Login    Password        Sign Up   Forgot Password
Sunday, June 16, 2024


Site Search


Site Server 3 
Visual C 
Desktop Appl. 
Distributed Appl. 
Outlook 2000 
FrontPage 98 
VB6 Distributed 
Visual Interdev 6 
Win. Architecture 



MCSE Cert.
Cisco Cert. 
The Work 
Areas of Work 
Career Prospects 


Govt. Exams

Designing and Implementing Commerce Solutions with Microsoft Site Server 3.0 Commerce Edition


Establishing the Development Environment

Install and configure Microsoft Visual SourceSafe

Visual SourceSafe is a source code control system that comes with Visual Studio Enterprise Edition. (See also VSS Start Page)

VSS Client is installed on every developer’s machine, allowing access to the centralized source code database installed and administered with VSS Server.

NetSetup is the best way to install VSS over a network. It installs only the VSS Client, not VSS Server.

It is stored on the same directory on the server, where VSS Server is installed, and can be accessed over the network. No CD is necessary.

With NetSetup users can install VSS Client without the help of an Administrator.

After the installation of VSS Server, administrators have to configure it with VSS Administrator.

If the VSS Server directory is shared, it’s better to set the right read-write permissions to users.

If project security is enabled, a user can have four levels of access

  • read-only

  • check out/check in

  • add/rename/delete

  • destroy

If security is not enabled there are only read-only and read-write permissions. VSS Administrator is used to set access rights.

VSS Client allows you to store and retrieve files and to ensure that only one person at a time can modify a file. Normally only one person can checkout a file at a time, but this can be changed.

Files can be shared among multiple projects. Changes made to a file are seen by all the projects. With branching, a file can go in two directions. Under the Paths tab it’s possible to see the history of a branched file.

Get Last Version is the command used to retrieve the last version of a file. Also an older version can be retrieved from History of File/Project.

A file with Get Last Version can be retrieved only if it doesn’t exist, or is in read-only state. If the file is not in read-only mode, VSS assumes that the file is checked out and doesn’t replace it.

Label is the command used to mark all the files in the project. It’s useful to mark all the files before a major release so that if the release needs to be restored, files can be immediately found.


Install and configure Microsoft Site Server 3.0, Commerce Edition

Hardware Requirements

  • 100MHz or higher (166MHz recommended) Pentium or Alpha Processor

  • 64MB RAM (128MB recommended)

  • Minimum 128MB of virtual memory

  • 1GB free disk space (2GB recommended)

  • Super VGA 1024x768 resolution

  • CD-ROM, Network card, Mouse


Software Requirements

  • Windows NT 4.0 SP3 or higher (SP3 is installed with the Option Pack)

  • Windows NT 4.0 Option Pack

  • SQL Server 7.0 or SQL Server 6.5 SP4 (need an updated executable found in SS3 CD) or Oracle (examples need some modifications to work with Oracle 7).

  • Internet Explorer 4.01 SP2 or later (Netscape is a supported platform for site usage, but Explorer is needed for site creation and administration)

  • Site Server 3.0 (Site Server is needed before installing Commerce Server)

  • One or more NTFS Partitions, because Site Server needs NTFS security

  • FrontPage 98 and Visual Interdev 6.0 are included in Site Server Commerce Edition, but are not required.


Installation steps

  • Install the Database Server

  • Prepare two databases used for the examples (SSCommerce and SSAdServer)

  • Prepare two ODBC System DSNs for the two databases

  • Install Site Server 3.0

  • Install Site Server 3.0 Commerce Edition

  • Install Site Server Service Pack

Refer to Site Server Resource Kit for other information.


Creating User Services

Create dynamic Web pages by using ASP

ASP pages are loaded by ASP.DLL and the scripts are executed with the appropriate language (commonly Jscript or VBScript).

ASP (3.0) has six intrinsic objects:




It’s created when the ASP DLL is loaded in response to the first request for an ASP page.


It’s present only in ASP 3.0. To obtain an ASPError the GetLastError method of the Server object is used.


