the shopping basket is
saved by the SaveAsBasket method. The code for the AddItemToBasket function
resembles the following:
Function AddItemToBasket(objMSCSOrderGroup, strProductID, _
    strCatalogName, intProductQty, strVariantID, strCategoryName)
  Dim objMSCSProductDictionary
  Dim strVariantIdName
  Dim strVariantName
  Dim strVariantValue

154 Reference Architecture for Commerce
  'create the product dictionary
  Set objMSCSProductDictionary = Server.CreateObject(mc_strDictionary)
  objMSCSProductDictionary.lineitem_uid = GenerateGUID()
  objMSCSProductDictionary.product_id = strProductID
  objMSCSProductDictionary.product_catalog = strCatalogName
  objMSCSProductDictionary.Quantity = intProductQty
  If Not IsNull(strVariantID) Then
    Call GetProductVariantInfo(strCatalogName,strProductID,strVariantID,_
        strVariantIdName,strVariantName,strVariantValue)
    objMSCSProductDictionary.product_variant_id_name = strVariantIdName
    objMSCSProductDictionary.product_variant_name = strVariantName
    objMSCSProductDictionary.product_variant_value = strVariantValue
    objMSCSProductDictionary.product_variant_id = strVariantID
  End If
  If Not IsNull(strCategoryName) Then
    objMSCSProductDictionary.product_category = strCategoryName
  End If
  Call objMSCSOrderGroup.AddItem(objMSCSProductDictionary)
  Call objMSCSOrderGroup.SaveAsBasket()
  Set objMSCSProductDictionary = Nothing
End Function
Note that the item is added by creating a Dictionary object to represent it and
passing it to the AddItem method of the OrderGroup object representing the
shopping basket.
After the shopping basket is updated, the code in _additem.asp redirects the user to
Basket.pasp.
Viewing the Shopping Cart or Save for Later Basket
The user can view and edit the contents of the Shopping Cart or Save for Later
basket by using the Basket.pasp page. Basket.pasp contains code to perform the
following tasks:
1. Check for shopping basket integrity.
2. Retrieve the user’s user ID (from an authenticated ticket or an anonymous
profile ticket).
3. If the user’s shopping basket is not empty, use the PAGBasket pipeline to
retrieve the shopping basket information to be displayed.
4. Write the total line item count in an <totallineitems> XML tag.
5. Convert the shopping basket contents to XML using a Commerce Server
DictionaryXMLTransforms object and write it to the response.
The page loads the user’s shopping basket and checks to see if there are any prod-
ucts in it by using the following code:
Set objMSCSOrderGroup = LoadBasket(strUserID)
'Check to see if the basket has items
If Not IsBasketEmpty(objMSCSOrderGroup) Then
  blnBasketIsEmpty = False
End If


Chapter 9: ConsolidatedRetail.com Functionality
155
The code that calls the IsBasketEmpty function, which is in Basket.asp, checks to
see if there are items in the OrderGroup object. If the shopping basket contains
products, then the basket is passed to the PAGBasket pipeline to prepare it for
display:
Set objMSCSPipelines = Application("MSCSPipelines")
intErrorLevel = _
  RunMtsPipeline(objMSCSPipelines.PAGBasket, _
  objMSCSPipelines.LogFolder & strUserID & _
  ".log", _
  objMSCSOrderGroup)
PAGBasket Pipeline
Pipelines are used to configure a series of components that operate on a business
object in a set sequence. The operations of the pipeline are divided into stages. In
this case, the PAGBasket pipeline contains components that operate on the
OrderGroup object that represents the user’s shopping basket. You can use the
Commerce Server Pipeline Editor to view the configuration of the PAGBasket
pipeline by opening the PAGBasket.pcf file in the Pipelines folder of the site. The
PagBasket pipeline is illustrated in Figure 9.2:
Figure 9.2
PAGBasket Pipeline

156 Reference Architecture for Commerce
Each time the shopping basket is displayed, the PAGBasket pipeline gathers all
data and performs the calculations required to show the shopping basket. Besides
running prior to displaying the shopping basket, this pipeline is also executed
during the final stages of the checkout process to calculate final order totals.
The PAGBasket pipeline includes the following stages:
G The pipeline starts with the Product Info stage. This stage, which is used to
manage the product information, consists of the following two components:
QueryCatalogInfo – The  QueryCatalogInfo component retrieves product
information from the Catalog System for every product in the order. It adds
the retrieved information to each Item dictionary in the order form.
RequiredProdInfo – The  RequiredProdInfo component checks all items in
the items collection in the OrderForm, and deletes any products that have the
delete key set to 1.
G The Order Initialization stage is then used to initialize the proper values in the
OrderGroup object. This stage consists of a single component:
RequiredOrderInitCy. First, RequiredOrderInitCy ensures that the order_id key
has a value. If it does not, RequiredOrderInitCy generates a unique order ID
and assigns it to this key. Next, to ensure order integrity, the component initial-
izes the various total keys by assigning NULL to them. Finally, for each item in
the items collection, RequiredOrderInitCy copies the value stored in quantity to
the _n_unadjusted key to initialize the undiscounted quantity of the item and
initialize the _oadjust_adjustedprice (the total cost of the item) to zero (0).
G The Order Check stage verifies that the order being presented is valid and has all
entries necessary for subsequent processing. This stage consists of one compo-
nent: RequiredOrderCheck. The RequiredOrderCheck component ensures that
the items list of the OrderForm is not empty.
G The Item Price stage sets the _iadjust_regularprice on each item in the OrderForm.
This stage consists of the following two components:
DefaultItemPriceCy – For each item in the order form (each item in the items
collection), DefaultItemPriceCy assigns the _iadjust_regularprice key to the
value stored in the product_cy_list_price. Stages that follow the Item Price stage
in the pipeline contain components that depend upon the _iadjust_regularprice
key being set. If this key does not have a value, these components fail.
RequiredItemPriceCy – The  RequiredItemPriceCy component verifies that
the _cy_iadjust_regularprice has been set for each item in the items list. Before
the RequiredItemPrice component runs, the items list should have been
initialized by the DefaultItemPriceCy component to contain the most current
pricing information for the item. If _cy_iadjust_regularprice does not contain a
value, an error is generated.

Chapter 9: ConsolidatedRetail.com Functionality
157
G The Item Adjust Price stage sets the _iadjust_currentprice on each item in the
order form. This stage consists of one component: RequiredItemAdjustPriceCy.
RequiredItemAdjustPriceCy verifies that the current price
(_cy_iadjust_currentprice) exists for each item in the items list. If this value does
not exist, the component creates it and initializes it to the regular price
(_cy_iadjust_regularprice). In addition, the component checks the placed price
(cy_placed_price) against the current price (cy_iadjust_currentprice) to see if the
current price has changed since the user placed the product in the shopping
basket. If the placed price does not exist, the component creates it and sets it to
the current price (cy_iadjust_currentprice). If the placed price exists, but is not
equal to the current price, RequiredItemAdjustPriceCy retrieves the warning
message text for a bad placed price from the MessageManager, and writes the
message text to the _Basket_Errors collection of the order form.
G The Order Adjust Price stage sets the _oadjust_adjustedprice on each item in
the order form to account for price discounts. This stage consists of the
RequiredOrderAdjustPriceCy and OrderDiscount components. For each item,
RequiredOrderAdjustPriceCy first calculates the cost of the non-discounted
quantity. It multiplies the current price of the item (_cy_iadjust_currentprice) by
the undiscounted quantity of the item (n_unadjusted) and adds it to the total cost
of the item (_cy_oadjust_adjustedprice). Next, it calculates the discount for the item
(cy_oadjust_discount) by calculating the total cost for the item (multiplying the
current price of the item (_cy_iadjust_currentprice) by the total quantity (quantity)
and subtracting the previously calculated cost of the undiscounted items.
OrderDiscount calculates the total of all discounts for the order and displays
it on the Basket, Payment, OrderSummary, and ThankYou pages.
G The Order Subtotal stage sets the _oadjust_subtotal on the order form. This stage
consists of the following three components:
DefaultOrderSubTotalCy – The subtotal (_cy_oadjust_subtotal) is calculated by
summing the total cost for each item (_cy_oadjust_adjustedprice) in the items
SimpleList in the OrderForm.
PersistUtility – PersistUtility is a custom component used to copy values
within the OrderForm. This is mainly used to persist values. Otherwise,
OrderForm values with names that begin with an underscore (_) are not
persisted. The source code for the PersistUtility component (written in
Visual C++) is provided with the Reference Architecture for Commerce.
RequiredOrderSubTotalCy – RequiredOrderSubtotalCy checks the
_oadjust_subtotal key in the OrderForm to ensure that the value assigned
to it is not NULL.

158 Reference Architecture for Commerce
Note: The PAGBasket pipeline contains two additional stages: Merchant Information and
Shopper Information. ConsolidatedRetail.com does not use these stages, and they contain no
components.
Converting the Basket Contents to XML
After the pipeline runs, the code in Basket.pasp checks the OrderGroup object
again to ensure that it still contains some products because some may have been
removed in the pipeline). If the shopping basket contains products, the contents are
converted to XML using a Commerce Server DictionaryXMLTransforms object and
written to the Response object. The XML produced by the
DictionaryXMLTransforms object is similar to the following:
<orderform>
    orderform_id="{0F111D4C-E79F-4615-B1AD-9193C811DE86}"
    saved_cy_oadjust_subtotal="24.99">
  <Items quantity="1"
          product_id="Quick Course in Microsoft Office 2000"
          product_catalog="Books" product_category=""
          description="QUICK COURSE IN MICROSOFT OFFICE 2000 offers fast-paced
tutorials to help you quickly grasp application basics and build proficiency using
Microsoft Excel, Microsoft Word, Microsoft PowerPoint, Microsoft Outlook,
Microsoft Access, Microsoft Internet Explorer 5, Microsoft FrontPage, and
Microsoft Publisher."
          d_DateCreated="16/02/2001 18:36:06"
          cy_lineitem_total="24.99" cy_unit_price="24.99"
          lineitem_uid="{FC57A7EA-1420-40A8-8F55-569FE9B2BEDE}"
          _product_Name="Quick Course in Microsoft Office 2000"
          _cy_oadjust_adjustedprice="24.99"/>
</orderform>
The Basket-IE5.xsl style sheet is then used to render the shopping basket page as
HTML.
The Lists Pipeline
The Lists pipeline is similar to the PAGBasket pipeline, except that it doesn’t verify
quantity and price. The Lists pipeline contains components that operate on the
OrderGroup object to create a public or private shopping list. You can use the
Commerce Server Pipeline Editor to view the configuration of the Lists pipeline
by opening the List.pcf file in the Pipelines folder of the site. The Lists pipeline is
illustrated in Figure 9.3.


Chapter 9: ConsolidatedRetail.com Functionality
159
Figure 9.3
Lists Pipeline
The Lists pipeline includes the following stages:
G The pipeline starts with the Product Info stage. This stage, which is used to
manage the product information, consists of the following two components:
QueryCatalogInfo – The  QueryCatalogInfo component retrieves product
information from the Catalog System for every item in the order. It adds the
retrieved information to each Item dictionary in the order form.
RequiredProdInfo – The  RequiredProdInfo component checks all items in the
items collection in the OrderForm and deletes any items that have the delete
key set to 1.
G The Order Initialization stage initializes the proper values in the OrderGroup
object. This stage consists of a single component: RequiredOrderInitCy. First,
RequiredOrderInitCy ensures that the order_id key has a value. If it does not,
RequiredOrderInitCy generates a unique order ID and assigns it to this key.
Next, to ensure order integrity, the component initializes the various total keys
by assigning NULL to them. Finally, for each item in the items collection,
RequiredOrderInitCy copies the value stored in quantity to the _n_unadjusted
key to initialize the undiscounted quantity of the item and initializes the
_oadjust_adjustedprice (the total cost of the item) to zero (0).
G The Order Check stage verifies that the order being presented is valid and has all
entries necessary for subsequent processing. This stage consists of one compo-
nent: RequiredOrderCheck. The RequiredOrderCheck component ensures that
the items list of the OrderForm is not empty.


160 Reference Architecture for Commerce
The RecordEvent Pipeline
The RecordEvent pipeline contains components that record the occurrence of
particular events that occur during the shopping process — such as a user clicking a
particular ad or discount. You can use the Commerce Server Pipeline Editor to view
the configuration of the RecordEvent pipeline by opening the RecordEvent.pcf file
in the Pipelines folder of the site. The RecordEvent pipeline is illustrated in
Figure 9.4:
Figure 9.4
RecordEvent Pipeline
The RecordEvent pipeline includes the following stages:
G The pipeline starts with the Load Context stage. Microsoft Commerce Server 2000
includes no components for this stage. This stage is provided for custom exten-
sions or for future enhancements to Commerce Server 2000.
G The Record stage contains components that record the selection made to a data-
base, the server log file, or a history string. This stage consists of the following
two components:
RecordEvent – This component records event delta counts for the selected
content items in the Performance dictionary. The values are used to calculate
the need of delivery of an item.
IISAppendToLog – This component appends information about the result of
the content selection process in the QueryString key of the IIS log file. This log
file can be imported into the Data Warehouse for use with reporting and
analysis.


Chapter 9: ConsolidatedRetail.com Functionality
161
Advertising Pipeline
Targeted advertising allows a site to display promotional information to users
based on products that the user has already selected. The Advertising pipeline is
used to generate these targeted advertisements. It is a content selection pipeline that
contains components which gather, filter, score, and select advertisements. You can
use the Commerce Server Pipeline Editor to view the configuration of the Advertis-
ing
 pipeline by opening the Advertising.pcf file in the Pipelines folder of the site.
The Advertising pipeline is illustrated in Figure 9.5:
Figure 9.5
Advertising Pipeline

162 Reference Architecture for Commerce
The Advertising pipeline includes the following stages:
G The pipeline starts with the Load Context stage, which contains components that
prepare for the execution of the rest of the pipeline. This stage includes the
following components:
InitCSFPipeline – This component is used at the beginning of the pipeline to
initialize the values needed in the rest of the pipeline. The InitCSFPipeline
component is responsible for setting up numerous values in the Order and
Context dictionaries for efficient access by subsequent components in the
pipeline.
LoadHistory – This component retrieves a history string from a HTTP cookie,
CampaignHistory. This component makes the history string easily accessible
to other pipeline components by hiding its source.
G The Filter stage contains a component that filters or trims the content list. This
stage consists of a single component: FilterContent. This component is used to
apply provided filters to a content list in the pipeline. The filters to apply are
retrieved from FilterRequire and FilterExclude dictionaries in the Order dictio-
nary. The list of content is contained in the ContentList object identified by the
_content entry in the Order dictionary.
G The Initial Score stage sets an initial score for each content item. This stage con-
sists of a single component: AdvertisingNeedOfDelivery. This component
scores ads so that they are selected often enough to meet business commitments.
This component calculates the Need of Delivery (NOD) for ad items in the
ContentList object and assigns these as the initial scores for the items.
G The Scoring stage contains components that adjust the scores of each content
item. This stage consists of the following two components:
HistoryPenalty – This component applies penalties to content items based on
how recently they have been selected, as well as on exposure limits the items
may have. Penalties are values between zero (0) and one (1), which are multi-
plied by the current score of an item. This tends to reduce a score and thus
reduces the possibility that the item is selected.
EvalTargetGroups – This component targets particular groups for advertising,
by evaluating a list of expressions for each item in a list and adjusting item
selection.
G The Select stage selects one or more content items for return. This stage consists
of a single component: SelectWinners. This component chooses items based on
their final scores. To communicate the winners, the SelectWinners component
builds a new SimpleList object that contains the ContentList object indexes up
to the requested number of winning content items.

Chapter 9: ConsolidatedRetail.com Functionality
163
G The Record stage contains components that record the selection made to a data-
base, the server log file, or a history string. This stage consists of the following
components:
RecordEvent  – This component records event delta counts for the selected
content items (the winners) in the Performance dictionary. The values are
used to calculate the need of delivery of an item.
IISAppendToLog – This component appends information about the result of
the content selection process in the QueryString key of the IIS log file. This log
file can be imported into the Data Warehouse for use with reporting and
analysis.
RecordHistory – The  RecordHistory component is responsible for managing
the size of the history list and truncates it when necessary. The component
removes the oldest entries from the string when it exceeds the maximum
length. The property page for the RecordHistory component allows the
maximum number of entries in the history to be configured. This component
trims the least recent history list entries, as necessary, to assure that this limit
is not exceeded.
SaveHistory – This component is used to save the history string in the HTTP
cookie, CampaignHistory.
G The Format stage contains components that format selected items as HTML or
XML for return to the page that ran the pipeline. This stage consists of a single
component: FormatTemplate. This component merges data from selected items
and their associated templates to form formatted strings.
Discounts Pipeline
Discounts are another form of targeted advertising. Discounts allow a site to dis-
play promotional information about specific discounted items to users based on
products that the user has already selected. The Discounts pipeline is a content
selection pipeline that contains components to gather, filter, score, and select dis-
counts. You can use the Commerce Server Pipeline Editor to view the configuration
of the Discounts pipeline by opening the Discounts.pcf file in the Pipelines folder of
the site. The Discounts pipeline is illustrated in Figure 9.6 on the next page.


164 Reference Architecture for Commerce
Figure 9.6
Discounts Pipeline
The Discounts pipeline includes the following stages:
G The pipeline starts with the Load Context stage, which contains components that
prepare for the execution of the rest of the pipeline. This stage contains the
following two components:
InitCSFPipeline – This component is used at the beginning of the pipeline to
initialize the values needed in the rest of the pipeline. The InitCSFPipeline
component is responsible for setting up numerous values in the Order and
Context dictionaries for efficient access by subsequent components in the
pipeline.

Chapter 9: ConsolidatedRetail.com Functionality
165
LoadHistory – This component retrieves a history string from the HTTP
cookie, CampaignHistory. This component makes the history string easily
accessible to other pipeline components by hiding its source.
G The Filter stage contains components that filter or trim the content list. This stage
consists of a single component: FilterContent. This component is used to apply
provided filters to a content list in the pipeline. The filters to apply are retrieved
from FilterRequire and FilterExclude dictionaries in the Order dictionary. The
list of content is contained in the ContentList object identified by the _content
entry in the Order dictionary.
G The Scoring stage contains components that adjust the scores of each content
item. This stage contains the following components:
ScoringDiscounts – This component adjusts the score of discount content
items with the goal of promoting discounts most relevant to the current user.
The OrderDiscount component applies the discounts whose scores are ad-
justed by the ScoreDiscounts component. The ScoreDiscounts component
saves the scores in the ContentList object held by the CacheManager object.
That ContentList object is then used by the OrderDiscount component in
PAGBasket pipeline.
HistoryPenalty – This component applies penalties to discounts based on how
recently they have been selected, as well as on exposure limits the items may
have. Penalties are values between zero (0) and one (1), which are multiplied
by the current score of an item. This tends to reduce a score and thus reduces
the possibility that the item is selected.
EvalTargetGroups – This component targets particular groups for discounts,
by evaluating a list of expressions for each item in a list and adjusting item
selection.
G The Select stage selects one or more content items for return. This stage consists
of a single component: SelectWinners. This component chooses items based on
their final scores. To communicate the winners, the SelectWinners component
builds a new SimpleList object that contains the ContentList object indexes up
to the requested number of winning content items.
G The Record stage contains components that record the selection made to a data-
base, the server log file, or a history string. This stage contains the following
components:
RecordHistory – The  RecordHistory component is responsible for managing
the size of the history list and truncates it when necessary. The component
removes the oldest entries from the string when it exceeds the maximum
length. The property page for the RecordHistory component allows the
maximum number of entries in the history to be configured. This component
trims the least recent history list entries, as necessary, to assure that this limit
is not exceeded.

166 Reference Architecture for Commerce
SaveHistory – This component is used to save the history string in the HTTP
cookie, CampaignHistory.
RecordEvent – This component records event delta counts for the selected
content items (the winners) in the Performance dictionary. The values are
used to calculate the need of delivery of an item.
ISAppendToLog – This component appends information about the result of
the content selection process in the QueryString key of the IIS log file. This log
file can be imported into the Data Warehouse for use with reporting and
analysis.
G The Format stage contains components that format selected items as HTML or
XML for return to the page that ran the pipeline. This stage consists of a single
component: FormatTemplate. This component merges data from selected items
and their associated templates to form formatted strings.
Order Processing
When a user decides to check out, the user must perform the following steps:
1. Specify a shipping address for the order (or choose to have different products
delivered to different addresses).
2. Choose a shipping method.
3. Provide payment information for the order.
4. Confirm the order details.
5. Complete the order process.
The ConsolidatedRetail.com site uses Commerce Server objects and pipeline com-
ponents to handle these processes.
Specifying a Shipping Address
In general, the user specifies a shipping address by using Shipping.pasp. This page
contains a form listing all shipping addresses in the user’s profile (and the option to
create a new address or edit existing ones). The user simply specifies the address to
which he or she wants the items shipped. The page then posts the form back to itself
and updates the OrderGroup object that represent the shopping basket contents
with the specified address.
When the user specifies a shipping address, the code in Shipping.pasp begins by
using the GetUserID function in the Common.asp include file to retrieve the cur-
rent user’s ID. Shipping.pasp then calls the LoadBasket routine in the Basket.asp
include file to populate an OrderGroup object, as follows:
strUserID = GetUserID
Set objMSCSOrderGrp = LoadBasket(strUserID)

Chapter 9: ConsolidatedRetail.com Functionality
167
Next, the code retrieves the supplied address ID from the query string, and updates
each item in the shopping basket with the specified address ID:
For Each strOrderFormName In objMSCSOrderGrp.Value.OrderForms
  Set objMSCSOrderForm = objMSCSOrderGrp.Value.OrderForms _
    (strOrderFormName)
  For each colItem in objMSCSOrderForm.Items
    colItem.value("shipping_address_id") = strAddressID
  Next
Next
Finally, the shipping address for the overall OrderGroup object is set, any
unreferenced addresses that had been previously set are removed and the shopping
basket is saved. The user is then redirected to ShippingMethod.pasp to specify a
shipping method for the order:
Call objMSCSOrderGrp.SetShippingAddress(strAddressID)
Call objMSCSOrderGrp.SaveAsBasket()
Set objMSCSOrderGrp = Nothing
Response.Redirect "ShippingMethod.pasp"
However, if this is the customer’s first visit to the Shipping.pasp page, the list of
possible addresses must be retrieved from the user’s profile to be displayed in the
form. The code in Shipping.pasp does this using an ADO query to the addresses
table in the site database, as shown in the following:
strUserID = GetUserID()
Set cnBizDesk = server.CreateObject(mc_stradodb_connection)
Set rsAddress = server.CreateObject(mc_stradodb_recordset)
cnBizDesk.Open _
  Application("MSCSDictConfig").s_BizDataStoreConnectionString
rsAddress.Open "select g_address_id as 'address_id', i_address_type as
'address_type', u_description as 'description', u_address_name as 'address_name',
u_address_line1 as 'address_line1', u_address_line2 as 'address_line2', u_city as
'city', u_region_name as 'region_code', u_region_name as 'region_name',
u_postal_code as 'postal_code' from addresses where g_id = '" & strUserID & "' and
i_address_type=" & mc_lngShippingAddress & "ORDER BY u_address_name", cnBizDesk
If the user has no addresses listed in his or her profile, the user is redirected to the
EditAddressBook.pasp page with a Mode parameter. This parameter returns the
user to this page after the address is added:
If rsAddress.EOF Then 'no address have been entered for the user ID
  rsAddress.Close
  Set rsAddress = Nothing
  cnBizDesk.Close
  Set cnBizDesk = Nothing
  Response.Redirect "EditAddressBook.pasp?Mode=" & mc_strPageName
End If

168 Reference Architecture for Commerce
If the user profile has one or more addresses, the address information is added to
the shopping basket (the last address specified is the default shipping address), and
rendered as XML:
Call XMLBegTag(mc_strAddresses)
Do While Not rsAddress.EOF
  strAddressID = rsAddress.Fields("address_id").value
  strDescription = rsAddress.Fields("description").value
  strAddressName = rsAddress.Fields("address_name").value
  strAddressLine1 = rsAddress.Fields("address_line1").value
  strAddressLine2 = rsAddress.Fields("address_line2").value
  strCity = rsAddress.Fields("city").value
  strRegionCode = rsAddress.Fields("region_code").value
  strRegionName = rsAddress.Fields("region_name").value
  strPostalCode = rsAddress.Fields("postal_code").value
  blnSaveSuccessful = PutOrderAddress(objMSCSOrderGrp, _
    mc_lngShippingAddress, strAddressID, strAddressName, _
    strAddressLine1, strAddressLine2, strCity, strRegionName, _
    strPostalCode, strDescription)
  If blnSaveSuccessful Then
    Call XMLBegTag(mc_strAddress)
    Call XMLTag(mc_strAddress_ID, strAddressID)
    Call XMLTag(mc_strDescription, strDescription)
    Call XMLTag(mc_strAddress_Name, strAddressName)
    Call XMLTag(mc_strAddress_Line1, strAddressLine1)
    Call XMLTag(mc_strAddress_Line2, strAddressLine2)
    Call XMLTag(mc_strCity, strCity)
    Call XMLTag(mc_strRegion_Code, strRegionName)
    Call XMLTag(mc_strRegion_Name, strRegionName)
    Call XMLTag(mc_strPostal_Code, strPostalCode)
    Call XMLEndTag(mc_strAddress)
    'Set the billing address
    If rsAddress.Fields("address_type").value = 2 Then
      objMSCSOrderGrp.Value("OrderForms").Value _
       ("default").Value("billing_address_id") = strAddressID
    End If
  End If
  rsAddress.MoveNext
  Loop
Call XMLEndTag(mc_strAddresses)
End If
The format of the XML produced by this code is shown in the following code:
<addresses>
  <address>
    <address_id>{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}</address_id>
    <description>Home Address</description>
    <address_name>Kim Abercrombie</address_name>
    <address_line1>My House</address_line1>
    <address_line2>My Street</address_line2>

Chapter 9: ConsolidatedRetail.com Functionality
169
    <city>Redmond</city>
    <region_code>Washington</region_code>
    <region_name>Washington</region_name>
    <postal_code>12345</postal_code>
  </address>
  <address>
    <address_id>{B87EDB27-8FBE-4BDA-83BE-ED037A0B7E4C}</address_id>
    <description>Work Address</description>
    <address_name>Kim Abercrombie</address_name>
    <address_line1>Microsoft Corp.</address_line1>
    <address_line2>1 Microsoft Way</address_line2>
    <city>Redmond</city>
    <region_code>Washington</region_code>
    <region_name>Washington</region_name>
    <postal_code>54321</postal_code>
  </address>
</addresses>
Specifying a Shipping Method
After the user specifies an address for the order, he or she must choose a shipping
method. Commerce Server 2000 supports the configuration of multiple shipping
methods, each with different price bands depending on the weight, item quantity,
or total cost of the order. (For more information about defining shipping methods,
refer to the Commerce Server 2000 documentation.)
The ShippingMethod.pasp page allows the user to select one of the shipping meth-
ods defined in the site database. The page contains a form listing each shipping
method as an option. After the user chooses an option, the choice is posted back to
the page for processing. The shipping methods are retrieved for display from the
application-level ShippingMethodsXML variable.
The list of available shipping methods is retrieved from the application-level
ShippingMethodsXML variable, which is initialized using the
GetShippingMethodsXML function in Common.asp, as shown in the following
code:
Function GetShippingMethodsXML(MSCSDictConfig)
  Dim MSCSShipMgr
  Dim rsShippingMethods
  Dim strXMLStream
  strXMLStream = ""
  Set MSCSShipMgr = Server.CreateObject("Commerce.ShippingMethodManager")_
      MSCSShipMgr.Initialize(MSCSDictConfig.s_TransactionConfigConnectionString)
  Set rsShippingMethods = MSCSShipMgr.GetInstalledMethodList("",_
      "shipping_method_name", Array("shipping_method_id", "shipping_method_name"))

170 Reference Architecture for Commerce
  If Not (rsShippingMethods.EOF And rsShippingMethods.BOF) Then
    Do While Not rsShippingMethods.EOF
      strXMLStream = strXMLStream & vbCrLf & "<shipping_method>"
      strXMLStream = strXMLStream & vbCrLf & "<shipping_method_id>" & _
        rsShippingMethods.Fields("shipping_method_id").Value & _
        "</shipping_method_id>"
      strXMLStream = strXMLStream & vbCrLf & _
        "<shipping_method_name>" & _
        rsShippingMethods.Fields("shipping_method_name").Value & _
        "</shipping_method_name>"
      strXMLStream = strXMLStream & vbCrLf & "</shipping_method>"
    rsShippingMethods.MoveNext
  Loop
End If
  Set MSCSShipMgr = Nothing
GetShippingMethodsXML = strXMLStream
End Function
The ShippingMethod.pasp page includes the list of available shipping methods in
the following XML format:
<shipping_method>
  <shipping_method_id>
    {00000000-0000-0000-0000-003688009465}
  </shipping_method_id>
  <shipping_method_name>Express</shipping_method_name>
</shipping_method>
<shipping_method>
  <shipping_method_id>
    {00000000-0000-0000-0000-001140002642}
  </shipping_method_id>
  <shipping_method_name>Standard</shipping_method_name>
</shipping_method>
After a user chooses a shipping method, its ID and name must be stored in the
OrderGroup object. Because only the ID is passed from the form, the name
must be retrieved from the database by using the Commerce Server
ShippingMethodManager object. This object provides a GetInstalledMethodList
method that can be used to retrieve methods that match a specified criterion as a
recordset. The code to retrieve the relevant method name for the supplied ID is
similar to the following:
Set objMSCSShpMthMgr = _
  Server.CreateObject(mc_strShippingMethodManager)
objMSCSShpMthMgr.Initialize(Application("MSCSDictConfig"). _
  s_BizDataStoreConnectionString)
set rsShpMthName = objMSCSShpMthMgr.GetInstalledMethodList _
  ("shipping_method_id = '" &
  strShippingMethodID & "'", "", _
  Array(mc_strshipping_method_name))