It provides all the information that the client sends to the server.


It’s used to send the contents to the client.


It gives a series of methods and properties useful in scripting languages.


It’s created for each visitor at the first request of an ASP page.


Process user input from a form or a dialog box by loading data into an object

Request object can be used to get user input or other information like cookies, client certificates or server variables.

  • POST request are handled with Request.Form(“name”)

  • GET request are handled with Request.QueryString(“name”)


Use the Microsoft Wallet control on the user interface

Microsoft Wallet is a client side ActiveX control that runs only in Internet Explorer.

There is a version for Netscape but it doesn’t run properly.

The Wizard-generated code uses Microsoft Wallet by default when the browser is Internet Explorer.

This causes a big problem under Windows 2000 because the IE 5.01 supplied with it does not contain the Microsoft Wallet control. This causes an empty place on the page. It’s always possible to click the “Click here if you have problems with the wallet”, but this isn’t a good solution. It’s not a good idea to use the Wallet, because it’s not supported anymore.

To use the Microsoft Wallet there is a Microsoft Wallet Webmaster Kit that contains binary files, documentation and samples.

There is also a Microsoft Wallet SDK that allows you to extend the support for different kind of cards or for other payment methods with the IcreditCardOtherCard interface.


Integrate a Commerce site with an existing Web site

You can integrate a commerce site with an existing one by looking at the default page of the site and checking the links given to the catalog, to the shopping cart, and so on.


Provide a personalized interface for users that is based on user profiles or group membership

Personalization and Memberships are the features of Site Server 3.0 used to present unique personalized content to specified users.

Personalization data can be stored on the client (with cookies) or on the server, in the Membership server.

There are two ways to send cookies with Site Server

  • Response.Cookies like every ASP applications

  • Using the IssueCookie method of the Verifusr object; e.g.,

Set VerUsr = Server.CreateObject(“Membership.Verifusr.1”)

VerUsr.IssueCookie “Name”, ...

‘ stores information on acookie


Response.Write “Welcome back “ & Request.Cookies(“Name”)

‘ is used to retrieve information stored on a cookie

Other informations could be found in Ten Tips for Optimizing Site Server 3.0 Commerce Edition Personalization and Membership


Use AUO to provide a personalized interface

AUO stands for Active User Object and can be used to retrieve or to set information about the current user in the P&M Directory Service.

If an AUO is instantiated in an ASP page and the current user is authenticated in the P&M Directory Service of Site Server 3.0, the AUO is bound to the user.

To use AUO the objects need to be created and used like in this example

Dim objAUO

objAUO = Server.CreateObject(“Membership.UserObjects”) = value ‘ to set a value


Response.Write “Welcome back “ & ‘ is an example of retrieving data from the AUO

For other examples refer to Web Workshop - Using the Membership Directory and Active User Object (AUO) for Session State Data


Use StandardSManager to provide a personalized interface

StandardSManager is the object that can be used to create, delete and retrieve ShopperIDs in run-time.




Initializes the object


Creates a new ID


Returns ID from a cookie


Stores an ID in a cookie


Instantiate and invoke a COM component. COM components include server objects, the Ad Server object, and pipeline components

To create a COM component the CreateObject method of the Server object is used.

For example, use the following to know the browser type a COM component can be used with

Set browser = Server.CreateObject(“MSWC.BrowserType”)

BrowserName = “Browser = “ & browser.browser



AD Server

AD Server permits you to display advertising on your Web site.

AD Server consists of the AdServer object, the AD Manager application and the AD Server database.

To work with AD Server the global.asa must contain code that

  • Creates an instance of AdServer and stores it in an Application Variable

  • Sets the connection string and other configuration options

  • Sets the name of the instance of the AdServer object

Here is sample code

Set AdSrv = Server.CreateObject(“Commerce.AdServer”)

Set Application(“Ad”) = AdSrv

pathCfg = Server.MapPath(“config/site.scf”)

‘ contains the DSN and other options

Set dictCfg = Server.CreateObject(“Commerce.Dictionary”)

Set fileCfg = Server.CreateObject(“Commerce.FileDocument”)

Call fileCfg.ReadDictionaryFromFile(pathCfg,”ASConfig”,dictCfg)

AdSrv.ConnectionString = dictCfg.MASConnectionString

AdSrv.Application = http//server/application

AdSrv.RedirectURL = http://server/application/adredir.asp

‘ set this if you want to enable the AD redirect feature

Use these two lines of code to show ads in a page

Set AdSrv = Application(“Ad”)



Pipeline Components

To instantiate an pipeline in ASP pages there are two ways

  • use the i_util.asp include file that includes two methods, UtilRunPipe() and UtilRunTxPipe()

  • directly invoke the Commerce.MtsPipeline or the Commerce.MtsTxPipeline component to load a pipeline and execute it

To instantiate a single pipeline component from an ASP page or from other COM compliant languages, the Micropipe component could be used.


Enable a Commerce site to send e-mail messages

Site Server has a utility called Direct Mailer that can be useful to send automated e-mail to user lists.

In the Membership Directory there is a container called ou=Distribution List that is used to store the alias of the list and all the users.

Right-clicking on the container allows you to create a new list.

Then you can use Direct Mailer from the Tools directory of Site Server to schedule or send automated e-mail.

Q200503 - How to Test Direct Mailer

To send an email from an ASP page you can use the CDONTS component. Creating a CDONTS.NewMail component, setting the “To”, “From”, “Cc” and “Body”, properties and calling the Send method will invoke the SMTP server of IIS to send the email.

Q186204 - HOWTO: Use CDONTS to Collect and Mail Information From a User


Create a Web page that is dynamically constructed from data in a database

To create a dynamic page, Response.Write can be used to send data to the browser.

The result of a query on a database can be stored in an ADO RecordSet and can be sent to the user.

To use ADO it’s better to include the file that contains all the constants:

<!-- #include -->

Here is an example that retrieves data from a DB and sends them to the browser:

‘ Create a Connection Object and open it

Dim cnCustomers

Set cnCustomers = Server.CreateObject(“ADODB.Connection”)

cnCustomers.Open “DSN= dsnName; UID= user; PWD=password;”

‘ Retrieve data

Dim rsCustomers

Set rsCustomers = Server.CreateObject(“ADODB.RecordSet”)

rsCustomers.Open “SELECT * FROM Customers”, cnCustomers, _

adOpenStatic, adLockReadOnly, adCmdText

‘ Show data

While Not rsCustomers.EOF

Response.Write(“Customer name:” & rsCustomers(“name”))




Add product-search capabilities to a Commerce site

Site Server 3.0 Commerce Edition can use Microsoft Search to add product-search capabilities to a commerce site.

The catalog of the db can be created with the Web Based Administration tool.

The search page can be found in http://localhost/siteserver/knowledge/search/database/search/catalog_name/search.htm where the administrator sets catalog_name. A link is needed on the page of the site to access the search page.

The search.htm page and the result.asp can be modified to provide personalized content.


Creating and Managing Components and Pipelines

Write a pipeline component that implements business rules or logic

A pipeline component can be written in any COM compliant language such as Visual Basic or Visual C++, but can also be written using a scripting language (such as VB Script or Jscript) by using the SCRIPTOR component.

When using the SCRIPTOR component these entry points are available (showed in the calling order)

  • MSCSOpen(config): could contain initialization code

  • MSCSExecute(config, dictionary, context, flags): is the core of the component, and should return 1 if there were no errors

  • MSCSClose(config): could contain clean-up code

Config specifies the parameters passed to the script in the form name=value, Dictionary contains the pipeline’s Dictionary (for example the OrderForm in an Order Processing Pipeline), Context contains the pipeline’s context and Flags is reserved.

To use a SCRIPTOR component, the administrator should add the SCRIPTOR to the pipeline, and set the name of the file that has to be executed. If the script is little, it could be edited directly into the user interface of the SCRIPTOR setting the file to internal. Refer to Web Workshop - Scriptor Component 101: Executing Scripts in a Pipeline Environment.