Chapter 9: ConsolidatedRetail.com Functionality
171
set objMSCSShpMthMgr = nothing
If Not (rsShpMthName.EOF and rsShpMthName.BOF) then
  strShippingMethodName = rsShpMthName.Fields(0).Value
End If
rsShpMthName.Close
Set rsShpMthName = Nothing
After the shipping method name is retrieved, the products in the shopping cart are
updated with the shipping method data and the user is redirected to Payment.pasp
to specify the payment information:
For Each strOrderFormName In objMSCSOrderGroup.Value.OrderForms
  Set objMSCSOrderForm = objMSCSOrderGroup.Value. _
    OrderForms(strOrderFormName)
  For each colItem in objMSCSOrderForm.Items
    colItem.value(mc_strshipping_method_id) = strShippingMethodID
    colItem.value(mc_strshipping_method_name) = strShippingMethodName
  Next
Next
Call objMSCSOrderGroup.SaveAsBasket()
Set objMSCSOrderGroup = Nothing
Response.Redirect "Payment.pasp"
Specifying Multiple Shipping Addresses and Methods
The user can specify a different shipping address and method for each item in the
shopping cart. The code to support this functionality is in the MultiShipping.pasp
page.
Note:  If a user chooses to specify multiple addresses for an order, the Reference Architecture
application requires that the user specify an address for each individual item in the order. This
approach works for small orders, but users who place large orders will not find this accept-
able. Users who include large amounts of a single item or a great number of items in an order
should be advised that sending multiple orders, each to a single address, is a better option.
When the user requests a shipping method and address for each item, the form is
posted back to MultiShipping.pasp, and the OrderGroup object representing the
shopping basket is updated. The following code is used to update the shipping
method and address data for each item:
' populate each item with shipping method id
objMSCSOrderGroup("split_shipment") = True
For Each strOrderFormName In objMSCSOrderGroup.Value.OrderForms
  Set objMSCSOrderForm = objMSCSOrderGroup.Value.OrderForms(strOrderFormName)
  For Each colItem In objMSCSOrderForm.Items
    intQuantity = colItem.value("Quantity")
    strOriginalUID = colItem.value("lineitem_uid")
    colItem.value("Quantity") = 1

172 Reference Architecture for Commerce
    If intQuantity > 1 Then
      For intIndex = 1 To (intQuantity - 1)
      'create the product dictionary
      Set objMSCSProductDictionary = Server.CreateObject(mc_strDictionary)
      objMSCSProductDictionary.lineitem_uid = GenerateGUID()
      objMSCSProductDictionary.product_id = colItem.value("product_id")
      objMSCSProductDictionary.orig_lineitem_uid = strOriginalUID
      objMSCSProductDictionary.product_catalog = colItem.value("product_catalog")
      objMSCSProductDictionary.Quantity = 1
      If Not IsNull(colItem.value("product_variant_id")) Then
        objMSCSProductDictionary.product_variant_id =_
          colItem.value("product_variant_id")
        objMSCSProductDictionary.product_variant_id_name =_
          colItem.value("product_variant_id_name")
        objMSCSProductDictionary.product_variant_name =
          colItem.value("product_variant_name")
        objMSCSProductDictionary.product_variant_value =
          colItem.value("product_variant_value")
      End If
      If Not IsNull(colItem.value("product_category")) Then
        objMSCSProductDictionary.product_category =
          colItem.value("product_category")
      End If
      Call objMSCSOrderGroup.AddItem(objMSCSProductDictionary)
      Set objMSCSProductDictionary = Nothing
    Next
    Else
    'store the original lineitem_uid for reconstituting the basket
      If IsNull(colItem("orig_lineitem_uid")) Then
        colItem("orig_lineitem_uid") = strOriginalUID
      End If
    End If
    'populate the original item
    If IsNull(colItem("orig_lineitem_uid")) Then
      colItem("orig_lineitem_uid") = strOriginalUID
    End If
  Next
Next
Call objMSCSOrderGroup.PurgeUnreferencedAddresses()
' routine to retreive common xml structures required for every page
Call PageStart(mc_strPageName)
Call XMLTag("pagemode", mc_strPageName)
' display advertising information in right hand frame
'XMLEmptyTag(mc_strAdvertisingMenu)
strUserID = GetUserID()
  Set cnBizDesk = server.CreateObject(mc_stradodb_connection)

Chapter 9: ConsolidatedRetail.com Functionality
173
  Set rsAddress = server.CreateObject(mc_stradodb_recordset)
  cnBizDesk.Open Application("MSCSDictConfig").s_BizDataStoreConnectionString
  rsAddress.Open "select g_address_id as 'address_id',
    i_address_type as_ 'address_type', u_address_name as 'address_name',
    u_Description as_ 'description', u_address_line1 as 'address_line1',
    u_address_line2 as 'address_line2', u_city as 'city',
    u_region_name as 'region_code', u_region_name as 'region_name',
    u_postal_code as 'postal_code' from addresses where
      g_id = '" & strUserID & "' and i_address_type = " & mc_lngShippingAddress &
     " ORDER BY u_address_name", cnBizDesk
  If Not (rsAddress.EOF And rsAddress.BOF) Then
    Call XMLBegTag(mc_strAddresses)
    Do While Not rsAddress.EOF
    strAddressID = rsAddress.Fields("address_id").value
    strAddressName = rsAddress.Fields("address_name").value
    strAddressLine1 = rsAddress.Fields("address_line1").value
    strAddressLine2 = rsAddress.Fields("address_line2").value
    strCity = rsAddress.Fields("city").value
    strRegionCode = rsAddress.Fields("region_code").value
    strRegionName = rsAddress.Fields("region_name").value
    strPostalCode = rsAddress.Fields("postal_code").value
    strDescription = rsAddress.Fields("description").value
    blnSaveSuccessful = PutOrderAddress(objMSCSOrderGroup, mc_lngShippingAddress,
      strAddressID, strAddressName, strAddressLine1, strAddressLine2, strCity,
      strRegionName, strPostalCode, strDescription)
    If blnSaveSuccessful Then
      Call XMLBegTag(mc_strAddress)
      Call XMLTag(mc_strAddress_ID, strAddressID)
      Call XMLTag(mc_strAddress_Name, strAddressName)
      Call XMLTag(mc_strAddress_Line1, strAddressLine1)
      Call XMLTag(mc_strAddress_Line2, strAddressLine2)
      Call XMLTag(mc_strCity, strCity)
      Call XMLTag(mc_strRegion_Code, strRegionName)
      Call XMLTag(mc_strRegion_Name, strRegionName)
      Call XMLTag(mc_strPostal_Code, strPostalCode)
      Call XMLEndTag(mc_strAddress)
    End If
    rsAddress.MoveNext
    Loop
    Call XMLEndTag(mc_strAddresses)
  End If
Specifying Payment Information
As part of the checkout process, the user must provide payment details for the
order. The Payment.pasp page handles this portion of the order processing
sequence.

174 Reference Architecture for Commerce
Note: In this sample application, the payment details are passed in plain text using HTTP. In a
production site, HTTPS should be used to encrypt the payment data.
The Payment.pasp page contains a form that allows a user to specify credit card and
billing address details from his or her profile.
When a user enters credit card information, he or she will be asked to specify a
Listed As value for each credit card added to the user profile. The user cannot use
the same Listed As value for multiple cards; the Listed As value must be unique per
card, per user. The Reference Architecture for Commerce performs a system-wide
check to ensure that each credit card number is unique and checks to ensure that the
combination of User Name/Listed As values are unique.
Billing addresses also require Listed As values; however, these are not unique
because a billing address can also be a shipping address. The AddressBook page
displays all shipping addresses that the user has entered. If any of these addresses
has the same Listed As value as the billing address, then the message, “Also the
billing address” is displayed below the Listed As designation. Note that the mes-
sage appears if the Listed As values match, even if the underlying address details
are different.
A user can modify a billing address so that its Listed As value is the same as an
existing shipping address. Similarly, a user can modify a shipping address so that
its Listed As value matches the billing address. However, any changes made to one
address record are not reflected in the other. Developers who use the Reference
Architecture code as the basis for a production retail Web site may want to consider
changing this functionality to ensure that a shipping address and billing address
with the same Listed As value remain synchronized.
If the user has no billing address defined, he or she is redirected to the
EditAddressBook.pasp page to add it. The EditAddressBook page displays an
existing address or shows a blank form for entering a new address. If the new
address form is displayed and no billing address exists, the Make this my billing
address also
 check box is selected by default. If an existing shipping address has the
same Listed As value as that of the billing address, the contents of the selected
shipping address is displayed and the Make this my billing address also check box
is selected by default.
If a user has already designated an address as a billing address, the check box is
cleared by default. If the user has other existing shipping addresses, those addresses
are also displayed with the check box cleared by default.
The Payment.pasp page simply reads the payment details from the form, and then
writes them to the OrderGroup object that represents the user’s shopping basket.

Chapter 9: ConsolidatedRetail.com Functionality
175
strUserID = GetUserID
  If Not IsNull(GetUserID) Then
    Set objMSCSOrderGroup = LoadBasket(strUserID)
    If isnull(objMSCSOrderGroup("split_shipment")) then
      response.redirect "shipping.pasp"
    End if
    ' Check to see if the basket has items
    If objMSCSOrderGroup.Value("total_lineitems") > 0 Then
      blnBasketIsEmpty = False
    Else
      Response.Redirect "basket.pasp"
    End If
    ' If there is no billing address in the OrderForm, then
    ' check if the user has specified a default address. If so,
    ' insert that into the OrderForm. If not, redirect to EditAddressBook.pasp
    ' so that the user can enter one.
      If IsNull(strBillAddress) or (Not IsNull(strBillAddress) And_
        Len(strBillAddress) = 0 ) then
        strBillAddress = GetUserBillingAddressId()
      End if
      If IsNull(strBillAddress) then
        Response.Redirect "EditAddressBook.Pasp?Mode=" & mc_strPageName &
"&txtAddressType=billing"
      End If
    ' If we are coming back here from the EditShippingAddress.pasp page,
     ' we need to populate the billing address id that was just entered
    If Not IsNull(strBillAddress) Then
      objMSCSOrderGroup.Value("OrderForms").Value("default").Value("billing_address_id")
= strBillAddress
      Call SetBillingAddressToOG(objMSCSOrderGroup)
    End If
    ' determine whether or not there is a billing address
    Call XMLTag("billingaddressstatus",_
      objMSCSOrderGroup.Value("OrderForms").Value("default").Value_
      ("billing_address_id"))
  End If
    ' Retrieve the credit cards that are stored for the user
    Call XMLBegTag(mc_strCreditCards)
    intCardTotal = GetUserCreditCardsXMLEx()
    Call XMLEndTag(mc_strCreditCards)
    ' If there are no credit cards, return to add one
    If intCardTotal < 1 Then
      Response.Redirect "EditCreditCard.Pasp?Mode=" & mc_strPageName &
"&txtbilladdressid=" & strBillAddress
    End If
     For Each strOrderFormName In objMSCSOrderGroup.Value.OrderForms
      Set objMSCSOrderForm = objMSCSOrderGroup.Value.OrderForms(strOrderFormName)
      For Each colItem In objMSCSOrderForm.Items
        if Isnull(colItem.value(mc_strshipping_method_id) )then
           Response.Redirect "shipping.pasp"
        End If
      Next
   Next

176 Reference Architecture for Commerce
  Set objMSCSPipelines = Application("MSCSPipelines")
        intErrorLevel = RunMtsPipeline(objMSCSPipelines.PAGBasket,
objMSCSPipelines.LogFolder & strUserID & ".log", objMSCSOrderGroup)
        Call AddPipeErrors(objMSCSOrderForm, intErrorLevel)
        intErrorLevel = RunMtsPipeline(objMSCSPipelines.PAGTotal,
objMSCSPipelines.LogFolder & strUserID & ".log", objMSCSOrderGroup)
        Call AddPipeErrors(objMSCSOrderForm, intErrorLevel)
        Set objMSCSPipelines = Nothing
        ' Grab the default orderform
  Set objMSCSOrderForm = objMSCSOrderGroup.Value("OrderForms").Value("default")
  Call objMSCSOrderGroup.SaveAsBasket()
  Set objMSCSOrderGroup = Nothing
  Set objXMLTransforms = Server.CreateObject(mc_strXMLTransforms)
  Set objXMLSchema = GetTransformSchema()
  Set objXMLOrderForm =
objXMLTransforms.GenerateXMLForDictionaryUsingSchema(objMSCSOrderForm,
objXMLSchema)
  Set objXMLSchema = Nothing
  Set objMSCSOrderForm = Nothing
  Set objXMLTransforms = Nothing
  If not isEmpty(objXMLOrderForm) Then
    Response.Write objXMLOrderForm.xml
  Else
    Call AddException(m_varrExceptions, "1222", "Error converting orderform to
XML.", "basket.asp")
  End if
  Set objXMLOrderForm = Nothing
After the payment information is complete, the user is redirected to the
OrderSummary.pasp page.
Confirming the Order Details
The user is given a chance to confirm or change the order details before the final
part of the ordering process is completed. The order details are displayed on the
OrderSummary.pasp page.
The code uses two pipelines to retrieve the order details for display. First, the
PAGBasket pipeline retrieves the shopping basket contents. Then, the PAGTotal
pipeline calculates shipping costs and subtotals. For a description of the PAGBasket
pipeline, refer to the “Viewing the Shopping Cart or Save for Later Basket” section
earlier in this chapter. The PAGTotal pipeline is described in the following section.
The PAGTotal Pipeline
The PAGTotal pipeline, which you can view by opening Total.pcf in the Commerce
Server Pipeline Editor, is illustrated in Figure 9.7.


Chapter 9: ConsolidatedRetail.com Functionality
177
Figure 9.7
PAGTotal Pipeline
The PAGTotal pipeline includes the following stages:
G The Shipment Splitter stage prepares a shipping dictionary. This stage contains
two components:
Commerce.Splitter – The splitter component generates a dictionary of ship-
ments (shipments) that is placed on the OrderForm. This dictionary contains
the individual shipments that are created based upon the shipping_address_id
and shipping_method_id values in the order.
Commerce.ShippingMethodRouter – The  ShippingMethodRouter compo-
nent reads the ShippingManagerCache by using the CacheManager object to
map shipping methods to particular shipping components. The component
steps through the list of shipping methods and, if there are shipments using a
given method, it collects the dictionaries for those shipments, passes the
shipments to the shipping component, and then runs the relevant shipping
component. The individual shipping components calculate the total shipping
charges for the shipments passed to it. After all of the shipments are pro-
cessed, the total of all of the shipping charges is calculated.

178 Reference Architecture for Commerce
G The Shipping stage applies shipping discounts to an order. There is one compo-
nent in this stage: ShippingDiscountAdjust. This component examines the
_shipping_discount_type and adjusts the total shipping for the order. If the dis-
count is blank, the component does nothing. If the discount type is 1 or 2, the
component applies the discount. If the discount is none of these, the component
returns an error. The _shipping_discount_type value is determined using the
OrderDiscount object.
G The Handling stage sets the _handling_total on the order form. This stage consists
of the following two components:
DefaultHandlingCy – This component assigns zero (0) to the total handling
cost in the Order dictionary. It is a placeholder component that would be
replaced by another handling component in actual use.
RequiredHandlingCy – The  RequiredHandlingCy component verifies that
the order._handling_total key is present.
G The Tax stage sets the _tax_total and _tax_included values on the order form. This
stage consists of the following two components:
SampleRegionalTax  – This component sets the tax fields (_cy_tax_total,
shipments._cy_tax_total and _cy_tax_included) to an appropriate tax value based
on the tax information in the RegionalTaxCache.
RequiredTaxCy  – This component verifies that the _cy_tax_total and
_cy_tax_included keys exist in the order form. If either value does not exist,
RequiredTaxCy uses the pur_badtax constant to retrieve error message text
from the MessageManager, and stores this message in the _Purchase_Errors
collection of the OrderForm.
G The Order Total stage sets the _total_total value on the order form. This stage
consists of the following three components:
DefaultTotalCy – This component verifies that all four totals on the order are
set. If all four values exist, they are added together and assigned to the com-
plete total in the Order dictionary. If any value is missing, the component
stops and returns an error.
PersistUtility – This is a custom component used to copy values within the
OrderForm. This is mainly used to make values persistent. Otherwise,
OrderForm values with names that begin with an underscore (_) do not
persist. The source code for the PersistUtility component (written in Visual
C++) is provided with the Reference Architecture for Commerce.
RequiredTotalCy – This component goes through the keys and values in the
_Verify_With dictionary and makes sure that each key exists in the order form
and has the same value.

Chapter 9: ConsolidatedRetail.com Functionality
179
G The last stage, Fixes, contains a single component: Truncate Description. This
component, written in VBScript, provides a workaround for a known issue in
Commerce Server 2000 where any field longer than 255 characters is assumed to
be of type Text.
Obtaining the User’s E-mail Address
After the pipelines execute, the code in OrderSummary.pasp retrieves a
ProfileObject for the current user, and extracts the e-mail address to be used for the
order confirmation message. This is then added to the default OrderForm for the
OrderGroup object, and the OrderGroup object is saved:
'Grab the default orderform
  Set objMSCSOrderForm = objMSCSOrderGroup.Value("OrderForms").Value("default")
'Set the email address for the order confirmation email.
  Set objMSCSProfileObject = GetUserObject()
  objMSCSOrderForm.user_email_address = objMSCSProfileObject_
    (mc_strGeneralInfo).Value(mc_strEmail_Address)
  Set objMSCSProfileObject = Nothing
    Call objMSCSOrderGroup.SaveAsBasket()
The code then verifies the total amount and displays an error if the order total and
the total in the OrderSummary and ThankYou page don’t match:
'Add new hidden HTML field to verify the total amt
  Call XMLTag("verify_with_total" ,_
    objMSCSOrderGroup.Value("saved_cy_total_total"))
  Set objMSCSOrderGroup = Nothing
'If this request is from the ThankYou page
  '(i.e. if there was an order total mismatch),
  'display the appropriate error
  Dim sErr : sErr = Application("MSCSAppFrameWork").RequestString_
    ("err" , "", , , true, true, 0, Null)
  if sErr = C_BAD_VERIFY_ERRCODE then
    Call AddException( m_varrExceptions, "1222",_
      Application("MSCSMessageManager").GetMessage("pur_badverify",_
      Application("MSCSMessageManager").DefaultLanguage) , mc_strPageName)
  End If
For security purposes, the code then truncates the credit card information before
displaying the summary or sending the confirmation and ensures that the truncated
credit card number is not persisted:
'Truncate credit card number before display.
'Ensure that the orderform is not saved again, so that the
'truncated CC number is not persisted.
  Dim ccNumber : ccNumber = objMSCSOrderForm.value("cc_number")
  objMSCSOrderForm.value("cc_number") = TruncateCC(ccNumber)

180 Reference Architecture for Commerce
The contents of the OrderGroup object are converted to XML, using a Commerce
Server DictionaryXMLTransforms object, and written to the Response object as
shown in the following code:
  Set objXMLTransforms = Server.CreateObject(mc_strXMLTransforms)
  Set objXMLSchema = GetTransformSchema()
  Set objXMLOrderForm =_
    objXMLTransforms.GenerateXMLForDictionaryUsingSchema_
    (objMSCSOrderForm, objXMLSchema)
  Set objXMLSchema = Nothing
  Set objMSCSOrderForm = Nothing
  Set objXMLTransforms = Nothing
  If not isEmpty(objXMLOrderForm) Then
    Response.Write objXMLOrderForm.xml
  Else
    Call AddException(m_varrExceptions, "1222", _
      "Error converting orderform to XML.", "basket.asp")
  End if
Set objXMLOrderForm = Nothing
Finally, the shipping methods are retrieved and displayed:
Call XMLBegTag("shipping_methods")
  ' retrieve the shipping methods
  Response.Write ( CachedFragmentLookup( STATIC_SECTIONS_CACHE ,_
    SHIPPING_METHODS_XML ) )
  Call XMLEndTag("shipping_methods")
This produces the following XML representation of the OrderGroup object:
<orderform orderform_id="{CD9EABBE-B0BF-48FE-9DB9-58A35A8FEE9F}"
    payment_method="credit_card"
    billing_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
    saved_cy_oadjust_subtotal="44.98" saved_cy_total_total="49.98"
    cc_name="American Express" cc_expyear="2001" cc_expmonth="08"
    cc_number="1234" _cy_shipping_total="5" _cy_tax_total="0"
    user_email_address="kim@somecompany.com"
    cc_Account_Holder="Kim" cy_tax_total="0"
    cy_shipping_total="5">
  <Addresses address_name="Kim Abercrombie" address_line1="My House"
     address_line2="My Street" city="My City" region_code="WA"
     postal_code="12345" country_code="US" description="Home Address"
     AddressesDictKey="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"/>
  <Items quantity="1"
     product_id="Quick Course in Microsoft Office 2000"
     product_Name="Quick Course in Microsoft Office 2000"
     product_catalog="Books" product_category=""


Chapter 9: ConsolidatedRetail.com Functionality
181
     description="QUICK COURSE IN MICROSOFT OFFICE 2000 offers fast-paced tutori-
als to help you quickly grasp application basics and build proficiency using
Microsoft Excel, Microsoft Word, Microsoft PowerPoint, Microsoft Outlook,
Microsoft Access, Microsoft Internet Exp"
    shipping_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
    shipping_method_id="{00000000-0000-0000-0000-003688009465}"
    shipping_method_name="Express"
    d_DateCreated="16/02/2001 18:36:06" cy_lineitem_total="24.99"
    cy_unit_price="24.99"
    lineitem_uid="{FC57A7EA-1420-40A8-8F55-569FE9B2BEDE}"
    _product_Name="Quick Course in Microsoft Office 2000"
    _cy_oadjust_adjustedprice="24.99"/>
  <shipments
     shipping_address_id="{0243FFF8-E633-4DE4-AA2E-2083E9D5ABB4}"
     shipping_method_id="{00000000-0000-0000-0000-003688009465}"
     _cy_shipping_total="5"/>
</orderform>
Completing the Order Process
After the user confirms the order details, the order process can be completed. The
code to handle the final part of the order process is implemented in the
Thankyou.pasp page.
The Thankyou.pasp page begins by running the PAGBasket and PAGTotal pipe-
lines as described previously. Then, the PAGFinal pipeline is executed to complete
the order.
The PAGFinal Pipeline
You can view the PAGFinal pipeline by opening Final.pcf in the Commerce Server
Pipeline Editor. The PAGFinal pipeline is illustrated in Figure 9.8:
Figure 9.8
PAGFinal Pipeline


182 Reference Architecture for Commerce
The only stage in the ordering process is called Order Transfer. This stage contains
one component: QueueEmail Class. This is a custom pipeline component that is
used to send order confirmation in e-mail to the user_e-mail_address field in the
default OrderForm.
Sending an Order Confirmation E-mail
QueueEmail Class is a pipeline component (COM object) that implements the
IPipelineComponent interface. The QueueEmail Class component takes informa-
tion from the OrderForm, converts it to XML, and then sends it as an e-mail mes-
sage by using the custom QueuedEMailer.CMailer queued component. By calling a
queued component to send the e-mail message, the process is made asynchronous,
thus preventing any latency caused by the e-mail process from causing a negative
effect on response time for the user checking out.
A custom property page for the QueueEmail Class component is used to configure
the component in the Pipeline Editor. This allows you to set the appropriate mes-
sage queue, moniker, and ProgID used to instantiate the queued component that
will actually be used to send the e-mail, as illustrated in Figure 9.9:
Figure 9.9
QueueEmail Class Custom Property Page
QueuedEMailer.CMailer
The process of actually sending the e-mail message is handled by the
QueuedEMailer.Cmailer queued component. This component is installed in a
COM+ application that has been marked as queued. In addition, the _CMailer
Interface is also marked as queued, allowing methods on that interface to be called
asynchronously through a message queue. The _CMailer interface contains one
method; SendMail, which is defined using the following method signature:

Chapter 9: ConsolidatedRetail.com Functionality
183
HRESULT SendMail(
                [in] BSTR strXMLOrderForm,
                [in] VARIANT_BOOL blnUseHTMLMail);
Notice that both parameters are marked as [in], because queued components
do not support [out] or [retval] parameters. The strXMLOrderForm parameter is
used to pass the XML representation of the order form to the component. The
blnUseHTMLMail parameter is a Boolean value that is used to determine if
the e-mail message should be sent in HTML format or plain text.
The QueuedEMailer.CMailer component is also configured to support object
construction. This means that the component implements the IobjectConstruct
interface, which contains a method named Construct that is called by COM+ when
the object is instantiated. A constructor string is passed to the Construct method
containing configuration information that can be used by the object. The constructor
string passed to QueuedEMailer.CMailer is in the following XML format:
<config>
<from>support@consolidatedretail.com</from>
<subject>Order Confirmation</subject>
<TextXSL>C:\Inetpub\b2cref\xml\emailtext.xsl</TextXSL>
<HTMLXSL>C:\Inetpub\b2cref\xml\emailhtml.xsl</HTMLXSL>
<SMTPServer></SMTPServer>
<SMTPPort></SMTPPort>
<SMTPTimeout></SMTPTimeout>
<UseSSL>False</UseSSL>
<SMTPUserName></SMTPUserName>
<SMTPPassword></SMTPPassword>
<SMTPAuthMethod></SMTPAuthMethod>
</config>
This constructor is configured using the Component Services Microsoft Manage-
ment Console (MMC) snap-in as illustrated in Figure 9.10 on the next page.
The QueuedEMailer.CMailer object uses the MSXML3 and CDOSYS objects.
Loading of the XML and XSL is accomplished by the XMLDomDocument, which
uses the MSXML3 object. The actual sending of the e-mail message is accomplished
by the IMessage object (CDO-collaboration data objects), which uses the CDOSYS
object. The Collaboration Data Objects (CDO) for Microsoft Windows 2000
(Cdosys.dll), which implements the 2.0 version of the CDO API specification, is a
COM component designed to simplify writing programs that create or manipulate
Internet messages.


184 Reference Architecture for Commerce
Figure 9.10
Component Services MMC Snap-in
Conclusion
At this point, you should understand the basic functionality and development
decisions behind the ConsolidatedRetail.com application. The code comments
provide additional detail and information.
The next chapter provides an overview of the debugging and testing processes and
best practices, with specific references to the actual tests performed on the Refer-
ence Architecture application.

10
Debugging and Testing
As with any application, it is the responsibility of the developer to ensure that an
e-commerce application delivers both the correct business functionality and the
required level of performance and scalability. To make sure that the application
meets its goals, it must be debugged thoroughly and performance tested.
The first section of this chapter describes procedures for debugging the
ConsolidatedRetail.com site as well as for viewing and debugging the Extensible
Markup Language (XML) output from the pre-processed Active Server Pages
(PASP) scripts. The chapter then goes on to describe types and levels of testing, the
functional testing process, performance testing, and general guidance for evaluating
the test results.
Debugging the Site
Debugging a Web site brings with it several challenges, particularly when server-
side logic such as Active Server Pages (ASP) scripting is used. The preferred devel-
opment environment for building and debugging Web-based applications on
computers running Windows is Visual Studio, which includes Visual InterDev, a
development suite for Web sites. You can use this environment to debug the Refer-
ence Architecture application by adding the FrontPage Server Extensions to the Web
site and creating a new Visual InterDev project based on the site.
For more information about debugging with Visual InterDev, refer to the Visual
InterDev documentation in the MSDN developer program library.