A compiled component must be an ActiveX control that implements the IPipeLineComponent interface.

This interface has two required methods that must be implemented (showed with VB syntax)

  • Private Sub IPipeLineComponent_EnableDesign(ByVal fEnable As long)

  • Private Function IPipeLineComponent_Execute(ByVal pdispOrder As Object, ByVal pdispContext As Object, ByVal lFlags as Long)

The EnableDesign Sub is not really needed, because it is called only by the administrative tools, and not in a pipeline. But it is still required (it can be empty).

The Execute Function is the core of the component.

A good component must also support a property page, where the administrator can set application level properties inside the administration tools. The property page is the standard property page of an ActiveX control.

A component must be registered in the Registry to allow the pipeline editor to use it.

Two entries must be set

  • HKEY_CLASSES_ROOT\CLSID\component_clsid\Implemented Categories\pipeline_catid

  • HKEY_CLASSES_ROOT\CLSID\component_clsid\Implemented Categories\stage_catid

Where component_clsid is the class id of the component. pipeline_catid is the pipeline category id (it could be always {CF7536D0-43C5-11D0-B85D-00C04FD7A0FA}) that allows the component to show up in the all components list. stage_catid is the stage id and can be found in the properties of the stage in the pipeline editor.

Refer to Implementing Pipeline Interfaces in Microsoft Site Server 3.0: Converting Existing COM Components.


Add error handling to pipeline components

Each component must return one of three values

  • 1 = Success – there were no errors

  • 2 = Warning – there were errors but were handled

  • 3 = Failure – there were errors that were non handled

The whole pipeline will return the maximum error code.

If one component returns 3 (Failure) and other components return 1 (Success) the whole pipeline will return 3.

Trap errors only if you are sure that the component can handle it properly. If the component can’t handle the error it’s better to return 3 (Failure), so that the error will be trapped and shown by the pipeline.


Log errors into the System event log

When there is an error Site Server adds an item to the NT event log.

To write in the NT event log there is also the LogEvent method of the WScript object.

WSH Log Event


Debug a pipeline component

There are various ways to debug a pipeline component

  • Set up the Visual Studio debugger

To set up the debugging process please refer to Q247188 - How to Set Up a Visual InterDev 6.0 Project for Debugging a Commerce Server Store

  • Use the DumpOrder.vbs SCRIPTOR component

DumpOrder is a script file that generates a text file that contains the OrderForm object at that stage of the pipeline. To use DumpOrder, the component must be inserted with the SCRIPTOR, and must be configured with the name of the file to be written. The I_USRservername user must have write access to that file. Do not turn on DumpOrder on a production site. This component allows only one user a time, and creates some security problems, because the log will contains sensitive information.

  • Use the Pipeline log file

Instructions needed to enable the Pipeline log file are already present in the i_util.asp file (in the methods UtilRunPipe() and UtilRunPipeTx()) used to launch a pipeline. The instructions are commented and are:

Call pipeline.SetLogFile(Request.ServerVariables(“APPL_LOCAL_PATH”) & “config\txtpipeline.log”)

To enable logging the comments must be deleted and the write access must be granted to the I_USRservername to the “config” directory of the site (but you could change the destination’s path).

    • Use the Application Event log of the operating system


      Create a pipeline component that supports various threading models

      Single-Threaded Apartment

      COM calls are done by sending messages to the window’s message queue. This technique allows synchronizing concurrent calls to be serial. Legacy code often ignores threading, and by default uses a single STA. (See also Single-threaded apartments)


      Multithreaded Apartment

      COM calls are sent directly to the object. The object has to deal with synchronization, because multiple calls can arrive from multiple threads. (See also Multi-threaded apartments)

      Multithreaded Apartment COM components can’t be created in Visual Basic, only in Visual C++.