186 Reference Architecture for Commerce
Debugging XML Output from PASP Scripts
Another challenging aspect of debugging the ConsolidatedRetail.com site is view-
ing the XML produced by the PASP scripts. The response stream from these pages is
intercepted by the Extensible Stylesheet Language (XSL) Internet Server Application
Programming Interface (ISAPI) filter and rendered using the specified style sheet.
However, there will be occasions when you should check the XML produced by the
script without applying a style sheet.
The easiest way to view the XML output is to make an .asp copy of each .pasp file in
the site, and access the .asp files using Microsoft Internet Explorer. Because the .asp
versions of the files will not be intercepted by the XSL ISAPI filter, the XML re-
sponse will be returned to the browser and can be seen by viewing the source of the
resulting page. You can access many of the scripts simply by specifying the URL
address of the file, while for others you must pass parameters in a query string
appended to the URL. The following list describes how you can view the XML
results of each of the PASP files in the site.
Note: The XML output for the PASP pages provided in the ConsolidatedRetail.com site is
reproduced in Appendix A. XML output can vary slightly depending upon input in user data
fields and whether or not Microsoft Passport authentication is used.
Acct.pasp – Save the page as Acct.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected when you try
to view Acct.asp). You can then use Internet Explorer to access Acct.asp by
specifying a URL address with no parameters (in the form http://servername:81/
Acct.asp). To view the XML, click Source on the View menu.
AddressBook.pasp – Save this page as AddressBook.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected when you
try to view AddressBook.asp). You can then use Internet Explorer to access
AddressBook.asp by specifying a URL address with no parameters (in the form
http://servername:81/AddressBook.asp). To view the XML, click Source on the
View menu. For more meaningful results, use the site to add at least one address
to your address book first.
AddtoList.pasp – Save this page as AddtoList.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected when you try
to view the page). You can then use Internet Explorer to access AddtoList.asp by
specifying a URL address with no parameters (in the form http://servername:81/
AddtoList.asp). To view the XML, click Source on the View menu. For more
meaningful results, use the site to add items to a shopping list first.
AddtoListResp.pasp – Save this page as AddtoListResp.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected when you
try to view the page). You can then use Internet Explorer to access

Chapter 10: Debugging and Testing
187
AddtoListResp.asp by specifying a URL address with no parameters (in the form
http://servername:81/AddtoListResp.asp). To view the XML, click Source on the
View menu. For more meaningful results, use the site to add items to a shopping
list first.
Basket.pasp – Save this page as Basket.asp. You can then use Internet Explorer to
access Basket.asp by specifying a URL address with no parameters (in the form
http://servername:81/Basket.asp). To view the XML, click Source on the View
menu. For more meaningful results, use the site to add a few items to your
shopping cart first.
Category.pasp – Save this page as Category.asp. You can then use Internet
Explorer to access Category.asp by specifying a URL address with values for
the following parameters:
txtCatalog – The name of the catalog you want to browse.
txtCategory (optional) – The name of a specific category in the specified
catalog).
For example, you could view the XML representation of the Books catalog by
specifying the following URL http://servername:81/
Category.asp?txtCatalog=Books
To view the Games category in the Books catalog, you would use the following
URL http://localhost/Category.asp?txtCatalog=Books&txtCategory=Games
When the page is returned, click Source on the View menu to see the XML.
Changepasswd.pasp – Save this page as Changepasswd.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected when
you try to view Changepasswd.asp). You can then use Internet Explorer to access
Changepasswd.asp by specifying a URL address with no parameters (in the form
http://servername:81/Changepasswd.asp). To view the XML, click Source on the
View menu.
CreditCards.pasp – Save this page as CreditCards.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected when you try
to view the page). You can then use Internet Explorer to access CreditCards.asp
by specifying a URL address with no parameters (in the form http://
servername:81/CreditCards.asp). To view the XML, click Source on the View
menu.
EditAddressBook.pasp. Save this page as EditAddressBook.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will not be able to
view any address information). The URL for this page can include values for the
following parameters:
txtAddressType – Address type, such as billing or shipping. If no value is
provided, then the shipping address is used.
txtAddressID – Globally unique identifier (GUID) for the address. If a value
is specified, then that address is returned.

188 Reference Architecture for Commerce
For example, to view the XML produced when a user wants to add a new ship-
ping address, use Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp
To view the XML produced when a user wants to add a new billing address, use
Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp?txtAddressType=Billing
To view the XML produced when a user wants to edit a specific address, use
Internet Explorer to navigate to the URL http://servername:81/
EditAddressBook.asp?txtAddressID=AddressGUID
After you retrieve the page, click Source on the View menu to see the XML.
EditCreditCard.pasp – Save this page as EditCreditCard.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected when
you try to view the page). You can then use Internet Explorer to access
EditCreditCard.asp by specifying a URL address with no parameters (in the form
http://servername:81/EditCreditCard.asp). To view the XML, click Source on the
View menu.
ForgotPasswd.pasp – Save this page as ForgotPasswd.asp, and then navigate to
the ConsolidatedRetail.com site. You can then use Internet Explorer to access
ForgotPasswd.asp by specifying a URL address with no parameters (in the form
http://servername:81/ForgotPasswd.asp). To view the XML, click Source on the
View menu.
Index.pasp – Save this page as Index.asp. You can then use Internet Explorer to
access Index.asp by specifying a URL address with no parameters (in the form
http://servername:81/Index.asp). To view the XML, click Source on the View
menu.
ListBase.pasp – Save this page as ListBase.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will not be able to view the
information). The URL for this page can include values for the following
parameters:
ListPage – List type, such as shopping lists (lists) or save for later (sfl).
ListName – User-specified name for the shopping list.
For example, to view the XML for a shopping list called “MyClass,” use Internet
Explorer to navigate to the URL http://servername:81/
listbase.asp?ListPage=lists&ListName=MyClass
To view the XML, click Source on the View menu. For more meaningful results,
use the site to create a shopping list first.
ListSearch.pasp – Save this page as ListSearch.asp. You can then use Internet
Explorer to access ListSearch.asp by specifying a URL address with no param-
eters (in the form http://servername:81/ListSearch.asp). You will see the blank
search form.

Chapter 10: Debugging and Testing
189
When the form is completed, the URL for this page can include values for the
following parameters:
txtLogon – Logon name of the user who created the public list.
txtListName – User-specified name for the shopping list.
txtEmailAddress – E-mail address of the user who created the shopping list.
txtSearch – Verifies that the search form is completed. This must return the
value True or an error message is displayed asking the user to enter complete
data.
For example, the URL for a shopping list called “Kim” would be similar to the
following:
http://servername:81/ListSearch.asp?txtLogon=UserName
&txtListName=Kim&txtEmailAddress=EmailName
&txtSearch=True
To view the XML, click Source on the View menu. For more meaningful results,
use the site to create a public shopping list first, and then search for that list.
Login.pasp – Save this page as Login.asp. Close any current sessions with the
ConsolidatedRetail.com site (or you will be redirected to Acct.pasp when you try
to access Login.asp). You can then use Internet Explorer to access Login.asp by
specifying a URL address with no parameters (in the form http://servername:81/
Login.asp). To view the XML, click Source on the View menu.
MultiShipping.pasp – Save this page as MultiShipping.asp, and then navigate to
the ConsolidatedRetail.com site and log on (or you will be redirected to
Login.pasp when you try to view MultiShipping.asp). Then add at least one item
to your shopping cart (or you will be redirected to Basket.pasp when you try to
access MultiShipping.asp). You can then use Internet Explorer to access
MultiShipping.asp by specifying a URL address with no parameters (in the form
http://servername:81/MultiShipping.asp). To view the XML, click Source on the
View menu.
OrderHistory.pasp – Save this page as OrderHistory.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to the Logon
page when you try to view OrderHistory.asp). Place an order. You can then use
Internet Explorer to access OrderHistory.asp by specifying a URL address with
no parameters (in the form http://servername:81/OrderHistory.asp). To view the
XML, click Source on the View menu.
OrderHistoryDetail.pasp – Save this page as OrderHistoryDetail.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will be redirected
to the Logon page when you try to view OrderHistoryDetail.asp). Place at least
one order, and then you can view OrderHistoryDetail.asp using Internet Ex-
plorer by specifying a URL address with a single parameter, order, which should
be the GUID identifying an existing order (or an error will occur). The URL to

190 Reference Architecture for Commerce
access this page is similar to the following: http://servername:81/
OrderHistoryDetail.asp?order= {0FA626B0-852E-4707-93D5-A00619C6A35B}
After you retrieve the page, click Source on the View menu to see the XML.
OrderSummary.pasp – Save this page as OrderSummary.asp, and then navigate
to the ConsolidatedRetail.com site and log on (or you will be redirected to the
Logon page when you try to view OrderSummary.asp). Place an order and
confirm the shipping address, shipping method, and payment information. The
Order Confirmation page should appear. Do not click submit. You can then use
Internet Explorer to access OrderSummary.asp by specifying a URL address with
no parameters (in the form http://servername:81/OrderSummary.asp). Click
Source on the View menu to see the XML.
Payment.pasp – Save this page as Payment.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to the Logon
page when you try to view Payment.asp). Add an item to your shopping cart (or
you will be redirected to Basket.pasp when you try to view Payment.asp). Click
the Shopping Cart icon, and the click the check out button. On the Shipping
page, click Ship to this Address. On the shipping method selection page
(ShippingMethod.pasp), select a shipping method and click continue. Enter
credit card information, and then click submit. You can then use Internet Ex-
plorer to access Payment.asp by specifying a URL address with no parameters
(in the form http://servername:81/Payment.asp). Click Source on the View menu
to see the XML.
Product.pasp – Save this page as Product.asp. You can then use Internet Explorer
to access Product.asp by specifying a URL address with values for the following
parameters:
txtCatalog – The name of the catalog you want to browse.
txtProductID – The ProductID for the product you want to view.
txtVariantID (optional) – The variant ID for the product.
For example, you could view the XML representation of the book named Code by
specifying the following URL http://servername:81/
Product.asp?txtCatalog=Books&txtProductID=Code
Click Source on the View menu to see the XML.
Registration.pasp – Save this page as Registration.asp. You can then use Internet
Explorer to access Registration.asp by specifying a URL address with no param-
eters (in the form http://servername:81/Registration.asp). To view the XML, click
Source on the View menu.

Chapter 10: Debugging and Testing
191
SearchResults.pasp – Save this page as SearchResults.asp. You can then use
Internet Explorer to access SearchResults.asp by specifying a URL address with
values for the following parameters:
txtSearchPhrase – The phrase you are searching for.
txtCatalog – The name of the catalog you want to search.
txtSearchRowsToReturn (optional) – The number of results you want to
return to the user interface.
txtSearchStartPos (optional) – The row number you want to start the search
from.
For example, you could search for the word Age in the Books catalog by specify-
ing the following URL http://servername:81/
SearchResults.asp?txtSearchPhrase=age&txtCatalog=Books
Shipping.pasp – Save this page as Shipping.asp, and then navigate to the
ConsolidatedRetail.com site and log on (or you will be redirected to Login.pasp
when you try to view Shipping.asp). Add an item to the shopping cart, and then
click the Shopping Cart icon. You can then use Internet Explorer to access
Shipping.asp by specifying a URL address with no parameters (in the form
http://servername/Shipping.asp). To view the XML, click Source on the View
menu.
ShippingMethod.pasp – Save this page as ShippingMethod.asp, and then
navigate to the ConsolidatedRetail.com site and log on (or you will be redirected
to Login.pasp when you try to view ShippingMethod.asp). Add an item to the
shopping cart, and then click the Shopping Cart icon. You can then use Internet
Explorer to access ShippingMethod.asp by specifying a URL address with no
parameters (in the form http://servername/ShippingMethod.asp). To view the
XML, click Source on the View menu.
StepSearch.pasp – Save this page as StepSearch.asp. You can then use Internet
Explorer to access StepSearch.asp by specifying a URL with no parameters (in
the form http://servername/StepSearch.asp). To view the XML, click Source on
the View menu.
StepSearch.pasp has the following required parameters:
hdnCatalog – The catalog that contains the items to search.
txtCategory – The search category within the catalog.
txtChildCategory (optional) – The subcategory within the category previ-
ously defined.

192 Reference Architecture for Commerce
StepSearch can include additional optional parameters for each catalog and
category. For example, the catalog books could have the category business software
and the subcategory database. The search for database software books could
allow the following additional parameters:
G Author
G ISBN
G PageCount
G Publisher
G ReadingLevel
G Title
The URL address for such a search would be similar to the following:
http://servername/StepSearch.asp?hdnorder=Author%7CISBN%7CPagecount
%7CPublisher%7CReading+Level%7CTitle&hdncatalog=Books&txtcategory
=Business+Software&txtchildcategory=Database&Author=&ISBN=&Pagecount
=&Publisher=&Reading+Level=&Title=
ThankYou.pasp – Save this page as Thankyou.asp, and then navigate to the
ConsolidatedRetail.com site and log on. Place at least one order and follow the
ordering procedure until the OrderSummary.pasp page is displayed. Do not click
submit. You can then use Internet Explorer to access Thankyou.asp by specifying
a URL address with no parameters (in the form http://servername/
Thankyou.asp). To view the XML, click Source on the View menu.
UserProfile.pasp – Save this page as UserProfile.asp, and then navigate to the
ConsolidatedRetail.com site and log on. You can then use Internet Explorer to
access UserProfile.asp by specifying a URL address with no parameters (in the
form http://servername/UserProfile.asp). To view the XML, click Source on the
View menu.
Debugging a Custom Site Built on the Reference Architecture
If you build a custom business-to-consumer Internet site based on the Reference
Architecture code, you should be aware of the following when you debug the
application.
In some cases you will need to manually enable Visual InterDev debugging for your
ASP applications. These situations are documented in article Q258929, “HOWTO:
Debug ASP Applications Manually Against Windows 2000 Web Server,” in the
Microsoft Knowledge Base at http://search.support.microsoft.com/
Before you attempt to debug the application:
1. Complete the procedures documented in Microsoft Knowledge Base article
Q278751, “BUG Error 800a0046 After You Install Visual Studio 6.0 SP4.”

Chapter 10: Debugging and Testing
193
Complete these procedures even if you install Service Pack 5 (and earlier service
packs are not present). For more information, see Q244272, “INFO: Visual
InterDev 6.0 Debugging” in the Microsoft Knowledge Base.
2. Install Visual Studio Service Pack 5 (SP5), which is available for download at
http://msdn.Microsoft.com/vstudio/sp/vs6sp5/dnldoverview.asp/. Refer
to the readme file included in the Service Pack download for any additional
requirements.
Developing a Test Strategy
The test effort requires a focus because there are many possible test areas and
different types of testing available for each one of those areas. Because there
are always resource constraints — whether these are time, people, or money —
prioritization of the test areas and the type and level of testing to be done are
very important decisions, and are the focus of preliminary test planning.
Possible Test Areas
The following are possible areas to focus your testing:
User Interface testing – These tests check form and consistency. Checks include
those for screen appearance (font, size, colors, and appearance in general), as
well as checks on the data validations for all of the fields in all of the forms in the
application. Both of these tests should be based on the specification documents.
(See Appendix B for more information about data validation in the Reference
Architecture.)
Business Logic testing – The functional specification document defines the
business logic that is expected in the implementation. Therefore, there should be
a set of test cases for checking the business logic. For the Reference Architecture
implementation, this could be done either from the user interface or from the
Commerce Server Business Desk utility. This testing should include testing for
different kinds of users and for different entry paths into the site.
Backend testing – Ideally, back-end tests should be done in the database. Because
the Reference Architecture uses Microsoft Commerce Server 2000, which is
tightly integrated with the SQL Server 2000 tables, the test team could use the
Commerce Server objects to interact with the tables. The test team could write
stubs to test the Commerce Server objects in an isolated manner, and then com-
pare the results from the stub with the XML output that the code generates. You
could also perform this comparison at the user interface layer.

194 Reference Architecture for Commerce
Possible Test Types
The test team may want to perform the following types of tests:
Functional testing ensures that the system provides the functionality described
in the functional specification document.
Regression testing checks whether or not the identical actions performed using
an earlier build of a product function the same on a new build of the product.
This process determines whether a previously reported problem is still there,
whether the problem has been completely resolved; and whether the resolution
caused new problems or revealed related problems.
Security testing guarantees that only users with the appropriate authority are
able to use the applicable features of the system. Systems engineers establish
different security settings for each user in the test environment.
Performance testing ensures that the application responds in the time limit set
by the user.
Stress testing verifies that the application responds appropriately with many
users and activities happening simultaneously. The number of users must be
agreed upon beforehand, and the hardware environment for system testing must
mirror production.
Automated testing can be used for regression and functional testing. This can be
very helpful if the system is stable and not changed often.
Platform testing certifies that the application runs successfully on the operating
system and browser combinations agreed upon in the master test plan, which is
discussed in the “Testing Methodology” section later in this chapter.
Internet service provider (ISP) smoke testing confirms that the application
responds to requests made over an ISP connection.
End-to-end interface testing checks all of the inputs and outputs as well as the
system. This ensures that the application interacts properly with external sys-
tems as defined by the functional specifications.
Input and boundary testing guarantees that the system allows only valid input.
This includes testing to ensure that the maximum number of characters for a
field cannot be exceeded and that boundary conditions function correctly (such
as valid ranges and off-by-one, null, maximum, minimum, tab order from field
to field on the screen, and so on).
Windows/Internet GUI standards testing verifies that the application has a
standardized look and feel.
Localization testing guarantees that the application will work properly in
different languages.
Euro-compliant testing is used when an application will receive monetary
values from the Economic and Monetary Union (EMU).

Chapter 10: Debugging and Testing
195
Conversion testing checks any data that must be converted to ensure that the
application works properly. This could be conversion from a legacy system or
changes needed for the new schema.
Installation/upgrade testing checks the setup/upgrade routine to ensure that
the application can be installed over an existing copy. The test team may decide
whether to test only full builds or to also test incremental builds.
Usability testing ensures that the application is easy to work with, limits key-
strokes, and is easy to understand. The best way to perform this testing is to
bring in experienced, medium, and novice users, and solicit their input on the
usability of the application.
Ad hoc testing is done to test the system with unstructured scenarios to ensure
that it responds appropriately. To accomplish this, you can ask someone to
perform a function without telling them the steps for doing it.
Environment security testing guarantees that the application installs and runs
in the production environment. For this testing, the SQL Server and Internet
Information Services (IIS) security settings must be identical to those used in
production.
Network testing determines what happens to the application when different
network latencies are applied. For example, it can uncover possible problems
with slow network links.
Disaster recovery (backup/restore) testing is done to ensure that adequate
procedures are in place for restoring the application and its data store in the
event of a disaster. This testing is owned by production support.
Application-based failover functionality testing ensures that application-based
failover works in documented failure situations.
User acceptance testing is typically performed by those who are similar in skill
set and background to the target audience. The purpose is to determine how well
the application meets user requirements and expectations (the user requirements
drive the test). Note that the test team doesn’t actually perform this testing, but
may supervise or design it.
Out of memory and memory leaks testing ensures that the application runs in
the amount of memory specified in the technical documentation. This testing
also detects memory leaks associated with starting and stopping the application
many times.
Migration testing of applications from earlier versions of the operating system
ensures that the application runs after a later version of the operating system is
installed.
Help testing is done to ensure that the details provided in Help are relevant and
provide a solution to the problem faced. The test team does not check the valid-
ity of the business rules while verifying the Help content.

196 Reference Architecture for Commerce
The test team must decide on the level of testing that needs to be done in each of
these areas, as follows:
High – Very important to thoroughly test this area
Medium – Perform standard testing
Low – Test if time allows
The next section focuses on functional testing.
Functional Testing
While developing an e-commerce solution, you should carefully test each build to
ensure that it provides the functionality described in the application functional
specification. This involves ensuring that the application behaves in the expected
manner when each of the user scenarios identified in the application design occurs.
Testing Methodology
In most medium-to-large scale projects, a testing team is assigned the task of per-
forming functional testing, and an iterative cycle of application builds and tests lead
to the eventual release of the software.
Figure 10.1 shows a typical application development and test cycle. Refer to the
appropriate subsection in this chapter for a description of each stage in the cycle.
Stage 1 – Document the Test Goals and Master Plan
The testing effort begins with the documentation of the test goals and how these
goals are to be achieved. It is essential to plan and put in writing the test assump-
tions, schedule, priorities to test, level of testing, responsibilities, expectations and
dependencies, risks, and mitigation plans — all in the context of the testing effort.
At the end of this planning, you will have a master test plan document, which is a
living document through the test life cycle.
The source documents required during this phase are the functional specification
document and the high-level release schedule of the code.
Refer to the “Developing a Test Strategy” section earlier in this chapter for a de-
scription of the areas and types of tests that the team should consider when devel-
oping the master test plan.
Stage 2 – Prepare the Detailed Test Plan
The detailed test plan describes the various usage scenarios and entry paths for all
of the users or accounts. These test usage scenarios are based on the usage scenarios
identified during the application design process. The detailed test plan also identi-
fies the priority of each of the scenarios to be tested.

Chapter 10: Debugging and Testing
197
1. Test Goals / 
Master Test 
2. Detailed Test 
3. Test Plan 
4. Test Case 
Planning
Planning
Review
Generation
5. Test Execution / 
6. Cycle 
9. Test Report 
10. Release
Defect Isolation
Complete?
Generation
7. Triage Meeting
Key
Test Team
Development 
8. Bug Fix
Team
Figure 10.1
Typical Test Cycle
The source documents required during this phase are the functional specification
document and the high-level application and architectural design.
Refer to Appendix C for a sample detailed test plan.
Stage 3 – Review the Detailed Test Plan
The development team must review the detailed test plan to ensure that it matches
the functional testing requirements for the application. After the testing plan is
approved, testing can begin.
Stage 4 – Define the Test Cases
The approved detailed test plan is used to generate detailed test cases that define
the action to be performed on the application, as well as the input data, expected
results, and the need to record the results in a prescribed format. During this stage,
you should prioritize the detailed test cases based on the criticality of the function
being tested. (It may be necessary to expand each scenario in the detailed test plan
into one or more test cases in the detailed test case document.) In addition, you may
need to generate a test case sequencing document to reduce execution time.
Refer to Appendix D for sample detailed test cases.

198 Reference Architecture for Commerce
Stage 5 – Test the Application
During the actual testing stage, you should test all of the application paths end-to-
end to ensure that they conform to the functional specification. The test team uses a
defect-tracking tool to report all of the defects uncovered during testing to program
management. In addition, the test team may isolate the defects.
The documents necessary for this phase are the detailed test cases.
Stage 6 – Determine if the Build/Test Cycle Is Complete
It is unlikely that the application will be ready for release after a single round of
testing. The decision to perform another build and test iteration depends on many
factors, including the severity of the remaining bugs, budgetary constraints, and
milestone dates. Your project plan should allow for several build/test iterations
before release.
Stage 7 – Hold Triage Meetings
The test team, program management team, and development team discuss the
defects during triage meetings, and each defect is assigned to a development team
member for resolution.
Stage 8 – Fix and Resolve Bugs
The development team must work together to resolve all of the bugs identified
during the triage meeting. After resolving them, each bug is assigned back to the
owner (the test engineer who raised the bug) for verification and closure, if verifica-
tion is successful. After a defect — or  bug — is resolved, the defect is assigned back
to the owner (the test engineer who identified the bug) for closure if it is fixed or for
further action if issues are unresolved.
Stage 9 – Generate the Test Report
The test report contains status information about specific items listed in the test
plan, along with defect information categorized by severity level.
This report is crucial for the Go/No Go meeting (discussed in the following
subsection).
Stage 10 – Conduct the Go/No Go Meeting
When testing is complete, the program management team conducts a Go/No Go
meeting to decide whether or not the application is ready to be released. In addition
to program management, the required attendees are the test team and the develop-
ment team.
The key documents for this meeting are the release criteria (decided during the
master test plan stage) and the test report.

Chapter 10: Debugging and Testing
199
Performance Testing
Before deploying an e-commerce solution into a production environment, the
application should be thoroughly tested to ensure that it meets the required perfor-
mance and scalability targets. Generally speaking, an application should be tested
in terms of response time and throughput to verify that it provides an acceptable level
of performance when used by the target number of users.
Response Time
Response time is a measurement of the performance of the application from the
individual user’s perspective. It measures the interval between a user request and
the response from the application. What constitutes an acceptable response time
will vary from site to site, and perhaps from page to page (for example, a user may
be prepared to wait longer for his or her user credentials to be authenticated than
for the products in a requested category to be displayed), and while a “the faster the
better” approach may seem to be the preferred design pattern, you should be aware
that in some cases, response time should be compromised to provide adequate
security or scalability.
The two main factors that contribute to poor response time in an e-commerce
application are network latency and application processing time. Network latency can
be minimized in a number of ways. For example:
G Deploy the application on suitable infrastructure architecture. For example,
use fast switches rather than hubs and specify high performance networking
hardware.
G Minimize the physical distance between application tiers.
G Minimize the number of cross-network function calls between components.
G Cache data to avoid unnecessary database access calls.
Application processing time is the “think” time that the application requires to
perform particular tasks. You can minimize this time by ensuring that your code is
well written and that the application uses an appropriate mix of interpreted script
and compiled code. Additionally, using an asynchronous programming model
where possible can greatly enhance response time.
Response time generally degrades as the load on an application increases. Addition-
ally, some programmatic bugs (such as those resulting in memory leaks) can be
detected under high load levels only. Therefore, response time tests must be per-
formed under a suitable simulation of the expected load.

200 Reference Architecture for Commerce
Throughput
Throughput is a more holistic view of the application’s performance. It measures
the ability of the application to cope with the load placed on it by multiple concur-
rent users. Throughput is generally measured in pages per second or requests per
second, and it is an indication of how well the application scales when accessed
by large numbers of users.
Strategies to improve throughput include scaling out (using multiple servers
configured in a load balancing cluster to share the user load), partitioning data
across multiple database servers using a hashed value as a partitioning key, mini-
mizing resource contention by utilizing pooling technologies (such as database
connection pooling and COM+ object pooling), and scaling up (adding hardware
resources to servers in order to cope with the increased load).
To accurately test throughput in an e-commerce site, you must profile the kinds of
activity your users will be performing. In particular, you must identify the antici-
pated buy-to-browse ratio (the expected percentage of users who make a purchase
compared to the percentage of users who simply browse the catalog). This can vary
widely between different types of sites (for example, in a business-to-consumer
retail site you may expect only around 20 percent of users to actually make a pur-
chase, while in an Internet banking solution, most users will require a transaction of
some sort). To a large extent, this information can be accurately identified only after
the site is in production, but you should test using the most accurate estimations
available based on the metrics from similar sites. When simulating user load for test
purposes, you should try to reflect the expected usage patterns as much as possible
to gain an accurate picture of how the application will perform in production.
Testing should be performed on a realistic basis. The test infrastructure should be as
close as possible to the production environment in which you intend to deploy the
application. For example, you should use multiple Web servers configured with
some kind of Internet Protocol (IP)-based load balancing. Don’t rely on performance
metrics gathered from testing on a single computer! Remember that security mea-
sures such as firewalls and encryption affect performance, and incorporate these
measures into your test environment.
Performance Testing Tools and Utilities
There are a variety of tools that can be used to gather performance statistics. These
include monitoring tools such as Microsoft Windows 2000 System Monitor and
Netmon, SQL Server Profiler, system log files such as those generated by IIS, dedi-
cated testing tools such as Microsoft Web Application Stress (WAS) tool, and many
other third-party stress testing tools. Each tool has its own strengths and weak-
nesses, so to get an accurate picture of your application’s performance, do not rely
on a single tool. Instead, test the application using a variety of different tools.

Chapter 10: Debugging and Testing
201
The WAS tool can be used to simulate the load placed on your application by a
number of concurrent users. To do this, you can record a sequence of HTTP requests
to your site, and have the WAS tool play those requests back for a specified number
of concurrent users. The tool gathers response time and throughput statistics, which
can then be used to evaluate your application’s performance. You can learn more
about the WAS tool and download it at http://webtool.rte.microsoft.com/
default.htm
When using stress testing tools such as WAS, you should create several scripts
simulating different user scenarios, rather than a single script. This allows you to
run the scripts individually when you are trying to identify a specific performance
bottleneck, or simultaneously when you are trying to simulate a realistic load on
the application. Most stress testing tools allow you to configure the relative stress
placed on the system by each script as a percentage of the total stress, allowing you
to more accurately reflect the usage patterns you expect to find in production.
Performance Testing Methodology
The customers of an e-commerce site expect the site to perform well at all times.
Performance, scalability, and overall reliability of the application are fundamental
to the Web application design.
The methodology of performance analysis includes the following distinct steps:
1. Preparing for the analysis
2. Creating a stress script
3. Executing the test
4. Analyzing the results
5. Documenting and delivering the results.
Each of these steps is examined in the following sections.
Preparing for the Analysis
The first step of the analysis involves gathering information. This information
should provide you with the details necessary to duplicate the application environ-
ment and understand how the application is used; it should also tell you of any
existing performance issues. Sources for this information include marketing fore-
casts, production IIS logs, performance logs, and functional specifications for the
application. Of course, much of this information is available for an existing produc-
tion site only. For a new site, you should rely on marketing forecasts and metrics
obtained from similar sites. The information you collect is critical to the success
of the performance analysis. It will help determine the requirements for the test
environment and will be used through all phases of the analysis — from  staging
the environment to deciphering test results.

202 Reference Architecture for Commerce
You should also identify all deliverables for the performance analysis before the
analysis begins. Think of the deliverables as the contract between the test team and
the application owners. Often when conducting performance analysis, the applica-
tion owners may not know what they are looking for out of the analysis. Creating a
set of deliverables can answer this for them.
Create a Replica of the Production Environment
For the most accurate test results, the test facility should mimic the current or
expected production environment. This includes both hardware and software
configurations. If load-balancing solutions such as Microsoft Network Load Balanc-
ing or the Windows NT Load Balancing Service (NLB/WLBS) are deployed in
production, your test environment should reflect this.
Server roles and the number of servers deployed in production should similarly be
configured in the test facility. For example, if you are using a cluster of three IIS
servers in production, match that configuration in the stress test lab. CPU, RAM
and disk configurations for each IIS server should also match what is in production.
Service packs, drivers, and BIOS versions for hardware must be duplicated. Match-
ing hardware and software enables you to produce more accurate benchmark
numbers and eliminates the need to extrapolate data.
You may not be able to create an exact replica of your production environment due
to budget constraints or other limitations. In that case, be sure to note the differ-
ences when you are performing your data analysis.
To test the ConsolidatedRetail.com site, the application was deployed on the test
infrastructure shown in Figure 10.2.
The workstations were used to simulate Internet clients (one of the computers ran
Windows 2000 Professional, while the other two ran Windows 98), accessing the site
through a level three switch. The IIS servers in the Web tier then communicated
through a second switch to the database server. All Commerce Server objects and
pipelines were deployed on the IIS servers (that is, there was no separate physical
tier of application servers) and all of the site data, with the exception of the direct
mail database, which was stored on the SQL Server database server behind the
second switch. The direct mail database was deployed on the IIS servers.
This infrastructure was designed to provide an approximation of the deployment
environment for the application.

Chapter 10: Debugging and Testing
203
IIS Server
(4x500 MHz, 512 Mb RAM)
Test Workstation
(P2, 266, 128Mb RAM)
IIS Server
net
net
(4x700 MHz, 512 Mb RAM)
net
Ether
Ether
Ether
Switch
Switch
SQL Server
Test Workstation
(8x500 MHz, 2098 Mb RAM)
(P2, 266, 128Mb RAM)
IIS Server
(4x700 MHz, 512 Mb RAM)
Test Workstation
(P2, 266, 128Mb RAM)
IIS Server
(4x700 MHz, 512 Mb RAM)
Figure 10.2
Test Infrastructure
Involve the Application Owner
Many times the application owners have conducted research of their own. Discuss-
ing performance issues with the application owners may save you time. They will
be able to provide you keen insight into performance anomalies with their applica-
tion. In particular, the application developers may have specific areas of concern
and knowledge that a manager may not be able to provide. If their research uncov-
ers existing bottlenecks, your task could simply involve verifying these trouble
areas and providing the developers with greater detail.

204 Reference Architecture for Commerce
Understand the Technology Behind the Application
Understanding the technologies behind the application before proceeding is im-
perative. The more in-depth understanding you have of the application, the more
thorough your performance/stress analysis will be. For example, if you know that a
particular application relies heavily on XML, you should become familiar with the
performance tuning aspects of XML.
In the case of the ConsolidatedRetail.com application, the test team needed to be
confident in the deployment and use of Commerce Server 2000, as well as XML and
the XSL ISAPI filter.
Define the Transaction or User Scenarios
To complete a successful performance/stress analysis, you must know how end
users use an application on a daily basis. You will find that users tend to do one
task more than others. Your performance/stress scripts should reflect this usage
pattern. When you are determining these usage patterns, be sure to contact market-
ing and product support staff. These people generally have more contact with users
and will have insight into these statistics. IIS logs are also a good source for under-
standing how often application components or pages are accessed. Logs can also be
extremely useful, not only for defining user scenarios to script, but also for verify-
ing page view distribution in production compared to stress test distributions.
In the case of the ConsolidatedRetail.com site, the expected usage pattern is a
browse to buy ratio of 80 percent. Additionally, of the 20 percent of users who make
a purchase, it is expected that half of them will be returning users who have already
registered, and half will be new customers who must register before checking out.
Define the Goals
Be sure to define the goals of the analysis, and include these goals in the test plan so
that everyone has the same understanding of what the deliverables are. This re-
duces the risk of having to re-run test scripts, which wastes time and resources and
can negatively affect the analysis because the test team may tend to rush through
the data due to a lack of time.
Creating the Stress Script
After gathering the required information and preparing your test environment, the
next step in the performance/stress analysis is to create a stress script that accu-
rately simulates the expected traffic for the site. This can be accomplished using
historical data from the current build/version of the site or expected data from the
marketing or business analysts. To generate bulletproof stress scripts, consider the
factors discussed in the following subsections.

Chapter 10: Debugging and Testing
205
Create More Than One Script
When dealing with multiple scenarios, you should avoid creating a single script
that contains all of the scenarios. Using a single large script will make it difficult to
isolate the particular scenario that is slowing down the entire script. For example, if
you want to simulate a common e-commerce site, you may have a user scenario in
which the user browses categories and products, another in which the user adds to
the shopping cart and checks out, and yet another that allows the user to search for
products. If the test team creates three separate scripts, the team can execute stress
tests separately, identify the bottlenecks in each user scenario and simultaneously
simulate the anticipated traffic mix of the site.
Avoid Record and Play Back
The days of static Web sites have long been over. A majority of today’s sites, par-
ticularly those created for the purpose of e-commerce, have content that is purely
dynamic. For that reason, you cannot accurately script the site by simply recording
and playing back the basic get and post commands. You may need to customize if
the site dynamically generates items such as shopper IDs, basket IDs, order IDs, and
GUIDs. Many test tools have features to capture the dynamically changing variables
for each thread (virtual user), but you need to verify the script results to ensure
variables are being generated properly.
Many test tools also have the ability to import data from a .csv or .txt file. This
feature allows you to dump a list of products and categories from the SQL database
and use the data contained in the files as the means to make your script more
dynamic (instead of making your script use the same products repeatedly). The
WAS tool allows you to create a list of variables to include in your script, for ex-
ample; user names, passwords, products, and categories can all be created as
variables.
Verify the Actions of the Stress Tool
Before proceeding with a large-scale test, you should always verify that the stress
tool is accurately using the site as an actual user. To do this, you must understand
what each ASP page accesses and executes on the IIS server and SQL Server. The IIS
server log file and the SQL Profiler/Trace files are excellent resources to use when
tracking the behavior of ASP pages. A more accurate method is to walk through the
site with a browser and make note of all SQL commands and stored procedures that
are called for each page. In addition, note all of the Web content (such as GIF, XML,
ASP, and HTML files) that appears in the IIS log for each page included in the stress
script. You can then play the script back for one user going through the scenario a
single time and verify that the identical server-side activity occurs in the SQL trace
file and IIS log.

206 Reference Architecture for Commerce
Executing the Performance/Stress Test
At this point, you should have an environment built to host the application and a
script created that simulates client load. The third step of a performance/stress
analysis is to execute the stress test by running your script. The following subsec-
tions outline some basic points to use when executing a performance/stress test.
Smoke Test the Site
Smoke testing allows you to identify the number of clients and number of threads
necessary to find the application system bottleneck. Microsoft recommends using
several clients running a lower number of threads, rather than a single client run-
ning a high number of threads. Smoke testing means running several short stress
tests to focus into the optimal ratio between clients and virtual user threads. Opti-
mal means the ratio that is producing a performance degradation or bottleneck on
the servers, not on the stress clients.
Start Gather Performance Data
When you have the correct ratio between clients and threads, set up the test by
starting System Monitor on all of the servers and logging every counter. For tests
that are 30 minutes or less, you can use 15- or 30-second intervals. For longer tests,
use 60- to 300-second intervals to keep the log file size to a minimum.
Reset the IIS Log Before Starting Your Test
Clearing the IIS logs eases the process of data analysis. You can reset the logs by
shutting down the IIS Administrator Service (iisadmin) by using the iisreset com-
mand or the net stop iisadmin /y command. Next, delete the IIS log file found in
C:\Winnt\System32\LogFiles, and restart the w3svc service by using the net start
w3svc 
command.
Clear the Windows Events System, Security, and Application Logs
Clearing the Windows Events logs allows you to identify any abnormal error
messages resulting from the site during stress testing.
Configure and Start the SQL Profiler
On the SQL Server, start the SQL Profiler, create a new trace, and add the T-SQL and
Locks events only. This trace shows all of the SQL commands and stored proce-
dures, reads, writes, and command durations, and any deadlocks that occur. Note
that SQL trace files rapidly grow in size as the test proceeds. Therefore, only collect
them for the entire test if you are running a test of 30 minutes or less. For an ex-
tended test, Microsoft recommends running SQL Profiler at 30-minute intervals in
the beginning, middle, and end of the test. If you have an additional SQL Server,
you can set up your trace to log to a database instead of a file.

Chapter 10: Debugging and Testing
207
Create a Controlled Environment
If possible, try to execute the stress test with no other activity on the IIS cluster or
SQL Server(s). Using this controlled environment, you can make sure that there are
no abnormal error messages, page views, network traffic, or load coming from any
source other than your stress clients.
Analyzing the Results
After you run the tests and generate the test data, you can begin the analysis phase.
First, you should verify that the stress test ran through the simulation successfully,
and then proceed with a complete analysis of the data. This process is outlined in
the following subsections.
Stop the Simulation and Halt Data Collection
Stop the stress scripts, System Monitor, and SQL Profiler on all of the clients and
servers in the test environment. Make sure that the System Monitor, SQL Profiler
trace, IIS log, and Windows Event Logs have been saved in a separate directory,
allowing you to archive and organize your test data.
Review the Windows Event Log
Read through the Windows Event Log and make sure that no abnormal messages
were generated as a result of your stress script. Errors generated as a result of the
stress test are acceptable.
Analyze the Performance Monitor Data
System Monitor data can help you determine metrics such as system CPU utiliza-
tion, memory utilization, disk queuing, and w3svc counters.
Analyze the SQL Trace File
When you analyze the SQL trace file, search for SQL commands and stored proce-
dures that have long durations (more than a second), and a high number of SQL
reads or writes. If you are not familiar with the performance tuning aspects of SQL
Server, forward your findings to a SQL architect for further analysis. Tuning the
SQL Server may involve adding a few indexes and changing code within the stored
procedures, or it can become a more involved process of re-architecting the design
of the database.
Verify the Pages Accessed
IIS log files should help identify all of the page views accessed during the stress
test. Additionally, Commerce Server 2000 statistics and IIS log files can be imported
into a data warehouse and examined using the Reports module of Commerce Server
Business Desk. This can provide an in-depth picture of the site activity during
the test.

208 Reference Architecture for Commerce
Measure Throughput for the Site
Throughput is measured in terms of successful completions of user scenarios. For
example, successful shopping basket creations, orders processed, and searches
performed are considered successful completions for an e-commerce site. These
metrics are understandable by most everyone, not just developers. One of the
easiest and most accurate methods to define throughput is by using a table in the
database and measuring the delta before and after the test. You can then reconcile
this data using the IIS log, counting the number of actual page views.
Use SQL Tables for Throughput Analysis
As mentioned earlier, SQL databases also have tables that can be used to count the
number of successful transactions. For example, if there is a shopping basket table,
run a row count before and after the stress test. The difference is the number of
shopping baskets created during the stress test. The results of the query, along with
the time stamps at the beginning and end of the test, help determine a transaction/
time throughput rate.
Verify Throughput Numbers
The key questions to answer during this verification is whether the number of
transactions indicated by the IIS log correlate with the number of total new transac-
tions indicated by entries in the database, and if not, why. Another potential source
for verifying throughput is stress tool reports, although these reports can be overly
optimistic when compared to server side data. Therefore, you may want to trust the
server side data if there is a discrepancy. Verifying throughput from two or more
sources enables you to be more confident in the results.
Conclusion
This chapter provided instructions that will allow you to access and debug output
from the PASP script files included in the Reference Architecture application.
In addition, it provided an overview of the debugging and testing processes and
best practices, with specific references to the actual tests performed on the Refer-
ence Architecture application. You can use this chapter as a reference when develop-
ing a test plan for customized software based on the Reference Architecture. For
more information and specific examples to use when preparing detailed test plans
and test cases, refer to Appendices C and D.

Part 4
Appendices
Part 4 of the Developer’s Guide for the Reference Architecture for Commerce
provides additional reference materials that you may find helpful when reviewing
the Reference Architecture application code or when building or testing a solution
based on the Reference Architecture. The materials included in Part 4 are intended
primarily for application developers and testers.
Part 4, “Appendices,” includes the following:
G Appendix A: XML Output from ConsolidatedRetail.com
G Appendix B: Data Field Validation
G Appendix C: Sample Detailed Test Plan
G Appendix D: Sample Detailed Test Cases


Appendix A
XML Output from
ConsolidatedRetail.com
This appendix contains the XML output from the following ConsolidatedRetail.com
PASP files:
G Acct.pasp
G AddressBook.pasp
G AddtoList.pasp
G AddtoListResp.pasp
G Basket.pasp
G Category.pasp
G ChangePasswd.pasp
G CreditCards.pasp
G DeleteAddressBook.pasp
G EditAddressBook.pasp
G EditCreditCard.pasp
G ForgotPasswd.pasp
G Index.pasp
G ListBase.pasp
G ListSearch.pasp
G Login.pasp
G MultiShipping.pasp
G OrderHistory.pasp
G OrderHistoryDetail.pasp

212 Reference Architecture for Commerce
G OrderSummary.pasp
G Payment.pasp
G Product.pasp
G Registration.pasp
G SearchResults.pasp
G Shipping.pasp
G ShippingMethod.pasp
G StepSearch.pasp
G Thankyou.pasp
G UserProfile.pasp
Acct.pasp
The following XML is a sample of the output produced when an authenticated user
accesses Acct.pasp. (This XML was generated for a user who logged on using SQL
Server authentication rather than Passport; therefore, the <notpassportuser/> tag
appears in the XML output.)
<?xml-stylesheet type="text/xsl"
server-config="Acct-Config.xml"
href="Acct-IE5.xsl"?>
<page pagename="Acct.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode/>
  <profilemenu/>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
    </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

Appendix A: XML Output from ConsolidatedRetail.com
213
AddressBook.pasp
The following XML is a sample of the output produced when an authenticated
user accesses AddressBook.pasp. (This XML was generated for a user who
logged on using SQL Server authentication rather than Passport; therefore, the
<notpassportuser/> tag appears in the XML output.) In addition, note that
<isbilling> has a value of 1, which indicates that the billing address is same as
the shipping address:
<?xml-stylesheet type="text/xsl"
server-config="AddressBook-Config.xml"
href="AddressBook-IE5.xsl"?>
<page pagename="AddressBook.pasp">
  <httphost>localhost%3A81</httphost>
  <profilemenu/>
  <addresses>
    <address>
      <address_id>{CDBD249A-3D16-4952-A2CC-947EA9D6985B}</address_id>
      <address_type>1</address_type>
      <address_name>Kim Abercrombie</address_name>
      <description>Home</description>
      <address_line1>My House</address_line1>
      <address_line2/>
      <city>Redmond</city>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
      <tel_number>019182782</tel_number>
      <tel_extension/>
      <isbilling>1</isbilling>
    </address>
  </addresses>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

214 Reference Architecture for Commerce
AddtoList.pasp
The following XML is a sample of the output produced when a user adds items to a
shopping list:
<?xml-stylesheet type="text/xsl"
server-config="addtolist-Config.xml"
href="addtolist-IE5.xsl"?>
<page pagename="addtolist.pasp">
  <httphost>localhost%3A81</httphost>
  <listaddinfo>
    <productid>
      Microsoft Age of Empires II: The Age of Kings: Inside Moves
    </productid>
    <variantid/>
    <catalog>Books</catalog>
    <category/>
    <quantity>1</quantity>
  </listaddinfo>
  <lists></lists>
  <publicuser/>
  <lineitems>0</lineitems>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
AddtoListResp.pasp
The following XML is a sample of the output produced when a user views the
contents of an updated shopping list:
<?xml-stylesheet type="text/xsl"
server-config="addtolistresp-Config.xml"
href="addtolistresp-IE5.xsl"?>
<page pagename="addtolistresp.pasp">
  <httphost>localhost%3A81</httphost>
  <response>Your item has been added to your list.</response>
  <getcatalogsforuser>

Appendix A: XML Output from ConsolidatedRetail.com
215
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
Basket.pasp
The following XML is a sample of the output produced when a user accesses
Basket.pasp and has a product in the basket:
<?xml-stylesheet type="text/xsl"
server-config="Basket-Config.xml"
href="Basket-IE5.xsl"?>
<page pagename="Basket.pasp">
  <httphost>localhost%3A81</httphost>
  <advertising/>
  <auth/>
  <currentcatalogname/>
  <backurl>http://MYCOMP:81/index.pasp</backurl>
  <discounts>
    <nodiscountdisplay>—</nodiscountdisplay>
  </discounts>
  <totallineitems>1</totallineitems>
  <orderform
      orderform_id="{B8B9F717-FCEB-4DE3-8865-FF9168690A98}"
      saved_cy_oadjust_subtotal="74.95">
    <Items quantity="1" product_id="651"
      product_idurl="651" product_catalog="Hardware"
      product_category="Featured Products"
      description="Coming Soon"
      d_DateCreated="10/8/2001 5:06:03 PM"
      cy_lineitem_total="74.95"
      cy_unit_price="74.95"
      lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
      _product_Name="Microsoft® SideWinder® Freestyle Pro"
      _cy_oadjust_adjustedprice="74.95"
      _cy_oadjust_discount="0"/>
  </orderform>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>

216 Reference Architecture for Commerce
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
Category.pasp
The following XML is a sample of the output produced by Category.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Category-Config.xml"
href="Category-IE5.xsl"?>
<page pagename="Category.pasp">
  <httphost>localhost%3A81</httphost>
  <advancedsearch>
    <advcatalogname>Hardware</advcatalogname>
    <advcategoryname/>
  </advancedsearch>
  <searchscope>Hardware</searchscope>
  <getcatalogattributes>
    <catalogname>Hardware</catalogname>
    <catalognameurl>Hardware</catalognameurl>
    <startdate>2/10/2000</startdate>
    <startdateurl>2%2F10%2F2000</startdateurl>
    <enddate>2/10/2000</enddate>
    <enddateurl>2%2F10%2F2000</enddateurl>
    <variantid>SKU</variantid>
    <variantidurl>SKU</variantidurl>
    <productid>prodid</productid>
    <productidurl>prodid</productidurl>
    <currency>USD</currency>
    <currencyurl>USD</currencyurl>
    <weightmeasure>lbs</weightmeasure>
    <weightmeasureurl>lbs</weightmeasureurl>
    <catalogid>2</catalogid>
    <catalogidurl>2</catalogidurl>
    <customcatalog>False</customcatalog>
    <customcatalogurl>False</customcatalogurl>
    <freetextindexcreated>
        9/27/2001 3:33:47 PM
    </freetextindexcreated>
    <freetextindexcreatedurl>
        9%2F27%2F2001+3%3A33%3A47+PM
    </freetextindexcreatedurl>

Appendix A: XML Output from ConsolidatedRetail.com
217
    <producttableupdated>
        9/27/2001 3:33:42 PM
    </producttableupdated>
    <producttableupdatedurl>
        9%2F27%2F2001+3%3A33%3A42+PM
    </producttableupdatedurl>
    <currentcatagoryname></currentcatagoryname>
  </getcatalogattributes>
  <rootcategories>
    <rootcategory>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
      <categoryname>Featured Products</categoryname>
      <categorynameurl>Featured+Products</categorynameurl>
    </rootcategory>
    <rootcategory>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
      <categoryname>Gaming Devices</categoryname>
      <categorynameurl>Gaming+Devices</categorynameurl>
    </rootcategory>
    <rootcategory>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
      <categoryname>Keyboards</categoryname>
      <categorynameurl>Keyboards</categorynameurl>
    </rootcategory>
    <rootcategory>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
      <categoryname>Mice</categoryname>
      <categorynameurl>Mice</categorynameurl>
    </rootcategory>
    <selectiontitle>Browse Categories:</selectiontitle>
  </rootcategories>
  <rootproducts>
    <selectiontitle>
      no products found at the root level for catalog &apos;Hardware&apos;.
    </selectiontitle>
  </rootproducts>
  <showlists/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

218 Reference Architecture for Commerce
ChangePasswd.pasp
The following XML is a sample of the output produced by ChangePasswd.pasp:
<?xml-stylesheet type="text/xsl"
server-config="ChangePasswd-Config.xml"
href="ChangePasswd-IE5.xsl"?>
<page pagename="ChangePasswd.pasp">
  <httphost>localhost%3A81</httphost>
  <profilemenu/>
  <notpassportuser/>
  <validate>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtCurrentPassword</fieldname>
      <errormessage>Please enter your current password.</errormessage>
    </validateitem>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtNewPassword</fieldname>
      <errormessage>Please enter a new password.</errormessage>
    </validateitem>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtConfirmPassword</fieldname>
      <errormessage>Please confirm the new password.</errormessage>
    </validateitem>
  </validate>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

Appendix A: XML Output from ConsolidatedRetail.com
219
CreditCards.pasp
The following XML is a sample of the output produced by CreditCards.pasp after a
user saves credit card information in his or her profile:
<?xml-stylesheet type="text/xsl"
server-config="CreditCards-Config.xml"
href="CreditCards-IE5.xsl"?>
<page pagename="CreditCards.pasp">
  <httphost>localhost%3A81</httphost>
  <profilemenu/>
  <creditcards>
    <creditcard>
      <ccid>{CDF383A4-7932-4674-867A-085F7B6E181A}</ccid>
      <ccname>Kim Abercrombie</ccname>
      <ccnumber>xxxxxxxxxxxxxxx5231</ccnumber>
      <ccexpmonth>01</ccexpmonth>
      <ccexpyear>2002</ccexpyear>
      <ccnickname>Personal</ccnickname>
      <user_id>{E246BE62-8937-4CF2-A312-178DEC172A5F}</user_id>
      <cctype>Visa</cctype>
    </creditcard>
  </creditcards>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

220 Reference Architecture for Commerce
DeleteAddressBook.pasp
The following XML is a sample of the output produced by DeleteAddressBook.pasp
when no address parameter is specified:
<?xml-stylesheet type="text/xsl"
server-config="DeleteAddressBook-Config.xml"
href="DeleteAddressBook-IE5.xsl"?>
<page pagename="DeleteAddressBook.pasp">
  <httphost>localhost%3A81</httphost>
  <addresstype>Shipping</addresstype>
  <pagemode>AddressBook.pasp</pagemode>
  <profilemenu/>
  <address>
    <generalinfo>
      <address_id>{372BB421-8990-4D41-9F23-6F9E682E8321}</address_id>
      <address_type>1</address_type>
      <address_name>a</address_name>
      <description>b</description>
      <address_line1>a</address_line1>
      <address_line2>a</address_line2>
      <city>a</city>
      <region_name>Alabama</region_name>
      <postal_code>12345</postal_code>
      <tel_number>12345</tel_number>
      <tel_extension/>
      <isbilling>0</isbilling>
    </generalinfo>
  </address>
  <code_table>
    <region_name>Alabama</region_name>
    <region_name>Alaska</region_name>
    <region_name>Arizona</region_name>
    <region_name>Arkansas</region_name>
    <region_name>California</region_name>
    <region_name>Colorado</region_name>
    <region_name>Connecticut</region_name>
    <region_name>Delaware</region_name>
    <region_name>District of Columbia</region_name>
    <region_name>Florida</region_name>
    <region_name>Georgia</region_name>
    <region_name>Hawaii</region_name>
    <region_name>Idaho</region_name>
    <region_name>Illinois</region_name>
    <region_name>Indiana</region_name>
    <region_name>Iowa</region_name>
    <region_name>Kansas</region_name>
    <region_name>Kentucky</region_name>
    <region_name>Louisiana</region_name>
    <region_name>Maine</region_name>
    <region_name>Maryland</region_name>
    <region_name>Massachusetts</region_name>

Appendix A: XML Output from ConsolidatedRetail.com
221
    <region_name>Michigan</region_name>
    <region_name>Minnesota</region_name>
    <region_name>Mississippi</region_name>
    <region_name>Missouri</region_name>
    <region_name>Montana</region_name>
    <region_name>Nebraska</region_name>
    <region_name>Nevada</region_name>
    <region_name>New Hampshire</region_name>
    <region_name>New Jersey</region_name>
    <region_name>New Mexico</region_name>
    <region_name>New York</region_name>
    <region_name>North Carolina</region_name>
    <region_name>North Dakota</region_name>
    <region_name>Ohio</region_name>
    <region_name>Oklahoma</region_name>
    <region_name>Oregon</region_name>
    <region_name>Pennsylvania</region_name>
    <region_name>Rhode Island</region_name>
    <region_name>South Carolina</region_name>
    <region_name>South Dakota</region_name>
    <region_name>Tennessee</region_name>
    <region_name>Texas</region_name>
    <region_name>Utah</region_name>
    <region_name>Vermont</region_name>
    <region_name>Virginia</region_name>
    <region_name>Washington</region_name>
    <region_name>West Virginia</region_name>
    <region_name>Wisconsin</region_name>
    <region_name>Wyoming</region_name>
  </code_table>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

222 Reference Architecture for Commerce
EditAddressBook.pasp
The following XML is a sample of the output produced by EditAddressBook.pasp
when no address parameter is specified:
<?xml-stylesheet type="text/xsl"
server-config="EditAddressBook-Config.xml"
href="EditAddressBook-IE5.xsl"?>
<page pagename="EditAddressBook.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode/>
  <profilemenu/>
  <code_table>
    <region_name>Alabama</region_name>
    <region_name>Alaska</region_name>
    <region_name>Arizona</region_name>
    <region_name>Arkansas</region_name>
    <region_name>California</region_name>
    <region_name>Colorado</region_name>
    <region_name>Connecticut</region_name>
    <region_name>Delaware</region_name>
    <region_name>District of Columbia</region_name>
    <region_name>Florida</region_name>
    <region_name>Georgia</region_name>
    <region_name>Hawaii</region_name>
    <region_name>Idaho</region_name>
    <region_name>Illinois</region_name>
    <region_name>Indiana</region_name>
    <region_name>Iowa</region_name>
    <region_name>Kansas</region_name>
    <region_name>Kentucky</region_name>
    <region_name>Louisiana</region_name>
    <region_name>Maine</region_name>
    <region_name>Maryland</region_name>
    <region_name>Massachusetts</region_name>
    <region_name>Michigan</region_name>
    <region_name>Minnesota</region_name>
    <region_name>Mississippi</region_name>
    <region_name>Missouri</region_name>
    <region_name>Montana</region_name>
    <region_name>Nebraska</region_name>
    <region_name>Nevada</region_name>
    <region_name>New Hampshire</region_name>
    <region_name>New Jersey</region_name>
    <region_name>New Mexico</region_name>
    <region_name>New York</region_name>
    <region_name>North Carolina</region_name>
    <region_name>North Dakota</region_name>
    <region_name>Ohio</region_name>
    <region_name>Oklahoma</region_name>
    <region_name>Oregon</region_name>
    <region_name>Pennsylvania</region_name>

Appendix A: XML Output from ConsolidatedRetail.com
223
    <region_name>Rhode Island</region_name>
    <region_name>South Carolina</region_name>
    <region_name>South Dakota</region_name>
    <region_name>Tennessee</region_name>
    <region_name>Texas</region_name>
    <region_name>Utah</region_name>
    <region_name>Vermont</region_name>
    <region_name>Virginia</region_name>
    <region_name>Washington</region_name>
    <region_name>West Virginia</region_name>
    <region_name>Wisconsin</region_name>
    <region_name>Wyoming</region_name>
  </code_table>
  <notpassportuser/>
  <validate>
    <maxlengthlistedas>255</maxlengthlistedas>
    <validateitem>
      <functionname>CheckListedAs</functionname>
      <fieldname>txtListedAs</fieldname>
      <errormessage>
        Please enter a valid &apos;Listed As&apos; name.
      </errormessage>
    </validateitem>
    <maxlengthfullname>34</maxlengthfullname>
    <validateitem>
      <functionname>CheckFullName</functionname>
      <fieldname>txtAddressName</fieldname>
      <errormessage>Please enter a valid name.</errormessage>
    </validateitem>
    <maxlengthaddr1>20</maxlengthaddr1>
    <validateitem>
      <functionname>CheckAddress1</functionname>
      <fieldname>txtAddressLine1</fieldname>
      <errormessage>Please enter a valid address line 1.</errormessage>
    </validateitem>
    <maxlengthaddr2>20</maxlengthaddr2>
    <validateitem>
      <functionname>CheckAddress2</functionname>
      <fieldname>txtAddressLine2</fieldname>
      <errormessage>Please enter a valid address line 2.</errormessage>
    </validateitem>
    <maxlengthcity>22</maxlengthcity>
    <validateitem>
      <functionname>CheckCity</functionname>
      <fieldname>txtCity</fieldname>
      <errormessage>Please enter a valid city.</errormessage>
    </validateitem>
    <validateitem>
      <functionname>CheckState</functionname>
      <fieldname>txtRegionName</fieldname>
      <errormessage>Please select a state.</errormessage>
    </validateitem>
    <maxlengthzipcode>14</maxlengthzipcode>

224 Reference Architecture for Commerce
    <validateitem>
      <functionname>CheckZipCode</functionname>
      <fieldname>txtPostalCode</fieldname>
      <errormessage>Please enter a valid zip code.</errormessage>
    </validateitem>
    <maxlengthphonefax>14</maxlengthphonefax>
    <validateitem>
      <functionname>CheckPhoneFaxNumber</functionname>
      <fieldname>txtPhoneNumber</fieldname>
      <errormessage>Please enter a valid phone number.</errormessage>
    </validateitem>
  </validate>
  <addresstype>Shipping</addresstype>
  <billing_address_id/>
  <add_billing/>
  <isbilling>1</isbilling>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
The following XML is a sample of the output produced by EditAddressBook.pasp
when an address parameter is specified:
<?xml-stylesheet type="text/xsl"
server-config="EditAddressBook-Config.xml"
href="EditAddressBook-IE5.xsl"?>
<page pagename="EditAddressBook.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode>AddressBook.pasp</pagemode>
  <profilemenu/>
  <code_table>
    <region_name>Alabama</region_name>
    <region_name>Alaska</region_name>
    <region_name>Arizona</region_name>
    <region_name>Arkansas</region_name>
    <region_name>California</region_name>
    <region_name>Colorado</region_name>
    <region_name>Connecticut</region_name>
    <region_name>Delaware</region_name>
    <region_name>District of Columbia</region_name>
    <region_name>Florida</region_name>