      Add and remove components in a standard pipeline. Create a new pipeline

      The pipeline is a container for the pipeline components. The pipeline components are specified by a pipeline configuration, which is stored in the pipeline configuration (.pcf) file and configured using the Pipeline Editor.

      To work with pipelines there are two editors

      • the Web-based editor

      • the standard Win32 Editor

      The Web-based editor allows remote administration of a commerce site, but the standard Win32 editor is more powerful.

      To use all the power of the Win32 editor it must be started in Enhanced Mode, with the /E switch from the command line (or by modifying the standard windows shortcut).

      Pipeline files have *.pcf extension.

      If you add or remove components you need to modify the wizard generated pages to reflect your changes.

      For example, if you remove the Shipping component from a pipeline, you also have to remove the Shipping row on ASP pages. If you add components that need to show a result, you have to modify ASP pages to add the presentation of the result.

      An important thing about pipelines is that there cannot be branches in the pipeline flow; there cannot be a If ... Then ... Else situation.

      Related to this fact there is the “no-interference rule” that states that a component could write a value in the pipeline dictionary if and only if preceding components do not set up that value.

      If it’s absolutely necessary to have a selection of the stages based on the program execution, there is the MICROPIPE component that allows executing a single pipeline component from an ASP page.

      This implies that all the pipeline logic must be hard coded in the page. This allows a great control of the process, but also a slower response from the system, because every component must be instantiated individually. 


      Instantiate a pipeline that participates in a transaction

      Using the UtilRunTxPipe() from the the i_util.asp include file or directly using the Commerce.MtsTxPipeline component allows the pipeline to participate in a transaction.

      A flag in the pipeline configuration (*.pcf) file is used to ensure that the pipeline requires a transaction. The configuration may be designated for transaction compatibility in one of these ways

      • Any pipeline. May be loaded into any pipeline.

      • Requires transacted pipeline. Must be loaded into an MtsTxPipeline pipeline.

      • Requires non-transacted pipeline. Must be loaded into an MtsPipeline pipeline.


      Different kinds of pipelines

      There two kinds of pipelines

      • Order Processing Pipelines (OPP)

      • Commerce Interchange Pipelines (CIP)

      The first is used in business-to-consumer stores to perform tasks related with order processing. It consists of three pipelines, the product pipeline, the plan pipeline and the purchase pipeline. OPP and SCRIPTOR

      The second is used in business-to-business transactions to exchange information between two organizations or between two departments of the same organization. It consists of two pipelines, the transmit pipeline and the receive pipeline.


      Creating Data Services

      Use OLE DB, ODBC, and ADO to access or manipulate a data source


      ODBC was the standard way to access Relational DB. ODBC is still most popular, but Microsoft prefers that new applications use OLE DB to access DB.

      RDO is the object model built over ODBC.


      OLE DB

      OLE DB is the new set of APIs to access Relational and non-Relational data. The most important benefit of using OLE DB is that the same model is used to access every kind of data (with the right provider). An ODBC provider for OLE DB is given for backward compatibility with every relational database.



      ADO is the object model built on the top of OLE DB. Remember to use ADO or OLE DB in every new application.


      Access data

      The object model exposed by ADO is composed of 6 main objects, but not all are necessary to query the database. For example, recordset can be obtained without opening a connection and without sending a command. But using a connection allows you to obtain more than one recordset, and using a command allows you to send the same command without querying the metadata every time.



      Used to maintain connection information, like cursor type, connection string, time-outs, and default database



      Used to report extended error information. A collection of errors is used because one or more errors could be returned.



      Contains information about a command, like the query string, parameters, and so on.



      The Command object can contain a collection of parameters. Each parameter type can be declared by the programmer to improve performance, or can be discovered at run-time.



      Is a set of rows returned from a query, including cursors.



      Is used to contain a set of information about a single column of data.