Appendix A: XML Output from ConsolidatedRetail.com
225
    <region_name>Georgia</region_name>
    <region_name>Hawaii</region_name>
    <region_name>Idaho</region_name>
    <region_name>Illinois</region_name>
    <region_name>Indiana</region_name>
    <region_name>Iowa</region_name>
    <region_name>Kansas</region_name>
    <region_name>Kentucky</region_name>
    <region_name>Louisiana</region_name>
    <region_name>Maine</region_name>
    <region_name>Maryland</region_name>
    <region_name>Massachusetts</region_name>
    <region_name>Michigan</region_name>
    <region_name>Minnesota</region_name>
    <region_name>Mississippi</region_name>
    <region_name>Missouri</region_name>
    <region_name>Montana</region_name>
    <region_name>Nebraska</region_name>
    <region_name>Nevada</region_name>
    <region_name>New Hampshire</region_name>
    <region_name>New Jersey</region_name>
    <region_name>New Mexico</region_name>
    <region_name>New York</region_name>
    <region_name>North Carolina</region_name>
    <region_name>North Dakota</region_name>
    <region_name>Ohio</region_name>
    <region_name>Oklahoma</region_name>
    <region_name>Oregon</region_name>
    <region_name>Pennsylvania</region_name>
    <region_name>Rhode Island</region_name>
    <region_name>South Carolina</region_name>
    <region_name>South Dakota</region_name>
    <region_name>Tennessee</region_name>
    <region_name>Texas</region_name>
    <region_name>Utah</region_name>
    <region_name>Vermont</region_name>
    <region_name>Virginia</region_name>
    <region_name>Washington</region_name>
    <region_name>West Virginia</region_name>
    <region_name>Wisconsin</region_name>
    <region_name>Wyoming</region_name>
  </code_table>
  <notpassportuser/>
  <validate>
    <maxlengthlistedas>255</maxlengthlistedas>
    <validateitem>
      <functionname>CheckListedAs</functionname>
      <fieldname>txtListedAs</fieldname>
      <errormessage>
        Please enter a valid &apos;Listed As&apos; name.
      </errormessage>
    </validateitem>
    <maxlengthfullname>34</maxlengthfullname>

226 Reference Architecture for Commerce
    <validateitem>
      <functionname>CheckFullName</functionname>
      <fieldname>txtAddressName</fieldname>
      <errormessage>Please enter a valid name.</errormessage>
    </validateitem>
    <maxlengthaddr1>20</maxlengthaddr1>
    <validateitem>
      <functionname>CheckAddress1</functionname>
      <fieldname>txtAddressLine1</fieldname>
      <errormessage>Please enter a valid address line 1.</errormessage>
    </validateitem>
    <maxlengthaddr2>20</maxlengthaddr2>
    <validateitem>
      <functionname>CheckAddress2</functionname>
      <fieldname>txtAddressLine2</fieldname>
      <errormessage>Please enter a valid address line 2.</errormessage>
    </validateitem>
    <maxlengthcity>22</maxlengthcity>
    <validateitem>
      <functionname>CheckCity</functionname>
      <fieldname>txtCity</fieldname>
      <errormessage>Please enter a valid city.</errormessage>
    </validateitem>
    <validateitem>
      <functionname>CheckState</functionname>
      <fieldname>txtRegionName</fieldname>
      <errormessage>Please select a state.</errormessage>
    </validateitem>
    <maxlengthzipcode>14</maxlengthzipcode>
    <validateitem>
      <functionname>CheckZipCode</functionname>
      <fieldname>txtPostalCode</fieldname>
      <errormessage>Please enter a valid zip code.</errormessage>
    </validateitem>
    <maxlengthphonefax>14</maxlengthphonefax>
    <validateitem>
      <functionname>CheckPhoneFaxNumber</functionname>
      <fieldname>txtPhoneNumber</fieldname>
      <errormessage>Please enter a valid phone number.</errormessage>
    </validateitem>
  </validate>
  <addresstype>Shipping</addresstype>
  <billing_address_id>
      {14505FF4-8B94-4102-9745-0AD40CC2010B}
  </billing_address_id>
  <add_billing/>
  <address>
    <generalinfo>
      <address_id>{CDBD249A-3D16-4952-A2CC-947EA9D6985B}</address_id>
      <address_type>1</address_type>
      <address_name>Kim Abercrombie</address_name>
      <description>Home</description>
      <address_line1>My House</address_line1>

Appendix A: XML Output from ConsolidatedRetail.com
227
      <address_line2/>
      <city>Redmond</city>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
      <tel_number>019182782</tel_number>
      <tel_extension/>
      <isbilling>1</isbilling>
    </generalinfo>
  </address>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
EditCreditCard.pasp
The following XML is a sample of the output produced by EditCreditCard.pasp
before a user submits revised credit card information for his or her profile:
<?xml-stylesheet type="text/xsl"
server-config="EditCreditCard-Config.xml"
href="EditCreditCard-IE5.xsl"?>
<page pagename="EditCreditCard.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode/>
  <strbilladdrid/>
  <profilemenu/>
  <creditcard>
    <generalinfo>
    <ccid>{CDF383A4-7932-4674-867A-085F7B6E181A}</ccid>
    <user_id>{E246BE62-8937-4CF2-A312-178DEC172A5F}</user_id>
    <ccname>Kim Abercrombie</ccname>
    <ccnumber>xxxxxxxxxxxxxxx5231</ccnumber>
    <cctype>Visa</cctype>
    <ccexpmonth>01</ccexpmonth>
    <ccexpyear>2002</ccexpyear>
    <ccnickname>Personal</ccnickname>
  </generalinfo>
  </creditcard>
  <donotshowcreditcard/>

228 Reference Architecture for Commerce
  <code_table>
    <payment_method>
      <payment_method_id>visa</payment_method_id>
      <payment_method_name>Visa</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>mastercard</payment_method_id>
      <payment_method_name>MasterCard</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>amex</payment_method_id>
      <payment_method_name>American Express</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>discover</payment_method_id>
      <payment_method_name>Discover</payment_method_name>
    </payment_method>
    <month>
      <month_id>01</month_id>
      <month_name>January</month_name>
    </month>
    <month>
      <month_id>02</month_id>
      <month_name>February</month_name>
    </month>
    <month>
      <month_id>03</month_id>
      <month_name>March</month_name>
    </month>
    <month>
      <month_id>04</month_id>
      <month_name>April</month_name>
    </month>
    <month>
      <month_id>05</month_id>
      <month_name>May</month_name>
    </month>
    <month>
      <month_id>06</month_id>
      <month_name>June</month_name>
    </month>
    <month>
      <month_id>07</month_id>
      <month_name>July</month_name>
    </month>
    <month>
      <month_id>08</month_id>
      <month_name>August</month_name>
    </month>
    <month>
      <month_id>09</month_id>
      <month_name>September</month_name>
    </month>

Appendix A: XML Output from ConsolidatedRetail.com
229
    <month>
      <month_id>10</month_id>
      <month_name>October</month_name>
    </month>
    <month>
      <month_id>11</month_id>
      <month_name>November</month_name>
    </month>
    <month>
      <month_id>12</month_id>
      <month_name>December</month_name>
    </month>
    <year>2001</year>
    <year>2002</year>
    <year>2003</year>
    <year>2004</year>
    <year>2005</year>
    <year>2006</year>
  </code_table>
  <validate>
    <maxlengthlistedas>255</maxlengthlistedas>
    <validateitem>
      <functionname>CheckListedAs</functionname>
      <fieldname>txtCCNickName</fieldname>
      <errormessage>
        Please enter a valid &apos;Listed As&apos; name.
      </errormessage>
    </validateitem>
    <maxlengthfullname>34</maxlengthfullname>
    <validateitem>
      <functionname>CheckFullName</functionname>
      <fieldname>txtCCName</fieldname>
      <errormessage>Please enter a valid card name.</errormessage>
    </validateitem>
  </validate>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page

230 Reference Architecture for Commerce
The following XML is a sample of the output produced by EditCreditCard.pasp for
a modified credit card entry:
<?xml-stylesheet type="text/xsl"
server-config="EditCreditCard-Config.xml"
href="EditCreditCard-IE5.xsl"?>
<page pagename="EditCreditCard.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode/>
  <strbilladdrid/>
  <profilemenu/>
  <creditcard>
    <generalinfo>
      <ccid>{CDF383A4-7932-4674-867A-085F7B6E181A}</ccid>
      <user_id>{E246BE62-8937-4CF2-A312-178DEC172A5F}</user_id>
      <ccname>Kim Abercrombie</ccname>
      <ccnumber>xxxxxxxxxxxxxxx5231</ccnumber>
      <cctype>Visa</cctype>
      <ccexpmonth>06</ccexpmonth>
      <ccexpyear>2002</ccexpyear>
      <ccnickname>Personal</ccnickname>
    </generalinfo>
  </creditcard>
  <donotshowcreditcard/>
  <code_table>
    <payment_method>
      <payment_method_id>visa</payment_method_id>
      <payment_method_name>Visa</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>mastercard</payment_method_id>
      <payment_method_name>MasterCard</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>amex</payment_method_id>
      <payment_method_name>American Express</payment_method_name>
    </payment_method>
    <payment_method>
      <payment_method_id>discover</payment_method_id>
      <payment_method_name>Discover</payment_method_name>
    </payment_method>
    <month>
      <month_id>01</month_id>
      <month_name>January</month_name>
    </month>
    <month>
      <month_id>02</month_id>
      <month_name>February</month_name>
    </month>
    <month>
      <month_id>03</month_id>
      <month_name>March</month_name>
    </month>

Appendix A: XML Output from ConsolidatedRetail.com
231
    <month>
      <month_id>04</month_id>
      <month_name>April</month_name>
    </month>
    <month>
      <month_id>05</month_id>
      <month_name>May</month_name>
    </month>
    <month>
      <month_id>06</month_id>
      <month_name>June</month_name>
    </month>
    <month>
      <month_id>07</month_id>
      <month_name>July</month_name>
    </month>
    <month>
      <month_id>08</month_id>
      <month_name>August</month_name>
    </month>
    <month>
      <month_id>09</month_id>
      <month_name>September</month_name>
    </month>
    <month>
      <month_id>10</month_id>
      <month_name>October</month_name>
    </month>
    <month>
      <month_id>11</month_id>
      <month_name>November</month_name>
    </month>
    <month>
      <month_id>12</month_id>
      <month_name>December</month_name>
    </month>
    <year>2001</year>
    <year>2002</year>
    <year>2003</year>
    <year>2004</year>
    <year>2005</year>
    <year>2006</year>
  </code_table>
  <validate><maxlengthlistedas>255</maxlengthlistedas>
    <validateitem>
      <functionname>CheckListedAs</functionname>
      <fieldname>txtCCNickName</fieldname>
      <errormessage>
        Please enter a valid &apos;Listed As&apos; name.
      </errormessage>
    </validateitem>
    <maxlengthfullname>34</maxlengthfullname>
    <validateitem>

232 Reference Architecture for Commerce
      <functionname>CheckFullName</functionname>
      <fieldname>txtCCName</fieldname>
      <errormessage>Please enter a valid card name.</errormessage>
    </validateitem>
  </validate>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
ForgotPasswd.pasp
The following XML is a sample of the output produced by ForgotPasswd.pasp:
<?xml-stylesheet type="text/xsl"
server-config="ForgotPasswd-Config.xml"
href="ForgotPasswd-IE5.xsl"?>
<page pagename="ForgotPasswd.pasp">
  <httphost>localhost%3A81</httphost>
  <mspassport>
    <anchor>a</anchor>
    <url>
        http://current-login.passporttest.com/login.asp?
        id=1&amp;ru=http%3A%2F%2Flocalhost%3A81%
        2F%5FProcessPassportLogin%2Easp&amp;tw=3600&amp;fs=1&amp;kv=1&amp;
        ct=1002587591&amp;cb=0&amp;ems=1&amp;ver=1.990.1052.1&amp;C=1
    </url>
    <passportimage>
      <image>img</image>
      <source>http://current-www.passportimages.org/signin.gif</source>
      <width>66</width>
      <height>19</height>
      <border>0</border>
      <class>PassportSignIn</class>
    </passportimage>
  </mspassport>
  <validate>
    <maxlengthusername>255</maxlengthusername>
    <validateitem>
      <functionname>CheckUserName</functionname>

Appendix A: XML Output from ConsolidatedRetail.com
233
      <fieldname>txtUserName</fieldname>
      <errormessage>Please enter a valid user name.</errormessage>
    </validateitem>
  </validate>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile/>
  <exceptions></exceptions>
</page>
Index.pasp
The following XML is a sample of the output produced by Index.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Index-Config.xml"
href="Index-IE5.xsl"?>
<page pagename="Index.pasp">
  <httphost>localhost%3A81</httphost>
  <advertising/>
  <name></name>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

234 Reference Architecture for Commerce
ListBase.pasp
The following XML is a sample of the output produced as the common code base
for the Save for Later, Shopping List, and Public List pages (the basket pages):
<?xml-stylesheet type="text/xsl"
server-config="lists-Config.xml"
href="lists-IE5.xsl"?>
<page pagename="lists.pasp">
  <httphost>localhost%3A81</httphost>
  <listsmenu/>
  <lists>
    <list>
      <name>Booklist</name>
      <list_public>True</list_public>
    </list>
    <list>
      <name>Kim&apos;s Game</name>
      <list_public>False</list_public>
    </list>
  </lists>
  <listname>Booklist</listname>
  <same_owner/>
  <saved_order_public>True</saved_order_public>
  <totallineitems>4</totallineitems>
  <orderform orderform_id="{AED2152F-B768-4558-AA6B-77C59A01E36D}">
    <Items
      quantity="1"
      product_id=
        "Microsoft Mastering: eCommerce Development: Business to Consumer"
      product_catalog="Books"
      product_category=""
      d_DateCreated="10/8/2001 5:38:31 PM"
      lineitem_uid="{2362784E-0FF2-4543-BB31-DEF2A7D33008}"
      _product_Name=
        "Microsoft Mastering: eCommerce Development: Business to Consumer"
      _cy_oadjust_adjustedprice="0"/>
    <Items
      quantity="1"
      product_id="Quick Course in Microsoft Access 2000"
      product_catalog="Books" product_category=""
      d_DateCreated="10/8/2001 5:40:51 PM"
      lineitem_uid="{CED8AABF-FDBF-4663-9070-04E567AC1A91}"
      _product_Name="Quick Course in Microsoft Access 2000"
      _cy_oadjust_adjustedprice="0"/>
    <Items
      quantity="1"
      product_id="Programming Microsoft Access 2000"
      product_catalog="Books"
      product_category=""
      d_DateCreated="10/8/2001 5:41:31 PM"
      lineitem_uid="{03FDA15D-4E62-41C4-A27D-2CF89199DA00}"

Appendix A: XML Output from ConsolidatedRetail.com
235
      _product_Name="Programming Microsoft Access 2000"
      _cy_oadjust_adjustedprice="0"/>
    <Items
      quantity="1"
      product_id="Programming Microsoft Internet Explorer 5"
      product_catalog="Books"
      product_category=""
      d_DateCreated="10/8/2001 5:42:45 PM"
      lineitem_uid="{990E64ED-AAF1-4BB6-8437-4FD7456014A1}"
      _product_Name="Programming Microsoft Internet Explorer 5"
      _cy_oadjust_adjustedprice="0"/>
  </orderform>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
ListSearch.pasp
The following XML is a sample of the output produced when a user chooses to
search for another user’s public shopping list:
<?xml-stylesheet type="text/xsl"
server-config="ListSearch-Config.xml"
href="ListSearch-IE5.xsl"?>
<page pagename="ListSearch.pasp">
  <httphost>localhost%3A81</httphost>
  <mspassport>
    <anchor>a</anchor>
    <url>
        http://current-login.passporttest.com/login.asp?
        id=1&amp;ru=http%3A%2F%2Flocalhost%3A81%
        2F%5FProcessPassportLogin%2Easp&amp;tw=3600&amp;fs=1&amp;kv=1&amp;
        ct=1002591087&amp;cb=0&amp;ems=1&amp;ver=1.990.1052.1&amp;C=1
    </url>
    <passportimage>
      <image>img</image>
      <source>http://current-www.passportimages.org/signin.gif</source>
      <width>66</width>
      <height>19</height>

236 Reference Architecture for Commerce
      <border>0</border>
      <class>PassportSignIn</class>
    </passportimage>
  </mspassport>
  <displaysearchresults/>
  <searchcriteria>
    <email/>
    <logon/>
    <listname>my</listname>
  </searchcriteria>
  <searchresults>
    <recordsfound>2</recordsfound>
    <record>
      <display_name>john</display_name>
      <logon>public_user</logon>
      <listid>{3AFD0281-5BCD-46DA-B118-69A0186BDD47}</listid>
      <listname>MyBooks</listname>
    </record>
    <record>
      <display_name>Mary</display_name>
      <logon>public_user</logon>
      <listid>{748B9FAD-3210-4F90-A222-C8748038B457}</listid>
      <listname>MyList</listname>
    </record>
  </searchresults>
  <advertising/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile/>
  <exceptions></exceptions>
</page>
Login.pasp
The following XML is a sample of the output produced when a registered user
logs on:
<?xml-stylesheet type="text/xsl"
server-config="Login-Config.xml"
href="Login-IE5.xsl"?>
<page pagename="Login.pasp">

Appendix A: XML Output from ConsolidatedRetail.com
237
  <httphost>localhost%3A81</httphost>
  <mspassport><anchor>a</anchor>
    <url>
        http://current-login.passporttest.com/login.asp?
        id=1&amp;ru=http%3A%2F%2Flocalhost%3A81%
        2F%5FProcessPassportLogin%2Easp&amp;tw=3600&amp;fs=1&amp;kv=1&amp;
        ct=1002582678&amp;cb=0&amp;ems=1&amp;ver=1.990.1052.1&amp;C=1
    </url>
    <passportimage>
      <image>img</image>
      <source>http://current-www.passportimages.org/signin.gif</source>
      <width>66</width>
      <height>19</height>
      <border>0</border>
      <class>PassportSignIn</class>
    </passportimage>
  </mspassport>
  <validate>
    <maxlengthusername>255</maxlengthusername>
    <validateitem>
      <functionname>CheckUserName</functionname>
      <fieldname>txtUserName</fieldname>
      <errormessage>Please enter a valid user name.</errormessage>
    </validateitem>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtPassword</fieldname>
      <errormessage>
        Invalid password. Note that password is case-sensitive.
      </errormessage>
    </validateitem>
  </validate>
  <advertising/>
  <pagemode/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile/>
  <exceptions></exceptions>
</page>

238 Reference Architecture for Commerce
MultiShipping.pasp
The following XML is a sample of the output produced by MultiShipping.pasp:
<?xml-stylesheet type="text/xsl"
server-config="MultiShipping-Config.xml"
href="MultiShipping-IE5.xsl"?>
<page pagename="MultiShipping.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode>MultiShipping.pasp</pagemode>
  <addresses>
    <address>
      <address_id>{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}</address_id>
      <address_name>Kim Abercrombie</address_name>
      <address_line1>1 Microsoft Way</address_line1>
      <address_line2/>
      <city>Redmond</city>
      <region_code>Washington</region_code>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
    </address>
    <address>
      <address_id>{CDBD249A-3D16-4952-A2CC-947EA9D6985B}</address_id>
      <address_name>Kim Abercrombie</address_name>
      <address_line1>My House</address_line1>
      <address_line2/>
      <city>Redmond</city>
      <region_code>Washington</region_code>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
    </address>
  </addresses>
  <orderform
      orderform_id="{B8B9F717-FCEB-4DE3-8865-FF9168690A98}"
      saved_cy_oadjust_subtotal="74.95">
    <Addresses
        address_name="Kim Abercrombie"
        address_line1="1 Microsoft Way" city="Redmond" region_code="WA"
        postal_code="12345" country_code="US" description="Office"
        AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
    <Addresses
        address_name="Kim Abercrombie" address_line1="My House" city="Redmond"
        region_code="WA" postal_code="12345" country_code="US" description="Home"
        AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
    <Items
        quantity="1" product_id="651" product_catalog="Hardware"
        product_category="Featured Products" description="Coming Soon"
        d_DateCreated="10/8/2001 5:06:03 PM" cy_lineitem_total="74.95"
        cy_unit_price="74.95"
        lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
        orig_lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
        _product_Name="Microsoft® SideWinder® Freestyle Pro"
        _cy_oadjust_adjustedprice="74.95"
        _cy_oadjust_discount="0"/>

Appendix A: XML Output from ConsolidatedRetail.com
239
  </orderform>
  <code_table>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-005211009179}
      </shipping_method_id>
      <shipping_method_name>Express</shipping_method_name>
    </shipping_method>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-007390007575}
      </shipping_method_id>
      <shipping_method_name>Standard</shipping_method_name>
    </shipping_method>
  </code_table>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
OrderHistory.pasp
The following XML is a sample of the output produced by OrderHistory.pasp:
<?xml-stylesheet type="text/xsl"
server-config="OrderHistory-Config.xml"
href="OrderHistory-IE5.xsl"?>
<page pagename="OrderHistory.pasp">
  <httphost>localhost%3A81</httphost>
  <profilemenu/>
  <history>
    <order>
      <item>
        <ordergroup_id>
          {EDBBF5E4-9524-45A8-BAA2-CFB6CD40028A}
        </ordergroup_id>
        <order_status_code>4</order_status_code>
        <orderstatusname>In Progress</orderstatusname>
        <order_number>29598</order_number>
        <saved_cy_total_total>107.45</saved_cy_total_total>
        <d_datelastchanged>10/8/2001 6:16:18 PM</d_datelastchanged>
      </item>
    </order>

240 Reference Architecture for Commerce
  </history>
  <notpassportuser/>
    <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
OrderHistoryDetail.pasp
The following XML is a sample of the output produced by OrderHistoryDetail.pasp:
<?xml-stylesheet type="text/xsl"
server-config="OrderHistoryDetail-Config.xml"
href="OrderHistoryDetail-IE5.xsl"?>
<page pagename="OrderHistoryDetail.pasp">
  <httphost>localhost%3A81</httphost>
  <orderform
      orderform_id="{254416D6-82FD-45EF-B56D-19866D15615D}"
      order_status_desc="In Progress"
      payment_method="credit_card"
      billing_address_id="{14505FF4-8B94-4102-9745-0AD40CC2010B}"
      saved_cy_oadjust_subtotal="74.95"
      saved_cy_total_total="107.45"
      cc_name="Visa"
      cc_expyear="2002"
      cc_expmonth="06"
      cc_number="xxxxxxxxxxxxxxx5231"
      cc_id="{CDF383A4-7932-4674-867A-085F7B6E181A}"
      user_email_address="kim@somecompany.com"
      cc_Account_Holder="Kim Abercrombie"
      cy_tax_total="7.5"
      cy_shipping_total="25">
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="1 Microsoft Way"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"

Appendix A: XML Output from ConsolidatedRetail.com
241
      description="Office"
      AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Home"
      AddressesDictKey="{14505FF4-8B94-4102-9745-0AD40CC2010B}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Home"
      AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
    <Items
      quantity="1"
      product_id="651"
      product_Name="Microsoft® SideWinder® Freestyle Pro"
      product_catalog="Hardware"
      product_category="Featured Products"
      description="Coming Soon"
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      shipping_method_name="Express"
      d_DateCreated="10/8/2001 5:06:03 PM"
      cy_lineitem_total="74.95"
      cy_unit_price="74.95"
      lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"/>
    <shipments
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"/>
  </orderform>
  <profilemenu/>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

242 Reference Architecture for Commerce
OrderSummary.pasp
The following XML is a sample of the output produced by OrderSummary.pasp:
<?xml-stylesheet type="text/xsl"
server-config="OrderSummary-Config.xml"
href="OrderSummary-IE5.xsl"?>
<page pagename="OrderSummary.pasp">
  <httphost>localhost%3A81</httphost>
  <verify_with_total>107.45</verify_with_total>
  <orderform
      orderform_id="{B8B9F717-FCEB-4DE3-8865-FF9168690A98}"
      payment_method="credit_card"
      billing_address_id="{14505FF4-8B94-4102-9745-0AD40CC2010B}"
      saved_cy_oadjust_subtotal="74.95"
      saved_cy_total_total="107.45"
      cc_name="Visa"
      cc_expyear="2002"
      cc_expmonth="06"
      cc_number="xxxxxxxxxxxxxxx5231"
      cc_id="{CDF383A4-7932-4674-867A-085F7B6E181A}"
      _cy_shipping_total="25"
      _cy_tax_total="7.5"
      user_email_address="kim@somecompany.com"
      cc_Account_Holder="Kim
      Abercrombie" cy_tax_total="7.5"
      cy_shipping_total="25">
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="1 Microsoft Way"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Office"
      AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Home"
      AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"

Appendix A: XML Output from ConsolidatedRetail.com
243
      description="Home"
      AddressesDictKey="{14505FF4-8B94-4102-9745-0AD40CC2010B}"/>
    <Items
      quantity="1"
      product_id="651"
      product_Name="Microsoft® SideWinder® Freestyle Pro"
      product_catalog="Hardware"
      product_category="Featured Products"
      description="Coming Soon"
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      shipping_method_name="quantity"
      d_DateCreated="10/8/2001 5:06:03 PM"
      cy_lineitem_total="74.95"
      cy_unit_price="74.95"
      lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
      _product_Name="Microsoft® SideWinder® Freestyle Pro"
      _cy_oadjust_adjustedprice="74.95"
      _cy_oadjust_discount="0"/>
    <shipments
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      _cy_shipping_total="25"/>
  </orderform>
  <shipping_methods>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-005211009179}
      </shipping_method_id>
      <shipping_method_name>Express</shipping_method_name>
    </shipping_method>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-007390007575}
      </shipping_method_id>
      <shipping_method_name>Standard</shipping_method_name>
    </shipping_method>
  </shipping_methods>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

244 Reference Architecture for Commerce
Payment.pasp
The following XML is a sample of the output produced by Payment.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Payment-Config.xml"
href="Payment-IE5.xsl"?>
<page pagename="Payment.pasp">
  <httphost>localhost%3A81</httphost>
  <advertising/>
  <billingaddressstatus>
    {14505FF4-8B94-4102-9745-0AD40CC2010B}
  </billingaddressstatus>
  <creditcards>
    <creditcard>
      <ccname>Kim Abercrombie</ccname>
      <ccnumber>xxxxxxxxxxxxxxx5231</ccnumber>
      <ccexpmonth>06</ccexpmonth>
      <ccexpyear>2002</ccexpyear>
      <ccnickname>Personal</ccnickname>
      <cctype>Visa</cctype>
    </creditcard>
  </creditcards>
  <orderform
      orderform_id="{B8B9F717-FCEB-4DE3-8865-FF9168690A98}"
      billing_address_id="{14505FF4-8B94-4102-9745-0AD40CC2010B}"
      saved_cy_oadjust_subtotal="74.95"
      saved_cy_total_total="107.45"
      _cy_shipping_total="25"
      _cy_tax_total="7.5"
      cy_tax_total="7.5"
      cy_shipping_total="25">
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="1 Microsoft Way"
      city="Redmond" region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Office"
      AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Home"
      AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"

Appendix A: XML Output from ConsolidatedRetail.com
245
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      description="Home"
      AddressesDictKey="{14505FF4-8B94-4102-9745-0AD40CC2010B}"/>
    <Items
      quantity="1"
      product_id="651"
      product_Name="Microsoft® SideWinder® Freestyle Pro"
      product_catalog="Hardware"
      product_category="Featured Products"
      description="Coming Soon"
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      shipping_method_name="quantity"
      d_DateCreated="10/8/2001 5:06:03 PM"
      cy_lineitem_total="74.95"
      cy_unit_price="74.95"
      lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
      _product_Name="Microsoft® SideWinder® Freestyle Pro"
      _cy_oadjust_adjustedprice="74.95"
      _cy_oadjust_discount="0"/>
    <shipments
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      _cy_shipping_total="25"/>
  </orderform>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

246 Reference Architecture for Commerce
Product.pasp
The following XML is a sample of the output produced by Product.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Product-Config.xml"
href="Product-IE5.xsl"?>
<page pagename="Product.pasp">
  <httphost>localhost%3A81</httphost>
  <advancedsearch>
    <advcatalogname>Books</advcatalogname>
    <advcategoryname/>
  </advancedsearch>
  <searchscope>Books</searchscope>
  <advertising/>
  <categoryname/>
  <getproduct>
    <product>
      <catalogname>Books</catalogname>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <cy_list_price displayname="Price">27.99</cy_list_price>
      <cy_list_priceurl>27%2E99</cy_list_priceurl>
      <originalprice displayname="Your Price">27.99</originalprice>
      <originalpriceurl>27%2E99</originalpriceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <productid>Code</productid>
      <productidurl>Code</productidurl>
      <variantid/>
      <variantidurl/>
      <author displayname="Author">Charles  Petzold</author>
      <authorurl>Charles++Petzold</authorurl>
      <description>
        Using common household objects and familiar language systems such
        as Morse code and Braille, CODE reveals the secret inner life
        of computers and other smart machines.
      </description>
      <descriptionurl>
        Using+common+household+objects+and+familiar+language+systems
        +such+as+Morse+code+and+Braille%2C+CODE+reveals+the+secret+inner+life
        +of+computers+and+other+smart+machines%2E
      </descriptionurl>
      <image_filename>boxshots/press/2352.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F2352%2Egif</image_filenameurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <isbn displayname="ISBN">0-7356-0505-X</isbn>
      <isbnurl>0%2D7356%2D0505%2DX</isbnurl>
      <name displayname="Name">Code</name>
      <nameurl>Code</nameurl>
      <pagecount displayname="No. Pages">400</pagecount>

Appendix A: XML Output from ConsolidatedRetail.com
247
      <pagecounturl>400</pagecounturl>
      <producturl displayname="Product Info. Url">
        a href=http://mspress.microsoft.com/prod/books/2352.htm  target =_a
        http://mspress.microsoft.com/prod/books/2352.htm /a
      </producturl>
      <producturlurl>
        a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fpro
        d%2Fbooks%2F2352%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
        2Emicrosoft%2Ecom%2Fprod%2Fbooks%2F2352%2Ehtm+%2Fa
      </producturlurl>
      <publication_year displayname="Year published">1999</publication_year>
      <publication_yearurl>1999</publication_yearurl>
      <publisher displayname="Publisher">Microsoft Press</publisher>
      <publisherurl>Microsoft+Press</publisherurl>
      <reading_level displayname="Reading Level:">All Levels</reading_level>
      <reading_levelurl>All+Levels</reading_levelurl>
      <title displayname="Title">Code</title>
      <titleurl>Code</titleurl>
      <variants><variantname>ISBN</variantname>
        <varcount>0</varcount>
      </variants>
    </product>
  </getproduct>
  <relatedproducts/>
  <relatedcategories/>
  <parentcategories>
    <parentcategory>
      <catalogname>Books</catalogname>
      <categoryname>Business Reference</categoryname>
    </parentcategory>
    <parentcategory>
      <catalogname>Books</catalogname>
      <categoryname>Education Reference</categoryname>
    </parentcategory>
    <parentcategory>
      <catalogname>Books</catalogname>
      <categoryname>Programming Languages</categoryname>
    </parentcategory>
    <selectiontitle>Browse Categories:</selectiontitle>
  </parentcategories>
  <productid>Code</productid>
  <showlists/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

248 Reference Architecture for Commerce
Registration.pasp
The following XML is a sample of the output produced by Registration.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Registration-Config.xml"
href="Registration-IE5.xsl"?>
<page pagename="Registration.pasp">
  <httphost>localhost%3A81</httphost>
  <mspassport>
    <anchor>a</anchor>
    <url>
        http://current-login.passporttest.com/login.asp?
        id=1&amp;ru=http%3A%2F%2Flocalhost%3A81%
        2F%5FProcessPassportLogin%2Easp&amp;tw=3600&amp;fs=1&amp;kv=1&amp;
        ct=1002582742&amp;cb=0&amp;ems=1&amp;ver=1.990.1052.1&amp;C=1
    </url>
    <passportimage>
      <image>img</image>
      <source>http://current-www.passportimages.org/signin.gif</source>
      <width>66</width>
      <height>19</height>
      <border>0</border>
      <class>PassportSignIn</class>
    </passportimage>
  </mspassport>
  <advertising/>
  <validate>
    <maxlengthusername>255</maxlengthusername>
    <validateitem>
      <functionname>CheckUserName</functionname>
      <fieldname>txtLogonName</fieldname>
      <errormessage>Please enter a valid user name.</errormessage>
    </validateitem>
    <maxlengthemail>40</maxlengthemail>
    <validateitem>
      <functionname>CheckEmail</functionname>
      <fieldname>txtEmailAddress</fieldname>
      <errormessage>Please enter a valid email address.</errormessage>
    </validateitem>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtUserSecurityPassword</fieldname>
      <errormessage>Please enter a password.</errormessage>
    </validateitem>
    <maxlengthpassword>255</maxlengthpassword>
    <validateitem>
      <functionname>CheckPassword</functionname>
      <fieldname>txtConfirmPassword</fieldname>
      <errormessage>Please confirm the new password.</errormessage>
    </validateitem>

Appendix A: XML Output from ConsolidatedRetail.com
249
  </validate>
  <pagemode></pagemode>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile/>
  <exceptions></exceptions>
</page>
SearchResults.pasp
The following XML is a sample of the output produced by SearchResults.pasp when
searching for “age” in the Books category:
<?xml-stylesheet type="text/xsl"
server-config="SearchResults-Config.xml"
href="SearchResults-IE5.xsl"?>
<page pagename="SearchResults.pasp">
  <httphost>localhost%3A81</httphost>
  <mspassport>
    <anchor>a</anchor>
    <url>
        http://current-login.passporttest.com/login.asp?
        id=1&amp;ru=http%3A%2F%2Flocalhost%3A81%
        2F%5FProcessPassportLogin%2Easp&amp;tw=3600&amp;fs=1&amp;kv=1&amp;
        ct=1002584868&amp;cb=0&amp;ems=1&amp;ver=1.990.1052.1&amp;C=1
    </url>
    <passportimage>
      <image>img</image>
      <source>http://current-www.passportimages.org/signin.gif</source>
      <width>66</width>
      <height>19</height>
      <border>0</border>
      <class>PassportSignIn</class>
    </passportimage>
  </mspassport>
  <advertising/>
  <searchscope>Books</searchscope>
  <searchstring>Age</searchstring>
  <searchcount>4</searchcount>
  <searchrowstoreturn>10</searchrowstoreturn>
  <searchstartpos>1</searchstartpos>

250 Reference Architecture for Commerce
  <searchresults>
    <product>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <originalprice displayname="Your Price">16.99</originalprice>
      <originalpriceurl>16%2E99</originalpriceurl>
      <cy_list_price displayname="Price">16.99</cy_list_price>
      <cy_list_priceurl>16%2E99</cy_list_priceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <productid>
        Microsoft Age of Empires: Inside Moves, Revised and Expanded Edition
      </productid>
      <productidurl>
        Microsoft+Age+of+Empires%3A+Inside+Moves%2C+Revised+and+Expanded+Edition
      </productidurl>
      <description>
        MICROSOFT AGE OF EMPIRES: INSIDE MOVES, REVISED AND
        EXPANDED EDITION, shows you how to deploy winning strategies
        and inside hints and tips when playing Age of Empires.
        The bestselling first edition of Microsoft Age of Empires:
        Inside Moves (Microsoft Press, 1997) has been fully updated
        to cover Age of Empires patches and the brand-new
        Age of Empires Expansion Pack quotRise of Rome.quot
      </description>
      <descriptionurl>
        MICROSOFT+AGE+OF+EMPIRES%3A+INSIDE+MOVES%2C+REVISED
        +AND+EXPANDED+EDITION%2C+shows+you+how+to+deploy+winning
        +strategies+and+inside+hints+and+tips+when+playing+Age+of
        +Empires%2E+The+bestselling+first+edition+of+Microsoft+Age
        +of+Empires%3A+Inside+Moves+%28Microsoft+Press%2C+1997%29
        +has+been+fully+updated+to+cover+Age+of+Empires+patches
        +and+the+brand%2Dnew+Age+of+Empires+Expansion+Pack
        +quotRise+of+Rome%2Equot
      </descriptionurl>
      <image_filename>boxshots/press/2470.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F2470%2Egif</image_filenameurl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <name displayname="Name">
        Microsoft Age of Empires: Inside Moves, Revised and Expanded Edition
      </name>
      <nameurl>
        Microsoft+Age+of+Empires%3A+Inside+Moves%2C+Revised+and+Expanded+Edition
      </nameurl>
    </product>
    <product>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>

Appendix A: XML Output from ConsolidatedRetail.com
251
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <originalprice displayname="Your Price">29.99</originalprice>
      <originalpriceurl>29%2E99</originalpriceurl>
      <cy_list_price displayname="Price">29.99</cy_list_price>
      <cy_list_priceurl>29%2E99</cy_list_priceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <productid>Grown-Ups Guide to Computing</productid>
      <productidurl>Grown%2DUps+Guide+to+Computing</productidurl>
      <description>
        In the GROWN-UPS GUIDE TO COMPUTING, youll discover how people
        of all ages and from all walks of life have enriched their
        lives with computers-and how you can too!  If you are
        one of that rapidly growing group of older adults interested
        in finding out what computers can do and how to get started,
        this book is for you.
      </description>
      <descriptionurl>
        In+the+GROWN%2DUPS+GUIDE+TO+COMPUTING%2C+youll+discover
        +how+people+of+all+ages+and+from+all+walks+of+life+have+enriched+their
        +lives+with+computers%2Dand+how+you+can+too%21++If+you+are+one
        +of+that+rapidly+growing+group+of+older+adults+interested+in
        +finding+out+what+computers+can+do+and+how+to+get+started%2C
        +this+book+is+for+you%2E
      </descriptionurl>
      <image_filename>boxshots/press/3221.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F3221%2Egif</image_filenameurl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <name displayname="Name">Grown-Ups Guide to Computing</name>
      <nameurl>Grown%2DUps+Guide+to+Computing</nameurl>
    </product>
    <product>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <originalprice displayname="Your Price">16.99</originalprice>
      <originalpriceurl>16%2E99</originalpriceurl>
      <cy_list_price displayname="Price">16.99</cy_list_price>
      <cy_list_priceurl>16%2E99</cy_list_priceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <productid>Microsoft Age of Empires: Inside Moves</productid>
      <productidurl>Microsoft+Age+of+Empires%3A+Inside+Moves</productidurl>
      <description>
        MICROSOFT AGE OF EMPIRES: INSIDE MOVES provides the strategic
        hints, statistics, and tactical assistance you need to take
        one of a dozen primitive tribes and shape it into a great civilization.
      </description>

252 Reference Architecture for Commerce
      <descriptionurl>
        MICROSOFT+AGE+OF+EMPIRES%3A+INSIDE+MOVES+provides+the
        +strategic+hints%2C+statistics%2C+and+tactical+assistance
        +you+need+to+take+one+of+a+dozen+primitive+tribes+and+shape
        +it+into+a+great+civilization%2E
      </descriptionurl>
      <image_filename>boxshots/press/1049.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F1049%2Egif</image_filenameurl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <name displayname="Name">Microsoft Age of Empires: Inside Moves</name>
      <nameurl>Microsoft+Age+of+Empires%3A+Inside+Moves</nameurl>
    </product>
    <product>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <originalprice displayname="Your Price">19.99</originalprice>
      <originalpriceurl>19%2E99</originalpriceurl>
      <cy_list_price displayname="Price">19.99</cy_list_price>
      <cy_list_priceurl>19%2E99</cy_list_priceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <productid>
        Microsoft Age of Empires II: The Age of Kings: Inside Moves
      </productid>
      <productidurl>
        Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
      </productidurl>
      <description>
      Master all the vital strategic gambits, tips, and tricks
      for winning with this official guide to the exciting new
      version of Microsoft Age of Empires! MICROSOFT AGE OF
      EMPIRES II: AGE OF KINGS: INSIDE MOVES shows you how to
      survive and thrive in the thousand years from the
      fall of Rome to the Middle Ages.
      </description>
      <descriptionurl>Master+all+the+vital+strategic+gambits%2C
      +tips%2C+and+tricks+for+winning+with+this+official+guide
      +to+the+exciting+new+version+of+Microsoft+Age+of
      +Empires%21+MICROSOFT+AGE+OF+EMPIRES+II%3A+AGE+OF+KINGS%3A
      +INSIDE+MOVES+shows+you+how+to+survive+and+thrive+in+the+thousand
      +years+from+the+fall+of+Rome+to+the+Middle+Ages%2E
      </descriptionurl>
      <image_filename>boxshots/press/2388.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F2388%2Egif</image_filenameurl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>

Appendix A: XML Output from ConsolidatedRetail.com
253
      <name displayname="Name">
        Microsoft Age of Empires II: The Age of Kings: Inside Moves
      </name>
      <nameurl>
        Microsoft+Age+of+Empires+II%3A+The+Age+of+Kings%3A+Inside+Moves
      </nameurl>
    </product>
    <selectiontitle>
      product(s) found for search criteria &quot;Age.&quot;
    </selectiontitle>
  </searchresults>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile/>
  <exceptions></exceptions>
</page>
Shipping.pasp
The following XML is a sample of the output produced by Shipping.pasp:
<?xml-stylesheet type="text/xsl"
server-config="Shipping-Config.xml"
href="Shipping-IE5.xsl"?>
<page pagename="Shipping.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode>Shipping.pasp</pagemode>
  <advertising/>
  <addresses>
    <address>
      <address_id>{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}</address_id>
      <description>Office</description>
      <address_name>Kim Abercrombie</address_name>
      <address_line1>1 Microsoft Way</address_line1>
      <address_line2/>
      <city>Redmond</city>
      <region_code>Washington</region_code>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
    </address>
    <address>

254 Reference Architecture for Commerce
      <address_id>{CDBD249A-3D16-4952-A2CC-947EA9D6985B}</address_id>
      <description>Home</description>
      <address_name>Kim Abercrombie</address_name>
      <address_line1>My House</address_line1>
      <address_line2/>
      <city>Redmond</city>
      <region_code>Washington</region_code>
      <region_name>Washington</region_name>
      <postal_code>12345</postal_code>
    </address>
  </addresses>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
ShippingMethod.pasp
The following XML is a sample of the output produced by ShippingMethod.pasp:
<?xml-stylesheet type="text/xsl"
server-config="ShippingMethod-Config.xml"
href="ShippingMethod-IE5.xsl"?>
<page pagename="ShippingMethod.pasp">
  <httphost>localhost%3A81</httphost>
  <pagemode>ShippingMethod.pasp</pagemode>
  <advertising/>
  <code_table>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-005211009179}
      </shipping_method_id>
      <shipping_method_name>Express</shipping_method_name>
    </shipping_method>
    <shipping_method>
      <shipping_method_id>
        {00000000-0000-0000-0000-007390007575}
      </shipping_method_id>
      <shipping_method_name>Standard</shipping_method_name>
    </shipping_method>

Appendix A: XML Output from ConsolidatedRetail.com
255
  </code_table>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
StepSearch.pasp
The following XML is a sample of the output produced by the home page for the
site, which allows users to specify search criteria and search the catalogs:
<?xml-stylesheet type="text/xsl"
server-config="StepSearch-Config.xml"
href="StepSearch-IE5.xsl"?>
<page pagename="StepSearch.pasp">
  <httphost>localhost%3A81</httphost>
  <advertising/>
  <searchhandle>[Books][Simulations]</searchhandle>
  <userinput>
    <field>
      <name>Author</name>
      <valueentered></valueentered>
      <type>5</type>
      <value>Microsoft Corporation</value>
      <value>The PC Press, Inc.                        Ben  Chiu</value>
      <value>The PC Press, Inc.                        Michele  Chambre</value>
    </field>
    <field>
      <name>ISBN</name>
      <valueentered></valueentered>
      <type>5</type>
      <value>0-7356-0547-5</value>
      <value>1-57231-592-X</value>
      <value>1-57231-628-4</value>
    </field>
    <field>
      <name>Pagecount</name>
      <valueentered></valueentered>
      <type>0</type>
      <value>320</value>

256 Reference Architecture for Commerce
    </field>
    <field>
      <name>Publisher</name>
      <valueentered></valueentered>
      <type>5</type>
      <value>Microsoft Press</value>
    </field>
    <field>
      <name>Reading Level</name>
      <valueentered></valueentered>
      <type>5</type>
      <value>All Levels</value>
    </field>
    <field>
      <name>Title</name>
      <valueentered></valueentered>
      <type>5</type>
      <value>
        Instrument Flight Techniques with Microsoft Flight Simulator 98
      </value>
      <value>Microsoft Combat Flight Simulator: Inside Moves</value>
      <value>Microsoft Flight Simulator 2000: Inside Moves</value>
    </field>
  </userinput>
  <getresults/>
  <ourcatalog>Books</ourcatalog>
  <ourrootcategory>Games</ourrootcategory>
  <ourchildcategory>Simulations</ourchildcategory>
  <count>3</count>
  <hdnorder></hdnorder>
  <searchresults>
    <product>
      <oid>81</oid>
      <oidurl>81</oidurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <cy_list_price displayname="Price">19.99</cy_list_price>
      <cy_list_priceurl>19%2E99</cy_list_priceurl>
      <originalprice displayname="Your Price">19.99</originalprice>
      <originalpriceurl>19%2E99</originalpriceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <parentoid>26</parentoid>
      <parentoidurl>26</parentoidurl>
      <productid>Microsoft Flight Simulator 2000: Inside Moves</productid>
      <productidurl>
        Microsoft+Flight+Simulator+2000%3A+Inside+Moves
      </productidurl>
      <variantid/>
      <variantidurl/>
      <lastmodified>9/27/2001 3:31:46 PM</lastmodified>
      <lastmodifiedurl>9%2F27%2F2001+3%3A31%3A46+PM</lastmodifiedurl>
      <title displayname="Title">

Appendix A: XML Output from ConsolidatedRetail.com
257
        Microsoft Flight Simulator 2000: Inside Moves
      </title>
      <titleurl>Microsoft+Flight+Simulator+2000%3A+Inside+Moves</titleurl>
      <isbn displayname="ISBN">0-7356-0547-5</isbn>
      <isbnurl>0%2D7356%2D0547%2D5</isbnurl>
      <description>
        MICROSOFT FLIGHT SIMULATOR 2000: INSIDE MOVES is the essential
        companion to both Flight Simulator 2000 Standard and
        Professional Edition! It goes far beyond basic flight
        manuals to provide advanced flight tips, tactics, strategies,
        and more. It even includes a timesaving tear-out keyboard guide.
      </description>
      <descriptionurl>
        MICROSOFT+FLIGHT+SIMULATOR+2000%3A+INSIDE+MOVES+is+
        the+essential+companion+to+both+Flight+Simulator+2000
        +Standard+and+Professional+Edition%21+It+goes+far
        +beyond+basic+flight+manuals+to+provide+advanced
        +flight+tips%2C+tactics%2C+strategies%2C+and+more%2E
        +It+even+includes+a+timesaving+tear%2Dout+keyboard+guide%2E
      </descriptionurl>
      <image_filename>boxshots/press/2431.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F2431%2Egif</image_filenameurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <author displayname="Author">Microsoft Corporation</author>
      <authorurl>Microsoft+Corporation</authorurl>
      <name displayname="Name">
        Microsoft Flight Simulator 2000: Inside Moves
      </name>
      <nameurl>Microsoft+Flight+Simulator+2000%3A+Inside+Moves</nameurl>
      <pagecount displayname="No. Pages">320</pagecount>
      <pagecounturl>320</pagecounturl>
      <producturl displayname="Product Info. Url">
        a href=http://mspress.microsoft.com/prod/books/2431.htm  target =_a
        http://mspress.microsoft.com/prod/books/2431.htm /a
      </producturl>
      <producturlurl>
        a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod
        %2Fbooks%2F2431%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
        2Emicrosoft%2Ecom%2Fprod%2Fbooks%2F2431%2Ehtm+%2Fa
      </producturlurl>
      <publication_year displayname="Year published">1999</publication_year>
      <publication_yearurl>1999</publication_yearurl>
      <publisher displayname="Publisher">Microsoft Press</publisher>
      <publisherurl>Microsoft+Press</publisherurl>
      <reading_level displayname="Reading Level:">All Levels</reading_level>
      <reading_levelurl>All+Levels</reading_levelurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>

258 Reference Architecture for Commerce
    </product>
    <product>
      <oid>241</oid>
      <oidurl>241</oidurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <cy_list_price displayname="Price">19.99</cy_list_price>
      <cy_list_priceurl>19%2E99</cy_list_priceurl>
      <originalprice displayname="Your Price">19.99</originalprice>
      <originalpriceurl>19%2E99</originalpriceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <parentoid>26</parentoid>
      <parentoidurl>26</parentoidurl>
      <productid>
        Instrument Flight Techniques with Microsoft Flight Simulator 98
      </productid>
      <productidurl>
        Instrument+Flight+Techniques+with+Microsoft+Flight+Simulator+98
      </productidurl>
      <variantid/>
      <variantidurl/>
      <lastmodified>9/27/2001 3:31:51 PM</lastmodified>
      <lastmodifiedurl>9%2F27%2F2001+3%3A31%3A51+PM</lastmodifiedurl>
      <title displayname="Title">
        Instrument Flight Techniques with Microsoft Flight Simulator 98
      </title>
      <titleurl>
        Instrument+Flight+Techniques+with+Microsoft+Flight+Simulator+98
      </titleurl>
      <isbn displayname="ISBN">1-57231-628-4</isbn>
      <isbnurl>1%2D57231%2D628%2D4</isbnurl>
      <description>
        INSTRUMENT FLIGHT TECHNIQUES WITH MICROSOFT FLIGHT
        SIMULATOR 98 shows you how to fly planes in Microsoft
        Flight Simulator 98 with the instrument flight
        techniques used by professional pilots.
      </description>
      <descriptionurl>
        INSTRUMENT+FLIGHT+TECHNIQUES+WITH+MICROSOFT+FLIGHT+
        SIMULATOR+98+shows+you+how+to+fly+planes+in+Microsoft
        +Flight+Simulator+98+with+the+instrument+flight+techniques
        +used+by+professional+pilots%2E
      </descriptionurl>
      <image_filename>boxshots/press/1429.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F1429%2Egif</image_filenameurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <author displayname="Author">
        The PC Press, Inc.                        Michele  Chambre
      </author>

Appendix A: XML Output from ConsolidatedRetail.com
259
      <authorurl>
        The+PC+Press%2C+Inc%2E++++++++++++++++++++++++Michele++Chambre
      </authorurl>
      <name displayname="Name">
        Instrument Flight Techniques with Microsoft Flight Simulator 98
      </name>
      <nameurl>
        Instrument+Flight+Techniques+with+Microsoft+Flight+Simulator+98
      </nameurl>
      <pagecount displayname="No. Pages">320</pagecount>
      <pagecounturl>320</pagecounturl>
      <producturl displayname="Product Info. Url">
        a href=http://mspress.microsoft.com/prod/books/1429.htm  target =_a
        http://mspress.microsoft.com/prod/books/1429.htm /a
      </producturl>
      <producturlurl>
        a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fprod
        %2Fbooks%2F1429%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
        2Emicrosoft%2Ecom%2Fprod%2Fbooks%2F1429%2Ehtm+%2Fa
      </producturlurl>
      <publication_year displayname="Year published">1999</publication_year>
      <publication_yearurl>1999</publication_yearurl>
      <publisher displayname="Publisher">Microsoft Press</publisher>
      <publisherurl>Microsoft+Press</publisherurl>
      <reading_level displayname="Reading Level:">All Levels</reading_level>
      <reading_levelurl>All+Levels</reading_levelurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </product>
    <product>
      <oid>316</oid>
      <oidurl>316</oidurl>
      <definitionname>SDKBook</definitionname>
      <definitionnameurl>SDKBook</definitionnameurl>
      <cy_list_price displayname="Price">16.99</cy_list_price>
      <cy_list_priceurl>16%2E99</cy_list_priceurl>
      <originalprice displayname="Your Price">16.99</originalprice>
      <originalpriceurl>16%2E99</originalpriceurl>
      <i_classtype>4</i_classtype>
      <i_classtypeurl>4</i_classtypeurl>
      <parentoid>26</parentoid>
      <parentoidurl>26</parentoidurl>
      <productid>
        Microsoft Combat Flight Simulator: Inside Moves
      </productid>
      <productidurl>
        Microsoft+Combat+Flight+Simulator%3A+Inside+Moves
      </productidurl>
      <variantid/>
      <variantidurl/>
      <lastmodified>9/27/2001 3:31:53 PM</lastmodified>

260 Reference Architecture for Commerce
      <lastmodifiedurl>9%2F27%2F2001+3%3A31%3A53+PM</lastmodifiedurl>
      <title displayname="Title">
        Microsoft Combat Flight Simulator: Inside Moves
      </title>
      <titleurl>Microsoft+Combat+Flight+Simulator%3A+Inside+Moves</titleurl>
      <isbn displayname="ISBN">1-57231-592-X</isbn>
      <isbnurl>1%2D57231%2D592%2DX</isbnurl>
      <description>
        Whether you scramble a Spitfire to intercept invading raiders or escort
        B-17 bombers in a Mustang, MICROSOFT COMBAT FLIGHT SIMULATOR: WWII
        EUROPE SERIES: INSIDE MOVES is the companion guide that reveals
        all of the tips, tactics, and strategies you need to secure
        air superiority in the virtual blue yonder.
      </description>
      <descriptionurl>
        Whether+you+scramble+a+Spitfire+to+intercept+invading+raiders
        +or+escort+B%2D17+bombers+in+a+Mustang%2C+MICROSOFT+COMBAT
        +FLIGHT+SIMULATOR%3A+WWII+EUROPE+SERIES%3A+INSIDE+MOVES+is
        +the+companion+guide+that+reveals+all+of+the+tips%2C
        +tactics%2C+and+strategies+you+need+to+secure+air
        +superiority+in+the+virtual+blue+yonder%2E
      </descriptionurl>
      <image_filename>boxshots/press/1339.gif</image_filename>
      <image_filenameurl>boxshots%2Fpress%2F1339%2Egif</image_filenameurl>
      <image_height>120</image_height>
      <image_heighturl>120</image_heighturl>
      <image_width>120</image_width>
      <image_widthurl>120</image_widthurl>
      <author displayname="Author">
        The PC Press, Inc.                        Ben  Chiu
      </author>
      <authorurl>
        The+PC+Press%2C+Inc%2E++++++++++++++++++++++++Ben++Chiu
      </authorurl>
      <name displayname="Name">
        Microsoft Combat Flight Simulator: Inside Moves
      </name>
      <nameurl>Microsoft+Combat+Flight+Simulator%3A+Inside+Moves</nameurl>
      <pagecount displayname="No. Pages">320</pagecount>
      <pagecounturl>320</pagecounturl>
      <producturl displayname="Product Info. Url">
        a href=http://mspress.microsoft.com/prod/books/1339.htm  target =_a
        http://mspress.microsoft.com/prod/books/1339.htm /a
      </producturl>
      <producturlurl>
        a+href%3Dhttp%3A%2F%2Fmspress%2Emicrosoft%2Ecom%2Fpro
        d%2Fbooks%2F1339%2Ehtm++target+%3D%5Fa+++http%3A%2F%2Fmspress%
        2Emicrosoft%2Ecom%2Fprod%2Fbooks%2F1339%2Ehtm+%2Fa
      </producturlurl>
      <publication_year displayname="Year published">1999</publication_year>
      <publication_yearurl>1999</publication_yearurl>
      <publisher displayname="Publisher">Microsoft Press</publisher>
      <publisherurl>Microsoft+Press</publisherurl>

Appendix A: XML Output from ConsolidatedRetail.com
261
      <reading_level displayname="Reading Level:">All Levels</reading_level>
      <reading_levelurl>All+Levels</reading_levelurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </product>
    <selectiontitle>3 product(s) found for search criteria</selectiontitle>
  </searchresults>
  <showlists/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
ThankYou.pasp
The following XML is a sample of the output produced when a user completes the
checkout process:
<?xml-stylesheet type="text/xsl"
server-config="ThankYou-Config.xml"
href="ThankYou-IE5.xsl"?>
<page pagename="ThankYou.pasp">
  <httphost>localhost%3A81</httphost>
  <advertising/>
  <orderform
      payment_method="credit_card"
      billing_address_id="{14505FF4-8B94-4102-9745-0AD40CC2010B}"
      saved_cy_oadjust_subtotal="74.95"
      saved_cy_total_total="107.45"
      cc_name="Visa"
      cc_expyear="2002"
      cc_expmonth="06"
      cc_number="xxxxxxxxxxxxxxx5231"
      _cy_shipping_total="25"
      _cy_tax_total="7.5"
      user_email_address="kim@somecompany.com"
      http_server_name="localhost:81"

262 Reference Architecture for Commerce
      order_number="29598"
      http_server_protocol="http://">
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="1 Microsoft Way"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      AddressesDictKey="{048AC5DD-8E92-433B-B9BC-AE55F4EFE32F}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond"
      region_code="WA"
      postal_code="12345"
      country_code="US"
      AddressesDictKey="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"/>
    <Addresses
      address_name="Kim Abercrombie"
      address_line1="My House"
      city="Redmond" region_code="WA"
      postal_code="12345"
      country_code="US"
      AddressesDictKey="{14505FF4-8B94-4102-9745-0AD40CC2010B}"/>
    <Items
      quantity="1"
      product_id="651"
      product_catalog="Hardware"
      product_category="Featured Products"
      description="Coming Soon"
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      shipping_method_name="Express"
      d_DateCreated="10/8/2001 5:06:03 PM"
      cy_lineitem_total="74.95"
      cy_unit_price="74.95"
      lineitem_uid="{CE3B46E8-FCB4-4FE1-97A7-2C6E03DACA93}"
      product_Name="Microsoft® SideWinder® Freestyle Pro"
      _cy_oadjust_adjustedprice="74.95"
      _cy_oadjust_discount="0"/>
    <shipments
      shipping_address_id="{CDBD249A-3D16-4952-A2CC-947EA9D6985B}"
      shipping_method_id="{00000000-0000-0000-0000-005211009179}"
      _cy_shipping_total="25"/>
  </orderform>
  <sendmail/>
  <ordernumber>29598</ordernumber>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>

Appendix A: XML Output from ConsolidatedRetail.com
263
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>
UserProfile.pasp
The following XML is a sample of the output produced by UserProfile.pasp:
<?xml-stylesheet type="text/xsl"
server-config="UserProfile-Config.xml"
href="UserProfile-IE5.xsl"?>
<page pagename="UserProfile.pasp">
  <httphost>localhost%3A81</httphost>
  <profilemenu/>
  <pagemode/>
  <validate>
    <maxlengthname>15</maxlengthname>
    <validateitem>
      <functionname>CheckName</functionname>
      <fieldname>txtFirstName</fieldname>
      <errormessage>Please enter a valid first name.</errormessage>
    </validateitem>
    <maxlengthname>15</maxlengthname>
    <validateitem>
      <functionname>CheckName</functionname>
      <fieldname>txtLastName</fieldname>
      <errormessage>Please enter a valid last name.</errormessage>
    </validateitem>
    <maxlengthemail>40</maxlengthemail>
    <validateitem>
      <functionname>CheckEmail</functionname>
      <fieldname>txtEmailAddress</fieldname>
      <errormessage>Please enter a valid email address.</errormessage>
    </validateitem>
    <maxlengthphonefax>14</maxlengthphonefax>
    <validateitem>
      <functionname>CheckPhoneFaxNumber</functionname>
      <fieldname>txtTelNumber</fieldname>
      <errormessage>Please enter a valid phone number.</errormessage>
    </validateitem>
    <maxlengthphonefax>14</maxlengthphonefax>
    <validateitem>
      <functionname>CheckPhoneFaxNumber</functionname>
      <fieldname>txtWorkNumber</fieldname>

264 Reference Architecture for Commerce
      <errormessage>Please enter a valid fax number.</errormessage>
    </validateitem>
  </validate>
  <userobject>
    <accountinfo>
      <org_id/>
      <account_status>1</account_status>
      <user_catalog_set/>
      <date_registered>10/8/2001 4:54:52 PM</date_registered>
    </accountinfo>
    <advertising>
      <campaign_history/>
    </advertising>
    <businessdesk>
      <partner_desk_role/>
    </businessdesk>
    <generalinfo>
      <user_id>{E246BE62-8937-4CF2-A312-178DEC172A5F}</user_id>
      <logon_name>kim</logon_name>
      <email_address>kim@somecompany.com</email_address>
      <user_type>1</user_type>
      <user_title/>
      <last_name></last_name>
      <first_name></first_name>
      <tel_number/>
      <tel_extension/>
      <fax_number/>
      <fax_extension/>
      <user_id_changed_by/>
    </generalinfo>
    <profilesystem>
      <date_last_changed>10/8/2001 6:09:14 PM</date_last_changed>
      <date_created>10/8/2001 4:54:37 PM</date_created>
    </profilesystem>
  </userobject>
  <notpassportuser/>
  <getcatalogsforuser>
    <selectiontitle>Browse Catalogs:</selectiontitle>
    <catalog>
      <catalogname>Books</catalogname>
      <catalognameurl>Books</catalognameurl>
    </catalog>
    <catalog>
      <catalogname>Hardware</catalogname>
      <catalognameurl>Hardware</catalognameurl>
    </catalog>
  </getcatalogsforuser>
  <profile auth="auth"/>
  <exceptions></exceptions>
</page>

Appendix B
Data Field Validation
This appendix describes the data field validations performed by the Reference
Architecture application. The validations implemented are rudimentary and do not
enforce strict business rules. However, the implementation is flexible and easy to
modify for specific requirements.
Note that the Electronic Commerce Modeling Language (ECML) specifications
referred to in this appendix were used for maximum lengths only. The application is
not fully ECML compliant. You can find more information about ECML at http://
www.ecml.org/
This appendix first defines the data fields that require validation and the general
type of information that should be validated. The appendix then describes the field
validation performed and the error messages displayed for each file that uses these
data fields.
Data Fields That Require Validation
The Reference Architecture for Commerce includes a number of data fields that
require validation. These fields are summarized in the Data Field Validation Table
that follows. This table identifies the following for each data field:
G Field name
G Type of input permitted
G Maximum data length allowed by the SQL Server database
G Maximum data length suggested by ECML standards
G Maximum data length used in the Reference Architecture application

266 Reference Architecture for Commerce
The Data Field Validation Table uses the following abbreviations:
G NA – Not  applicable
G AN – Alphanumeric characters are permitted
G N – Numeric characters are permitted
G Format – Standard format used (for example, the standard email format is
xyz@company.com)
G Spaces – White (or blank) spaces are permitted
G Hyphen, @, #, and so on – Specific characters, such as hyphens, are permitted (for
example, hyphens may be permitted in phone numbers)
G Data type – Information in brackets specifies the field type in the database (for
example, [nvc] indicates nvarchar)
G SP – Stored procedure search parameter size
Data Field Validation Table
Field Name
Validation Type
SQL
ECML
Ref. Arch.
Maximum
Maximum
Maximum
Search
NA
SP 4000 [nvc]
NA
NA
Quantity
NA
4 [Integer]
NA
NA
Username
AN, hyphen, underscore, @,
255 [nvc]
NA
255
period
Password
All
255 [nvc]
NA
255
E-mail address
Format
80 [nvc]
40
40
First Name
A and spaces
255 [nvc]
15
15
Last Name
A and spaces
255 [nvc]
15
15
Phone No.
N, spaces, hyphens, brackets,
255 [nvc]
10
14
periods
Fax No.
N, spaces, hyphens, brackets,
255 [nvc]
10
14
periods
Listed As
AN, hyphen, spaces, underscore,
255 [nvc]
NA
255
Address
AN,  # (hash mark or number
255 [nvc]
20
20
sign), spaces, comma, hyphen,
period
City
A, spaces
255 [nvc]
22
22
ZIP Code
N, hyphen, spaces
255 [nvc]
14
14
State
A, spaces
255 [nvc]
2
NA

Appendix B: Data Field Validation
267
Field Name
Validation Type
SQL
ECML
Ref. Arch.
Maximum
Maximum
Maximum
Credit Card
N, spaces, hyphen
255 [nvc]
19
19
Number
Card Type
A
255 [nvc]
4
NA
Card Exp.
A
255 [nvc]
2
NA
Month
Card Exp.
N
255 [nvc]
2
NA
Year
How Validation Is Performed
Files in the Reference Architecture application implement data field validation as
described in the following. If the data provided is invalid, the corresponding error
message is displayed to the user.
Notes:
G Server- or client-side validation is determined by the bintvalidateOption parameter, which
is passed to the UIValidate function present in PASP files that require validations. This
parameter if set to UIV_CLIENT_AND_SERVER performs validation on both the server
and client side. If this parameter is set to UIV_CLIENT_ONLY, only client-side validation is
performed. If this parameter is set to UIV_SERVER_ONLY, only server-side validation
is performed.
G Modifying the Rc.xml file modifies the error messages displayed on the site. If you modify
this file, the error message shown after client- or server-side validation is modified. The
Reference Architecture application provides only the most basic error messages.
G Some Reference Architecture pages contain fields that cannot be validated or where
validation is not required because it has already occurred. These exceptions are discussed
at the end of this section.

268 Reference Architecture for Commerce
Login.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Username
Character
Yes
Yes
255
Username field allows letters
Please enter a valid user
numbers, hyphens, underscores,
name.
periods, and at signs (@). No
spaces are allowed.
Password
Character
Yes
Yes
255
Password field should not be null.
Invalid password.
The user can enter any combina-
Note that password is
tion of characters; therefore, no
case-sensitive.
further validation is done.
Registration.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Username
Character
Yes
Yes
255
Username field allows letters,
Please enter a valid
numbers, hyphens, underscores,
user name.
periods, and at signs (@). No
spaces are allowed.
E-mail Address
Character
Yes
Yes
40
E-mail Address field should confirm
Please enter a valid
to standard format; for example,
e-mail address.
xyz@abc.com
Password /
Character
Yes
Yes
255
Password field should not be null.
Please enter a password.
Confirm
Password
Confirm Password field should not
Please confirm the new
be null.
password.
Password and Confirm Password
Your entries for pass-
entries must match.
word and confirm
password do not match.
The user can enter any combina-
tion of characters; therefore, no
further validation is done.
UserProfile.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
First Name
Character
Yes
Yes
15
First Name field should contain
Please enter a valid first
alphabetical characters only.
name.
Spaces are allowed.
Last Name
Character
Yes
Yes
15
Last Name field should contain
Please enter a valid last
alphabetical characters only.
name.
Spaces are allowed.
E-mail Address
Character
Yes
Yes
40
E-mail Address field should confirm
Please enter a valid
to standard format; for example,
e-mail address.
xyz@abc.com

Appendix B: Data Field Validation
269
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Phone Number
Character
Yes
Yes
14
Phone Number field can contain
Please enter a valid
numeric characters, parentheses,
phone number.
hyphens, spaces, and periods. The
Phone Number field can be empty.
Fax Number
Character
Yes
Yes
14
Fax Number field can contain
Please enter a valid fax
numeric characters, parentheses,
number.
hyphens, spaces, and periods. The
Fax Number field can be empty.
EditAddressBook.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Listed As
Character
Yes
Yes
255
Listed As field can contain letters,
Please enter a valid
numbers, spaces, hyphens, and
“Listed As” name.
underscores.
Name
Character
Yes
Yes
34
Name field should contain
Please enter a valid
alphabetical characters only.
name.
Spaces are allowed.
Address Line 1
Character
Yes
Yes
20
Address field can contain letter,
Please enter a valid
numbers, spaces, number signs
address line 1.
(#), hyphens, commas, and
periods.
Address Line 2
Character
Yes
Yes
20
No validation should be performed
Please enter a valid
if this field empty. If the user
address line 2.
enters data, the field can contain
letter, numbers, spaces, number
signs (#), hyphens, commas, and
periods.
City
Character
Yes
Yes
22
City name field should contain
Please enter a valid city.
alphabetical characters only.
Spaces are allowed.
State
Character
Yes
Yes
255
This field is a drop-down list;
Please select a state.
therefore, the only validation that
should be performed is to confirm
that the field is not null.
Zip Code
Character
Yes
Yes
14
Zip Code field should be numeric.
Please enter a valid Zip
In addition, a hyphen and spaces
Code.
should be allowed.
Phone Number
Character
Yes
Yes
10
No validation should be performed
Please enter a valid
if the field is empty. If the user
phone number.
enters data, then numeric charac-
ters, parentheses, hyphens,
spaces, and periods should be
allowed.

270 Reference Architecture for Commerce
ForgotPasswd.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
User Name
Character
Yes
Yes
255
User Name field should be
Please enter a valid user
alphanumeric and can contain
name.
hyphens, underscores, periods,
and @ only.
ChangePasswd.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Current
Character
Yes
Yes
255
Current Password field should not
Please enter your current
Password
be null. The user can enter any
password.
combination of characters; there-
fore, no further validation should
be done.
New Password
Character
Yes
Yes
255
New Password field should not be
Please enter a new
null. The user can enter any com-
password.
bination of characters; therefore,
no further validation should be
done
Confirm
Character
Yes
Yes
255
Confirm Password field should not
Please confirm the new
Password
be null.
password.
Confirm Password field should
Your entries for password
match the New Password.
and confirm password do
not match.
EditCreditCard.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Listed As
Character
Yes
Yes
255
Listed As field can contain alpha-
Please enter a valid
numeric characters, as well as
‘Listed As’ name.
spaces, hyphens, and underscore
characters.
Name on Card
Character
Yes
Yes
34
Name field should contain alpha-
Please enter a valid card
betical characters only. Spaces
name.
are allowed.
Account
Character
Yes
Yes
19
Account Number field can contain
The credit card number
Number
numbers, spaces, and hyphens.
you provided is not valid.
Please verify your
payment information or
use a different card.
Card Type
Character
No
Yes
255‘
The Card Type field is a drop-down
Please select a card
list; therefore, a server-side check
type.
should occur to confirm that this
field is not null.

Appendix B: Data Field Validation
271
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Expiration
Character
No
Yes
255
The Expiration Month field is a
Please select the card
Month
drop-down list; therefore, a server-
expiration month.
side check should occur to
confirm that this field is not null.
Expiration
Character
No
Yes
255
The Expiration Year field is a drop-
Please select the card
Year
down list; therefore, a server-side
expiration year.
check should occur to confirm that
this field is not null.
AddtoList.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
New List Name
Character
Yes
Yes
20
New List Name field can contain
Please enter a valid list
letters, numbers, hyphens, under-
name.
scores, single quotation marks,
and spaces.
A list with this name
already exists. Please
New List Name field cannot dupli-
try another name.
cate an existing list name.
Basket.pasp, Category.pasp, ListBase.pasp, Product.pasp, and StepSearch.pasp
Field Name
Data Type
Client
Server
Max.
Comments
Error Messages
Length
Quantity
Integer
No
No
3
The Quantity field is not validated
None.
because it is previously handled on
the server side. If any character
other than a number is entered
and the user chooses to add the
product to the cart, the number
defaults to 1 (a single instance of
the selected item is added to the
cart). If the user updates the cart
and indicates a non-numeric
quantity, there is no change to the
cart quantity.
ListSearch.pasp
This page includes the following data fields:
G Logon Name
G List Name
G E-mail Address

272 Reference Architecture for Commerce
Because the user can perform a search for a public list using any of one these fields,
validation cannot be enforced to require the user to complete any of fields. If the
user attempts to use invalid data, he or she will receive a message indicating that
no corresponding list was found and will be returned to the search page.
StepSearch.pasp
This page consists of dynamic fields that correspond to the catalog the user has
selected for browsing. For example, if the user selects the Hardware catalog, dy-
namic fields such as Cordless, License Type, Operating System, and Scroll Wheel
may appear.
As with ListSearch.pasp, the user can perform a search on any of the fields mention
above. And, because the catalog may change, validation on specific fields cannot be
performed.
If the user attempts to use invalid data, he or she will receive a message indicating
that no corresponding items were found and will be returned to search page.
Search Text Box 
This is a free-form text box. If the user attempts to use invalid data, he or she will
receive a message indicating that no corresponding items were found and will be
returned to search page.

Appendix C
Sample Detailed Test Plan
This appendix provides a sample detailed test plan that a test team should use as
the basis for test cases when testing a site such as ConsolidatedRetail.com. Refer to
Appendix D, Sample Detailed Test Cases, for the cases that correspond to the
scenarios documented in the detailed test plan.
Assumptions and Requirements
This detailed test plan discusses the majority of user interactions that could occur
on the ConsolidatedRetail.com Web site. This testing includes all Web pages that
can be accessed by any user, along with a minimal set of developer scenarios and
site download-related scenarios.
The test plan has the following assumptions and requirements:
G The tester should perform each test on a fresh build (from scratch). After the
build is completed, the tester should complete the following steps:
1. Set up the catalog data.
2. Set up the Commerce Server 2000 administrative data for transaction
parameters, such as shipping rates, shipping methods, taxes, predictors,
and so forth.
G When possible, the test team should test every page with every supported
browser and supported browser version.
G When possible, the tester should address the following common scenarios for
each test:
1. Change the default fonts of the Microsoft Internet Explorer browser for each
page and spot potential graphic and textual errors.
2. Resize the Internet Explorer browser for each page and spot potential graphic
and textual errors.

274 Reference Architecture for Commerce
3. For each page, check for bugs using different navigational techniques in the
Internet Explorer browser, such as Back, Forward, History, and Favorites.
4. Use different navigational techniques inside the application. For example, use
the TAB key to change focus or move from one control to another within the
application, and check for bugs.
5. Verify that a user can navigate from one page to any other common page.
6. Verify that all of the options and buttons present on any page are accessible to
authenticated users.
7. Verify that a user can perform all available operations even if the graphical
components are not available on the user interface.
8. Confirm that the Web site behaves and appears the same when different
screen resolutions are used for the user agents.
G It is assumed that the test team will complete ad-hoc testing on the application
initially, before executing the test cases that arise directly from the scenarios.
G Throughout this detailed test plan, transaction refers to a complete order process,
starting with adding items to the shopping basket through confirming the order
after purchase.
G To emulate an unregistered user accurately, the tester should begin his or her
testing session using a fresh instance of the browser. This means that if the tester
was previously testing an area of the site in which he or she was logged on as a
registered user, the tester needs to close the browser and reopen it.
G The following generic test cases should be performed on all pages on the site:
G Test all links.
G Check the default cursor positions in all screens that the user can access.
G Check the default button operations in all screens that the user can access.
G Verify that the user can enter all types of valid data and confirm the maxi-
mum data length for each data entry field (data field lengths are documented
in Appendix B).
G Test all mandatory fields to ensure that only valid entries are accepted and
that the null entries are not accepted.
G Verify that the scenarios execute as expected after cookies are disabled.
G Verify that the user can test for multiple copies of the same application.
G Verify that developer users can debug the code. Also, change the code for
logout, and test the output results.
G Ensure that the user can install a new build over the existing installation, and
can then test on the new installation.

Appendix C: Sample Detailed Test Plan
275
Test Scenarios
The sample detailed test plans in this section address the following functionality:
G Registration and authentication
G Access privileges
G Banner advertisement
The scenarios described are a selection from the full detailed test plan used in the
development of the Reference Architecture Web site, and therefore are not num-
bered sequentially.
Registration and Authentication Tests
The following test scenarios check the registration and authentication features of
the site.
Scenario 1 – Registration Using Microsoft Passport
Description
A new user registers using Passport authentication.
Objective
Determine whether a new user can register on the site using Passport
credentials.
Priority
High
Steps:
1.1
Access the home page, and then click Register Now.
1.2
Click the Passport link on the registration page.
1.3
Use valid Passport credentials (e-mail address and password) to
complete all data fields on the page.
1.4
Click the Register button.
Scenario 2 – Logon Using Passport
Description
A user logs on to the site using Passport authentication.
Objective
Determine whether a user with valid Passport credentials can access
the site. Depending on the user’s browser settings, check whether
cookies are deposited on the user’s computer.
Priority
High
Steps:
2.1
Access the home page, and then click the Passport link.
2.2
Enter a valid Passport credentials (e-mail address and password).
2.3
Click the Sign In button.

276 Reference Architecture for Commerce
Scenario 3 – Registration Using SQL Server
Description
A new user registers using SQL Server authentication.
Objective
Determine if a new user can register on the site, and whether he or
she will be authenticated automatically.
Priority
High
Steps:
3.1
Access the home page, and click Register Now.
3.2
Complete the User Name, E-mail Address, and Password fields.
Reenter the password in the Confirm Password field.
3.3
Click the Register button.
Scenario 4 – Registration Using SQL Server and Invalid Data
Description
A user attempts to register using SQL Server authentication and
submits incomplete or invalid credentials.
Objective
Determine if a new user can register on the site, and whether he or
she will be authenticated automatically.
Priority
High
Steps:
4.1
Access the home page and click the Register Now button.
4.2
Enter a User Name.
4.3
Enter a Password and Confirm Password that do not match.
4.4
Click the Register button.
Scenario 5 – Registration Using A Duplicate User Name
Description
A user attempts to register using SQL Server authentication and
submits an existing user name.
Objective
Determine if a user ID is unique for registration, and if not, verify that
the user is notified accordingly.
Priority
High
Steps:
5.1
Access the home page, and then click the Register Now button.
5.2
Enter existing information in the User Name, Password, and Confirm
Password fields.
5.3
Click the Register button.
5.4
After the error message is displayed, register using another user
name.

Appendix C: Sample Detailed Test Plan
277
Scenario 6 – Changing a Password Using Valid Data
Description
A user tries to change his or her password using SQL server authenti-
cation and valid input.
Objective
Determine whether an authenticated user can change his or her
password.
Priority
High
Steps:
6.1
Access the home page, and then click the Logon Click Here! button.
6.2
Enter valid Passport information in the User Name and Password
fields, and then click the Logon button.
6.3
Click the My Account button.
6.4
Click Change Password, and then enter valid data in all fields.
6.5
Click Submit.
Scenario 7 – Changing a Password Using Invalid Data
Description
A user tries to change his or her password using SQL server authenti-
cation and invalid input.
Objective
Determine whether an authenticated user can change his or her
password.
Priority
High
Steps:
7.1
Access the home page, and then click the Logon Click Here! button.
7.2
Enter valid Passport information in the User Name and Password
fields, and then click the Logon button.
7.3
Click the My Account button.
7.4
Click Change Password, and then enter invalid data in one or more
fields.
7.5
Click Submit.

278 Reference Architecture for Commerce
Scenario 8 – Logon Using SQL Server and Valid Data
Description
A user logs on to the site using a valid user name and password and
SQL Server authentication.
Objective
Determine if a user with valid SQL Server authentication credentials
can access the site.
Priority
High
Steps:
8.1
Access the home page, and then click the Logon Click Here! button.
8.2
Enter valid information in the User Name and Password fields.
8.3
Click the Logon button.
Scenario 9 – Logon Using SQL Server and Invalid Data
Description
A user attempts to log on to the site using an invalid user name and
password and SQL Server authentication.
Objective
Determine whether a user with invalid user name and password com-
bination is denied access to the site and that the appropriate error
messages are displayed. The user should be prompted to enter
resubmit his or her authentication information.
Priority
High
Steps:
9.1
Access the home page, and then click the Logon Click Here! button.
9.2
Enter invalid information in the User Name and Password fields.
9.3
Click the Logon button.
Scenario 10 – Valid User Requests a Password Reminder
Description
A user submits a valid user name and requests a password reminder.
Objective
Determine whether a password reminder e-mail message is sent to a
registered user’s e-mail address after the user provides his or her valid
user name and requests a reminder.
Priority
High
Steps:
10.1
Access the home page, and then click the Logon Click Here! button.
10.2
Click the Forgot Password? button.
10.2
Enter valid information in the User Name field, and then click the
Submit button.

Appendix C: Sample Detailed Test Plan
279
Scenario 11 – Invalid User Requests a Password Reminder
Description
A user submits an invalid user name and requests a password
reminder.
Objective
Determine whether an appropriate error message is displayed if a user
requests a password reminder and submits an invalid user name.
Priority
High
Steps:
11.1
Access the home page, and then click the Logon Click Here! button.
11.2
Click the Forgot Password? button.
11.3
Enter invalid information in the User Name field, and then click the
Submit button.
Access Privileges
Scenario 12 – Access Privileges of an Unauthenticated User
Description
An unauthenticated user attempts to use the Web site.
Objective
Verify that a user is able to log on, register, browse and search cata
logs, and access and manage the order baskets and shopping lists.
Priority
High
Steps:
12.1
Access the home page.
12.2
As an unauthenticated user, check access to the site features.
Scenario 13 – Access Privileges of an Authenticated User
Description
A user logs on and attempts to use the Web site.
Objective
Verify that a user is able to register, browse and search catalogs,
access and manage the order baskets and shopping lists, access user
profile information, address information, billing and payment informa-
tion, and complete checkout, and receive order confirmation e-mail.
Priority
High
Steps:
13.1
Access the home page, and log on to the site.
13.2
As an authenticated user, check access to the site features.

280 Reference Architecture for Commerce
Scenario 14 – Access to My Accounts After Closing the Browser
Description
An authenticated user closes the browser window and then attempts
to access the My Accounts area.
Objective
Verify that a user is unable to access My Accounts after closing the
browser window as an authenticated user.
Priority
High
Steps:
14.1
Access the home page, and log on to the site.
14.2
Close the browser window.
14.3
Restart Internet Explorer, and then access the site.
14.4
Click My Accounts.
Scenario 15 – Unauthenticated Access to the Shopping Basket
Description
An unauthenticated user tries to add items to the shopping basket,
and then logs on.
Objective
Verify that an authenticated user can see items placed in the shopping
basket during the previous unauthenticated session.
Priority
High
Steps:
15.1
Access the home page.
15.2
Add items to the shopping basket.
15.3
Logon to the site as an existing user or register as a new user.
Scenario 16 – Access to the Shopping Basket After Closing the Browser
Description
An authenticated user tries to add items to the shopping basket,
closes the browser window, and then accesses the site again.
Objective
Check to see whether an unauthenticated user can see items placed
in the shopping basket during the previous authenticated session.
Priority
High
Steps:
16.1
Access the home page, and log on to the site.
16.2
Add items to the shopping basket.
16.3
Close the browser window.
16.4
Access the site again (but do not log on).
16.5
Click the shopping basket icon.

Appendix C: Sample Detailed Test Plan
281
Banner Advertisement
Scenario 17 – User Selects a Banner Advertisement
Description
A user attempts to see an advertisement displayed on the Web site.
Objective
Verify that a user is able to select the banner advertisement from the
site and see the appropriate destination page.
Priority
High
Steps:
17.1
Access the home page.
17.2
Click the advertisement.


Appendix D
Sample Detailed Test Cases
This appendix contains a subset of the test cases a test team should use when testing
a site such as ConsolidatedRetail.com. Refer to “Appendix B: Sample Detailed Test
Plan,” for the scenarios used to build these test cases.
Detailed Test Case Legend
Column Heading
Definition
No.
Number of the specific test case in this document
DTP Ref.
Detailed Test Plan Scenario on which this test case was built
Priority & Test Type
Relative priority of the test case (high, medium, or low) and type of
test performed — automated (A) or manual (M)
Condition to be Tested
Specific functionality to be tested
Execution Details
Steps to complete the test case
Expected Result
What should happen
Actual Result
What actually happened
Test OK?
Did the application function as expected? (Y=Yes; N=No)

284
Registration Authentication Test Case
Reference Architecture for Commerce
No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
1
DTP 1
High (M)
User registers as a new user
Visit the test site.
The new user should
using Passport authentication.
Click the Register Now
be able to register on
link for Passport.
the site.
Complete all fields.
Click Register.
2
DTP 2
High (M)
User logs on using Passport
Visit the test site.
The user should be able
authentication.
Click Passport Sign in.
to log on and have
Enter a valid user name
access to all available
and password.
features on the site.
Click Sign In.
3
DTP 3
High (A)
User registers as a new user
Visit the test site.
The new user should be
using SQL Server authentica-
Click the Register Now link.
able to register on the
tion and valid input.
Complete all fields.
site and be authenti-
Click Register.
cated automatically.
4
DTP 4
Medium (A)
User registers as a new user
Visit the test site.
The new user should
using SQL Server authentica-
Click the Register Now link.
not be able to register
tion and leaves the User name
Complete all fields except
on the site and should
field blank (invalid input).
User name.
not be authenticated
Click Register.
automatically.
5
DTP 4
Medium (A)
User registers as a new user
Visit the test site.
The new user should
using SQL Server authentica-
Click the Register Now link.
not be able to register
tion and leaves the E-mail
Complete all fields except
on the site and should
address field blank (invalid
E-mail address.
not be authenticated
input).
Click Register.
automatically.
6
DTP 4
Medium (A)
User registers as a new user
Visit the test site.
The new user should
using SQL Server authentica-
Click the Register Now link.
not be able to register
tion and leaves the Password
Complete all fields except
on the site and should
field blank (invalid input).
Password.
not be authenticated
Click Register.
automatically.
7
DTP 4
Medium (A)
User registers as a new user
Visit the test site.
The new user should
using SQL Server authentica-
Click the Register Now link.
not be able to register
tion and leaves the Confirm
Complete all fields except
on the site and should
password field blank (invalid
Confirm password.
not be authenticated
input).
Click Register.
automatically.

No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
8
DTP 5
Medium (A)
User registers as a new user
Visit the test site.
The new user should
using SQL Server authentica-
Click the Register Now link.
not be able to register
tion and enters an existing
Enter an existing user name.
and an appropriate
user name.
Complete all other fields.
error message should
Click Register.
be displayed.
9
DTP 6
Medium (A)
User changes the password
Visit the test site.
The user should be
using SQL Server authentica-
Click the Click here! button.
able to change the
tion and valid input.
Enter a valid user name and
password. Log on with
password, and then click
the new password to
Logon.
verify that it works.
Click My Account, and then
click Change password.
Enter valid input.
Click Change password.
10
DTP 7
Medium (A)
User changes the password
Visit the test site.
The user should not be
using SQL Server authentica-
Click the Click here! button.
able to change the
tion and invalid input.
Enter a valid user name and
password. Log on with
password, and then click
the invalid password to
Logon.
verify that it does not
Click My Account, and then
work.
click Change password.
Enter invalid input.
Click Change password.
Appendix D:
11
DTP 8
High (A)
User logs in using SQL Server
Visit the test site.
The user should be able to
authentication and a valid user
Click the Click here! button.
log on and have access to
name and password.
Enter a valid user name
all the available features
and password, and then
in the site.
click Logon.
Sample Detailed T
12
DTP 9
Medium (A)
User logs in using SQL Server
Visit the test site.
The user should be
authentication and an invalid
Click the Click here! button.
denied access to the
user name and invalid
Enter an invalid user name
features of the site
password.
and invalid password, and
that require authenti-
then click Logon.
cation. The site should
display an appropriate
error message and
then prompt the user
est Cases
to log on again.
285

286
No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
Reference Architecture for Commerce
13
DTP 9
Medium (A)
User logs in using SQL Server
Visit the test site.
The user should be
authentication and a valid user
Click the Click here! button.
denied access to the
name and invalid password.
Enter a valid user name
features of the site
and invalid password, and
that require authenti-
then click Logon.
cation. The site should
display an appropriate
error message and
then prompt the user
to log on again.
14
DTP 9
Medium (A)
User logs in using SQL Server
Visit the test site.
The user should be
authentication and an invalid
Click the Click here! button.
denied access to the
user name and a valid
Enter an invalid user name
features of the site that
password.
and a valid password, and
require authentication.
then click Logon. 
The site should display
an appropriate error
message and then
prompt the user to log
on again.
15
DTP 10
Medium (A)
User is reminded of his or her
Visit the test site.
An e-mail message
password using SQL Server
Click the Click here! button.
containing the pass-
authentication and a valid user
Click Forgot Password.
word for the user’s
name.
Enter a valid user name,
account should be
and then click Submit.
sent to the user’s
registered e-mail
address.
16
DTP 11
Medium (A)
User is reminded of his or her
Visit the test site.
An appropriate error
password using SQL Server
Click the Click here! button.
message should be
authentication and an invalid
Click Forgot Password.
displayed.
user name.
Enter an invalid user name,
and then click Submit.

Access Privileges Test Case
No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
17
DTP 12
Medium (A)
Unauthenticated user registers
As an unauthenticated user,
The user should be able
at the site.
visit the test site.
to register.
Click the Register Now
button.
Enter valid information, and
then click Submit.
18
DTP 12
Medium (A)
Unauthenticated user attempts
As an unauthenticated user,
The user should be able
to browse catalogs.
visit the test site.
to view the product
Click any catalog name.
listing, product details,
Click any one category
and so forth.
under the catalog.
Repeat this for other
catalogs.
Click Get Details for one or
more products.
19
DTP 12
Medium (A)
Unauthenticated user attempts
As an unauthenticated user,
The user should be able
to search catalogs.
visit the site.
to view the search
Enter search criteria.
result.
Click Go.
20
DTP 12
Medium (M)
Unauthenticated user accesses
As an unauthenticated
The user should be able
order basket functions (Add,
user, visit the site.
to add, remove, and
Appendix D:
Remove, Remove all, and
Click Shopping cart.
remove all items.
Update cart).
Add one or more products
to the order basket.
Remove a product from the
order basket.
Sample Detailed T
Remove all products from
the order basket.
21
DTP 12
Medium (A)
Unauthenticated user attempts
As an unauthenticated
The user should not be
to access a shopping list.
user, visit the site.
allowed to access the
Click My Account.
shopping list, and
should be prompted to
log on.
est Cases
22
DTP 13
High (A)
Authenticated user logs on.
Visit the test site.
The user should be able
Click the Click here! button.
to log on and have
Enter a valid user name and
access to all available
password, and then click
features on the site.
287
the Logon button.

288
No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
Reference Architecture for Commerce
23
DTP 13
High (A)
Authenticated user browses
Visit the test site.
The user should be able
through catalogs.
Click the Click here! button.
to view the product
Enter a valid user name and
listing, product details,
password, and then click
and so on.
Logon.
Click any catalog name.
Click any category under
the catalog.
Repeat this for other
catalogs.
Click Get Details for one
or more products.
24
DTP 13
High (A)
Authenticated user searches
Visit the test site.
The user should be able
through catalogs.
Click the Click here! button.
to view the search
Enter valid input, and then
results.
click the Logon button.
Enter search criteria.
Click Go.
25
DTP 13
High (M)
Authenticated user accesses
Visit the test site.
The user should be able
the order basket (Add, Remove,
Click the Click here! button.
to add, remove some,
Remove all, and Update cart).
Enter a valid user name and
and remove all items.
password, and then click the
Logon button.
Add one or more products
to the order basket.
Remove products from the
order basket.
Remove all products from
the order basket.
26
DTP 13
High (M)
Authenticated user accesses
Visit the test site.
The user should be able
the shopping list.
Click the Click here! button.
to access and manage
Enter a valid user name and
the shopping list.
password, and then click
the Logon button.
Add one or more products
to the shopping list.
Remove a product from
shopping list.
Remove all products from
shopping list.
Delete and update the
shopping list.

No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
27
DTP 13
High (A)
Authenticated user accesses
Visit the test site.
The user should be able
his or her user profile.
Click the Click here! button.
to add or edit the user
Enter a valid user name and
profile.
password, and then click
the Logon button.
Click My Account.
Click Change Account, and
add or edit the user profile.
28
DTP 13
High (A)
Authenticated user accesses
Visit the test site
The user should be able
and modifies billing information.
Click the Click here! button.
to add and edit the
Enter a valid user name and
billing information.
password, and then click
the Logon button.
Click My Account.
Click Billing Address, and
add or edit a billing address.
29
DTP 13
Medium (M)
Authenticated user completes
Visit the test site.
The user should be able
a purchase.
Click the Click here! button.
to add items to the
Enter a valid user name and
shopping cart and
password, and then click
perform the checkout
the Logon button.
process.
Browse through the catalog,
and add one or more
products to the shopping
Appendix D:
cart.
Complete the checkout
process.
30
DTP 14
High (A)
Authenticated user closes the
Visit the test site.
The user should not be
browser window and then
Click the Click here! button.
able to access the
Sample Detailed T
attempts to access user
Enter a valid user name and
details when he or she
account detail.
password, and then click
clicks My Account.
the Logon button.
Close the browser window.
Again, visit the test site.
Click My Account.
31
DTP 15
High (A)
User adds items to the shop-
Visit the test site.
The authenticated user
est Cases
ping cart and then logs on
Add items to the shopping
should be able to view
using SQL Server authentication.
cart.
the shopping cart items
Click the Click here! button.
that he or she added
Enter a valid user name and
during the previous
289
password, and then click
unauthenticated session.
the Logon button.

290
No.
DTP Ref.
Priority &
Condition to be Tested
Execution Details
Expected Result
Actual Result
Test OK?
Test Type
Reference Architecture for Commerce
32
DTP 15
High (A)
User adds items to the shop-
Visit the test site.
The authenticated user
ping cart and then logs on
Add items to the shopping
should be able to view
using Passport authentication.
cart.
the shopping cart items
Click the Passport Sign in
that he or she added in
button.
the previous unauthenti-
cated session.
33
DTP 16
High (A)
User adds items to the shop-
Visit the test site.
The unauthenticated
ping cart as an authenticated
Click the Click here! button.
user should not be able
user and then closes the
Enter a valid user name and
to view the shopping
browser, and then accesses
password, and then click
cart items that he or
the site again.
Logon.
she added during the
Click Catalog, and then
previous authenticated
add items to the shopping
session.
cart.
Close the browser.
Visit the test site again.
Click Shopping Cart.
34
DTP 17
Medium (A)
User selects banner
Visit test site.
The user should be able
advertisement.
Click the Banner
to select the banner ad-
Advertisement.
vertisement by clicking
Banner Advertisement,
and should be able to
reach the appropriate
advertisement page.

Index
A
B
C
abstraction, MSF Application
banner advertisements, 36
caches, types, 115
Model, 40
Basket.pasp page, 152, 154
caching, 115
accessibility, 38, 68
baskets
catalog names, 116
account information, changing, 51
adding products to, 35, 152
categories, 117
Acct.pasp page, 121
changing quantities, 47
product information, 117
Active Server Pages (ASP). See ASP
converting contents to XML, 158
search results, 119
added functionality, 4
customer usage, 46
shipping methods, 118
adding
deleting products, 47
candidate technologies, 68
new address, 51
managing, 35
commerce platform, 71
products to Save for Later
objects, 102
data services, 70
basket, 46
types, 35
Internet services, 69
products to Shopping Cart, 46
updating, 47
operating systems, 69
products to shopping list, 48
using, 35
presentation services, 69
address book, 38
viewing, 154
Catalog Editor, 20
address information, changing, 51
behaviors of objects, 57
catalog objects, 100
Advertising pipeline, 161
browser independence, 82
Catalog Sets, 101
anonymous shopping, 30
browsing
catalog-related pages, used by
Application Installer Program,
anonymous, 34
ConsolidatedRetail.com
starting, 14
as functional requirement, 33
m, 96, 97
application processing time, 199
catalogs, 45, 135
catalogs
application services. See business
Business Desk
access, 133
services
and DHTML, 77
adding, 151
ASP
configuring, to work with XSL
authentication for access to, 133
as Reference Architecture
ISAPI filter, 15
browsing, 45, 135
component, 4
Folder, creating and
creating, 100
files implemented as PASP
configuring, 12
multiple, support for, 100
files, 93
using to create relationships in a
product variants, 140
on Microsoft platforms, 87
catalog, 140
searching, 148
using VBScript to create, 85
business objects, identifying, 55
structuring, 100
with XSL ISAPI filter, 87
business requirements, 32, 80
viewing products, 140
attributes, identifying, 58
browser independence, 82
Category.pasp page, 139
authentication. See security
documenting, 39
changing
impersonation/delegation
globalization, 78
addresses and passwords, 51
model, 65
meeting, 78
quantities in baskets, 47
in Passport, 77, 126
performance, 79
checking out, 36, 49
trusted server model, 66
production environment
client encryption. See security
authorization. See security
requirements, 38
commerce platform. See candidate
availability, 38, 64
system requirements, 38
technologies
business services, MSF Application
Model, 39

292 Index
Commerce Server 2000, 3, 76
creating
DHTML, and Business Desk, 77
and objects, 86
Business Desk Folder, 12
Discounts pipeline, 163
caching, 115
Catalog Sets, 101
distributed environment
catalog objects, 100
catalogs, 100
installing, 23
components, 88
new Web site, to host
testing in, 22
pipeline components, 103
application, 13
distribution, MSF Application
pipelines, 103
new Web site, to host Commerce
Model, 40
Predictor resource, 102
Server 2000 Business Desk, 14
shopping basket objects, 102
stress scripts, 204
E
support for multiple
Web Site Folder, 12
e-commerce sites
catalogs, 100
custom components, 55
performance requirements, 28
user management objects, 101
customer profiles, 120
user expectations of, 27
utility and configuration
ease of navigation, 32
objects, 98
D
ease of use, 28, 33
Commerce Server objects, 98
data field validation, 265
EditAddressBook.pasp page, 174
commerce site, 16
AddtoList.pasp, 271
Electronic Commerce Modeling
components
Basket.pasp, 271
Language (ECML), 265
business, custom, 104
Category.pasp, 271
encryption. See security
in pipelines, 103
ChangePasswd.pasp, 270
existing technologies
pipeline, configuring, 19
EditAddressBook.pasp, 269
factors, 71
Queued E-mail, configuring, 19
EditCreditCard.pasp, 270
Passport authentication, 77
QueuedEMailer.Cmailer, 182
fields that require validation, 265
using Commerce Server 2000, 76
conceptual phase, MSF Application
ForgotPasswd.pasp, 270
using Microsoft Internet
Design Process, 40
implementation, 267
Information Services (IIS), 75
configuring
ListBase.pasp, 271
using SQL Server 2000, 76
Business Desk Folder, 12
ListSearch.pasp, 271
using Windows 2000 Server, 72
pipeline components, 19
Login.pasp, 268
using XSL ISAPI, 75
Queued E-mail component, 19
Product.pasp, 271
Extensible Stylesheet Language
shipping information, 22
Registration.pasp, 268
(XSL). See XSL
tax rates, 22
Search Text Box, 272
Web Site Folder, 12
StepSearch.pasp, 271, 272
F
XSL ISAPI filter, 15
UserProfile.pasp, 268
ConsolidatedRetail.com
functional requirements
Data Field Validation Table, 266
and XML, 86
address book, 38
data services. See candidate
catalog-related pages, 96
anonymous browsing, 34
technologies
description of, 3
banner advertisements, 36
data services, MSF Application
include files, 95
browsing, 33
Model, 39
initialization scripts, 95
checking out, 36
debugging
order management pages, 97
ease of navigation, 32
custom sites, 192
pipelines, 103
ease of use, 33
using Visual InterDev, 185
presentation services, 105
logon/authentication, 33
XML output from PASP
profile management scripts, 97
multiple catalogs, 34
scripts, 186
user authentication scripts, 97
order cancellation, 38
deleting, products from baskets, 47
XSL output from PASP files, 106
order status notification, 37
Developer’s Guide
XSL style sheets, 108
order summary, 38
document conventions, 8
cookies, 120
product pages, 34
Document Roadmap, 6
in Passport, 127
product search results, 34
project roles, 5
copying products between
product searches, 34
purpose, 5
baskets, 49

Index
293
products and categories, 34
interface, consistency of, 28
N
shipping calculation, 37
internalization. See globalization
network latency, 199
shipping choices, 37
Internet Services Application
new Web site
site access, 33
Programming Interface
creating, to host application, 13
tax calculation, 37
(ISAPI), 69
creating, to host Commerce
types of baskets, 35
Server 2000 Business Desk, 14
user profiles, 33
L
user registration, 33
Listed As value, 174
O
user registration management, 33
Lists pipeline, 158
objects
functional testing, 39
logical design process, 55
functions
attributes of, 58
logical phase, MSF Application
Logon, 124
behaviors of, 57
Design Process, 41
identifying, 56
PutUserObject, 122
Login.pasp page, 123
relationships, 58
Logon function, 124
G
order cancellation, 38
logon functions, 44
order processing, 166
globalization, 38, 62, 78
logon/authentication, 33
completing orders, 181
globally unique identifier
confirming orders, 176
(GUID), 122
M
obtaining user’s e-mail
manageability, 32, 38, 65, 80
address, 179
H
management infrastructure, 77
sending confirming e-mail, 182
hardware requirements, 9
management interface, 32
shipping address, specifying, 166
methodology, testing, 196
specifying multiple shipping
I
methods. See behaviors
methods, 171
specifying payment
identifying
Microsoft .NET Enterprise
Servers, 3
information, 173
attributes, 58
specifying shipping method, 169
behaviors, 57
Microsoft Internet Information
order status notification, 37
objects, 56
Services (IIS), using, 75
Microsoft Passport. See Passport
order summary, 38
relationships, 58
OrderSummary.pasp page, 176
importing
Microsoft Reference Architecture
Predictor Modeling Data, 18
for Commerce. See Reference
Architecture
sample XML catalog files, 20
P
include files, used by
Microsoft Solutions Framework
PAGBasket pipeline, 155
ConsolidatedRetail.com, 95
(MSF), 39
PAGFinal pipeline, 181
Microsoft Windows 2000 Server
Index.pasp page, 110
PAGTotal pipeline, 176
infrastructure architecture,
operating system, 3
Pairwise Unique ID (PUID), 126
minimum for production
Microsoft® Commerce Server 2000.
PASP
See Commerce Server 2000
environment, 23
and ASP files, 93
inheritance. See relationships
MSF Application Design Process, 40
and XSL ISAPI filter, 70
initialization scripts, used by
MSF Application Model, 39
implementing files, 93
multiple catalogs, 34
ConsolidatedRetail.com, 95
sample XML output from, 211
installing
multiple device types, support
XSL output from, 106
distributed environment, 23
for, 31
Passport, 77
MultiShipping.pasp page, 171
prerequisite software. See
authentication, 126
catalog-related pages, used by
Pairwise Unique ID (PUID), 126
ConsolidatedRetail.com
support for in Reference
Reference Architecture
Architecture, 126
Application, 12
passwords, 44, 51
XSL ISAPI filter, 15

294 Index
Payment.pasp page, 173, 174
Product.pasp page, 140
SearchResults.pasp page, 148
performance, 38, 62, 79
production environment
Secure Sockets Layer (SSL). See SSL
performance requirements, 29
requirements, 38
security, 31, 38, 65, 80
performance testing, 39, 199
profile management scripts, used
authorization, 66, 81
analyzing results, 207
by ConsolidatedRetail.com
client encryption, 67
creating stress scripts, 204
il.com, 97
displaying credit card
executing performance/stress
project roles, 5
information, 179
tests, 206
properties. See attributes
encryption, 66, 81
methodology, 201
purchasing. See checking out
server encryption, 67
preparing analysis, 201
PutUserObject function, 122
SSL, 31
response time, 199
transport encryption, 67
throughput, 200
Q
server certificates, 67
tools and utilities, 200
QueuedEMailer.Cmailer, 182
server encryption. See security
physical design process, 61
services. See behaviors
analysis and rationalization, 71
R
shipping address, specifying, 166
implementation, 82
shipping calculation, 37
research, 61
RecordEvent pipeline, 160
shipping choices, 37
physical phase, MSF Application
Reference Architecture
shipping methods, specifying,
Design Process, 41
components, 4
169, 171
physical solution requirements, 62
debugging custom sites, 192
Shipping.pasp page, 166
pipeline components, 76
description, 3
ShippingMethod.pasp page, 169
pipelines
purpose, 3
Shopping Cart, 35
Advertising, 161
support, 8
adding products, 46
and Commerce Server 2000, 103
support for Passport, 126
display options, 46
components, 103
Reference Architecture Application
viewing, 154
custom components, 103
client-side scripting, 88
shopping list, 35
discounts, 163
data field validation, 265
adding products, 48
in ConsolidatedRetail.com, 103
downloading, 12
converting, 48
Lists, 158
functional requirements, 32
copying products to other
PAGBasket, 155
installing, 12
baskets, 49
PAGFinal, 181
stored procedures, 88
customer creating, 47
PAGTotal, 176
testing, in a distributed
display options, 46
RecordEvent, 160
environment, 22
management operations, 48
pre-processed Active Server Pages
Registration.pasp page, 121
private, 36
(PASP). See PASP
relationships
public, 36
Predictor Modeling Data,
creating in a product catalog, 140
public or private, 48
importing, 18
identifying, 58
shopping from, 48
Predictor resource, 102
inheritance, 59
site access, 33
prerequisite software. See catalog-
response time, 29, 63
software requirements, 10
related pages, used by
response time, testing, 199
installing prerequisite
ConsolidatedRetail.com
reuse, MSF Application Model, 40
software, 10
presentation services. See candidate
SQL Server 2000, 3
technologies
S
using, 76
presentation services, MSF
Save for Later basket, 35, 46
SQL Server, exploring, 86
Application Model, 39
viewing, 154
SSL, 31
product pages, 34
scalability, 29, 38, 63, 64, 80
staging, 39
navigating, 147
searches, customer initiated, 44
stress scripts, creating, 204
product searches, 34
searching, catalogs, 148

Index
295
style sheets
performance, creating stress
security, 31
Category-IE5.xsl, 142
scripts, 204
user profiles, 30
Product-ie5.xsl, 142
performance, methodology, 201
user names, 44
Registration-IE5.xsl, 121
performance, preparing
user profiles, 30, 33, 128
SearchResults-IE5.xsl, 150
analysis, 201
user registration, 33, 121
StepSearch-IE5.xsl, 151
performance, tools and
UserProfile.pasp page, 128
templates, 109
utilities, 200
XSL, 105, 108
response time, 199
V
support for multiple device
sample detailed plan, 273
Visual C++, knowledge of, 86
types, 31
test areas, 193
system requirements, 38
test scenarios, 275
W
Microsoft Internet Information
test stages, 196
Services (IIS), using, 38
test types, 194
Web farms, 29
throughput, 200
Web Site Folder, creating and
T
throughput, testing, 200
configuring, 12
Windows 2000 server, using, 72
tax calculation, 37
total system throughput, 63
transport encryption. See security
templates, in style sheets, 109
X
test cases, 281
access privileges, 285
U
XML
legend, 281
Unified Modeling Language
configuration file, 93
registration authentication, 282
(UML), 56
debugging, 186
test reports, 39
usability testing, 38
familiarity with, 86
test scenarios, 275
usage scenarios, 43
helper procedures, 107
access privileges, 279
checking out, 49
output, examples, 93
banner advertisement, 280
customer browsing, 45
output from commerce
changing a password, 277
customer logon, 44
components, 87
logon using Passport, 275
customer searches, 44
output from PASP scripts, 87
logon using SQL Server, 277, 278
evaluating, 57
sample output from PASP
registration and authentication
identifying objects, 56
files, 211
tests, 275
payment information, 51
using with XSL, 69
registration using duplicate user
requirements, 55
xml-stylesheet, 94
name, 276
shopping baskets, 46
XSL
registration using Passport, 275
use cases, 43
as Reference Architecture
registration using SQL
user authentication, 123
Component, 4
Server, 276
user authentication scripts, used by
ISAPI documentation, 70
requesting password
ConsolidatedRetail.com
style sheets, 105
reminders, 278
ail.com, 97
style sheets, in
testing
user data. See customer profiles
ConsolidatedRetail.com, 108
assumptions and
user expectations, 27
understanding of, 86
requirements, 273
acceptable response time, 29
XSL ISAPI filter
developing strategies, 193
anonymous shopping, 30
and PASP files, 93
executing performance/stress
consistency of interface, 28
and server config files, 94
tests, 206
ease of use, 28
configuring, to work with
functional testing, 196
manageability, 32
Business Desk, 15
in a distributed environment, 22
multiple device types, support
fulfilling presentation services
methodology, 196
for, 31
roles, 69
performance, 199
of e-commerce sites, 27
installing and configuring, 15
performance, analyzing
scalability, 29
transformations using, 87
results, 207
using as existing technology, 75

Document Outline

  • Cover
  • Copyright Page
  • Contents
  • Part 1: Getting Started
    • Chapter 1: Introduction to the Reference Architecture
      • What Is the Reference Architecture?
        • What's New in this Version?
      • What Is the Developer's Guide?
        • Who Should Read this Guide?
        • Document Roadmap
        • Document Conventions
      • Support for the Reference Architecture
    • Chapter 2: Installing the Software
      • Before You Begin
        • Hardware Requirements
        • Software Requirements
      • Installing the Prerequisite Software
        • Install Microsoft Windows 2000 Server and MSMQ
        • Install Commerce Server 2000
        • Install Microsoft XML Parser 3.0 SP 1
        • Install the Developer Tools (Optional)
        • After You Install the Prerequisite Software
      • Installing the Reference Architecture Application
        • Download the Reference Architecture Application
        • Create and Configure the Business Desk Folder
        • Create and Configure the Web Site Folder
        • Create a New Web Site to Host the Application
        • Create a New Web Site to Host the Commerce Server 2000 Business Desk
        • Start the Application Installer Program
        • Install and Configure the XSL ISAPI Filter
        • Unpack the Commerce Site
        • Import the Predictor Modeling Data
        • Configure the Business Desk Web Site
        • Configure the Pipeline Components
        • Configure the Queued E-mail Component
        • Create the Business Desk Console for the Application
      • Configuring the Commerce Site
        • Import, Modify, or Delete Catalogs
        • Configure Tax Rates and Shipping Information
        • Test the Site
      • Distributed Deployment Considerations
        • Testing the Application in a Distributed Environment
      • Production Environment Considerations
  • Part 2: System Architecture
    • Chapter 3: Business Requirements and Design Model
      • Requirements That Affect Design
        • Ease of Use
        • Performance Requirements
        • Anonymous Shopping
        • User Profiling
        • Strong Security
        • Support for Multiple Device Types
        • Manageability
      • Reference Architecture Application Business Requirements
        • Functional Requirements
        • System Requirements
        • Production Environment Requirements
        • Documenting the Business Requirements
      • The MSF Application Model
        • Why Use the MSF Application Model?
        • MSF Application Design Process
      • Conclusion
    • Chapter 4: Conceptual Design Phase
      • Reference Architecture Usage Scenarios
        • Usage Scenario 1: A Customer Logs On to the Site
        • Usage Scenario 2: A Customer Searches for Products
        • Usage Scenario 3: A Customer Browses for Products
        • Usage Scenario 4: A Customer Uses a Shopping Basket
        • Usage Scenario 5: A Customer Creates a Shopping List
        • Usage Scenario 6: A Customer Shops from a Shopping List
        • Usage Scenario 7: A Customer Completes a Purchase
        • Usage Scenario 8: A Customer Provides Shipping and Payment Information
      • Conclusion
    • Chapter 5: Logical Design Phase
      • Creating the Logical Design
        • Unified Modeling Language
        • Identifying Objects
        • Identifying Behaviors
        • Identifying Attributes
        • Identifying Relationships
      • Completed Logical Design
      • Conclusion
    • Chapter 6: Physical Design Phase
      • The Research Effort
        • Identifying Physical Solution Requirements
        • Identifying Existing Candidate Technologies
      • Analysis and Rationalization
        • Using Existing Technology
        • Meeting the Business Requirements
      • Implementation
        • Identifying the Components
        • Creating the Specification
      • Conclusion
  • Part 3: Solution Implementation
    • Chapter 7: Implementation Overview
      • Implementation Features
      • Recommended Background Knowledge
      • Technology Overview
        • XML in the ConsolidatedRetail com Solution
        • ASP Use
        • Commerce Server Components
        • Stored Procedures in the Data Tier
        • Client- Side Scripting for Input Checking
      • Conclusion
    • Chapter 8: Solution Roadmap
      • PASP Files and the XSL ISAPI Filter
        • A Simple Example
      • Web Site Files
        • Initialization Pages and Include Files
        • Catalog Browsing Pages
        • User Authentication and Profile Management Pages
        • Order Management Pages
      • Commerce Server Objects
        • Utility and Configuration Objects
        • Catalog Objects
        • User Management Objects
        • Shopping Basket Objects
      • The Predictor Resource
      • Pipelines
        • Pipeline Components
      • Custom Business Components
      • Conclusion
    • Chapter 9: ConsolidatedRetail com Functionality
      • Presentation Services
        • XML Output from the PASP Files in ConsolidatedRetail com
        • XML Helper Procedures
        • XSL Style Sheets in the ConsolidatedRetail com Site
        • Rendering Index pasp
        • Caching Commonly Used Information
      • User Authentication and Profiling
        • Registering a User
        • Authenticating a User
        • Using Passport Authentication
        • Retrieving and Updating Profile Information
      • Product Catalogs
        • Catalog Access
        • Browsing the Catalogs
        • Searching the Catalogs
        • Adding a New Catalog
      • Shopping Basket Management
        • Adding Products to the Shopping Basket
        • Viewing the Shopping Cart or Save for Later Basket
      • Order Processing
        • Specifying a Shipping Address
        • Specifying a Shipping Method
        • Specifying Multiple Shipping Addresses and Methods
        • Specifying Payment Information
        • Confirming the Order Details
        • Completing the Order Process
      • Conclusion
    • Chapter 10: Debugging and Testing
      • Debugging the Site
        • Debugging XML Output from PASP Scripts
      • Debugging a Custom Site Built on the Reference Architecture
      • Developing a Test Strategy
        • Possible Test Areas
        • Possible Test Types
      • Functional Testing
        • Testing Methodology
      • Performance Testing
        • Response Time
        • Throughput
        • Performance Testing Tools and Utilities
        • Performance Testing Methodology
      • Conclusion
  • Part 4: Appendices
    • Appendix A: XML Output from ConsolidatedRetail.com
      • Acct. pasp
      • AddressBook. pasp
      • AddtoList. pasp
      • AddtoListResp. pasp
      • Basket. pasp
      • Category. pasp
      • ChangePasswd. pasp
      • CreditCards. pasp
      • DeleteAddressBook. pasp
      • EditAddressBook. pasp
      • EditCreditCard. pasp
      • ForgotPasswd. pasp
      • Index. pasp
      • ListBase. pasp
      • ListSearch. pasp
      • Login. pasp
      • MultiShipping. pasp
      • OrderHistory. pasp
      • OrderHistoryDetail. pasp
      • OrderSummary. pasp
      • Payment. pasp
      • Product. pasp
      • Registration. pasp
      • SearchResults. pasp
      • Shipping. pasp
      • ShippingMethod. pasp
      • StepSearch. pasp
      • ThankYou. pasp
      • UserProfile. pasp
    • Appendix B: Data Field Validation
      • Data Fields That Require Validation
      • How Validation Is Performed
        • ListSearch.pasp
        • StepSearch.pasp
        • Search Text Box
    • Appendix C: Sample Detailed Test Plan
      • Assumptions and Requirements
      • Test Scenarios
        • Registration and Authentication Tests
        • Access Privileges
        • Banner Advertisement
    • Appendix D: Sample Detailed Test Cases
  • Index
    • A
    • B
    • C
    • D
    • E
    • F
    • G
    • H
    • I
    • L
    • M
    • N
    • O
    • P
    • Q
    • R
    • S
    • T
    • U
    • V
    • W
    • X


 

А также другие работы, которые могут Вас заинтересовать

60855. Осенний бал 42.5 KB
  Я буду читать сценарий называть персонажей у кого в открытке указана эта роль пожалуйте на сцену Итак: камера мотор начали Буффонада: Снимается кино Читает вызывая по одному участников постановки и заставляя их входить в образ...
60856. Эпоха Екатерины II 65.5 KB
  ЦЕЛЬ: охарактеризовать внутреннее и внешнее развитие Российской империи в период правления Екатерины II рассмотреть причины ход и последствия восстания Пугачёва; развивать умение работать с учебником историческими документами...
60861. Построение трехмерной сцены 94.5 KB
  Более светлые и тонкие линии сетки называются главными mjor lines а самые светлые и тонкие – вспомогательными minor lines как показано на рис. По умолчанию главной является каждая десятая линия сетки. Под шагом линий сетки понимается расстояние между вспомогательными линиями вы раженное в текущих единицах измерения. По умолчанию шаг сетки равен 10 системным единицам то есть 10 дюймам.
60862. Використання технології програми „Intel Навчання для майбутнього” для створення сучасних навчальних інформаційних ресурсів на уроках технології 995 KB
  Змінюються цілі і завдання що постали перед сучасною освітою в інформаційному суспільстві особистісноорієнтована система навчання поступово приходить на зміну традиційній. Традиційні методи навчання замінюються інноваційними що передбачають зміну акцентів в навчальній діяльності спрямованій на інтелектуальний розвиток учнів за рахунок зменшення долі репродуктивної діяльності використання завдань для перевірки різних видів діяльності учнів збільшення завдань для пояснення навколишнього світу тощо. Програма IntelНавчання для...
60863. ГОТУЄМОСЬ ДО ДПА 50.5 KB
  Атестаційні контрольні роботи з української мови містять сім завдань серед яких: три тестових завдання закритого типу що передбачають вибір однієї правильної відповіді з трьох запропонованих варіантів...