      Handle database errors

      The ADO Connection object contains an error collection with these methods and properties



      Contains the number of errors in the collection



      Is used to retrieve an error from the collection



      Is used to remove all the errors from the collection

      The Error object contains these properties: Description, Number, HelpFile, HelpContext, Source, SQLState, NativeError


      Testing the Solution

      Create a test plan that includes disaster recovery, scalability, load balancing, and capacity planning

      Disaster recovery can be achieved in certain ways, such as backups, disk images, and so on. Be prepared to recover a Site Server installation, because e-commerce Web sites are often attacked by hackers.

      Scalability can be obtained in two ways: with bigger hardware, or with more servers that work together.

      Load balancing can be obtained using more servers, and with software or hardware solutions that are used to distribute the load on the less busy server.

      Test your site to see how many concurrent users it can handle, and plan accordingly the number of servers needed.


      Create test scripts

      To run InetMonitor you need to enable disk monitoring with diskperf –y.

      The command Profile calibrates your hardware. This process takes a lot of time.

      After hardware calibration, you can run the scripts to test the site. Scripts are text files that contain commands like GET, POST, LOOP, ENDLOOP, RANDLIST, etc...

      In InetMonitor you can run a script. You can also set the server to be tested, number of users, users start delay, test duration, number of threads, authentication level, client timeout, HTTP version, if the Log is active or not, and which cookie file to use on the simulated client.

      As a result you have the processor, memory and disk utilization, and the number of alerts and some recommendations.


      Execute the test plan

      Steps required to execute the test plant are:

      • Publish a Commerce site to a staging server (different than the development server. With this you can check if all the components, all the pages and all the connections are deployed well).

      • Test a Commerce site on various browsers, both different browsers and different versions of the same browser.

      • Test localization of components.


      Deploying a Web Application

      Normally there are three steps to deploy Web Applications. The first step is to develop the application on the development server. After that the application is copied to the staging server to allow beta testers to check the application in a clean environment. Finally the application is copied to the production server and made available to the final users.


      Managing Access to a Commerce Site

      Control access to data and objects on a Commerce site

      Membership Server is used to secure the site and manage users.

      There can be multiple Membership Servers, with different data providers.

      When a user is authenticated under Membership Server, he is automatically mapped to an NT user account called MemProxyUser. If more Membership Servers exist, more users are created under NT, each with the number of the instance of the Server.

      The Window NT account can be used to grant or deny access to Windows NT resources.

      To enable Personalization and Membership under IIS there is the option Membership Server Mapping under the All Tasks context menu in the MMC snap-in of IIS.

      After that you can see a new Membership Authentication tab in the properties of the site.

      The authentication process, where P&M is enabled, is the following

      • A user requests a page that is mapped under the Membership Server

      • IIS calls the Membership Server that checks if the user is valid

      • If the user is valid, the Windows NT account, mapped to that Membership Server, is checked against the page

      • If the user has the permissions to see the page the page is displayed.

      There are three kinds of situations

      1. The user is invalid: the Logon Troubleshooter page is displayed

      2. The user is valid but does not have the authorization for the page: Access Denied is displayed to the user

      3. The user is valid and can see the page: the page is sent to the browser

      Every error page can be customized.


      Administer user access to a Commerce site

      Anonymous access should be enabled to allow users to browse the home directory and the public site.

      To restrict access to the private site, three kinds of authentications can be used

      1. Automatic Cookie Authentication

      2. HTML Forms Authentication

      3. Other Password Authentication (that includes Distributed Password Authentication and Clear Text / Basic Authentication)

      With Automatic Cookie Auth. a cookie is sent automatically to the user, and the user is authenticated without reentering passwords.

      With HTML Forms Authentication a logon html page is displayed to the user.

      With Other Password Authentication a logon dialog box is displayed to the user by the browser.


      Administer client-side certificates by using Membership Server

      It’s possible to map client-side certificates to users in the Membership Server.


      Maintain secured communication for a Commerce site

      HTTPS (HTTP over SSL) is the protocol used to maintain a secure communication between the client and the server.

      SSL is based on public key cryptography and digital certificates. At least a server certificate is needed to establish the communication. Server certificates could be purchased from a certification authority (like Verisign) or can be created using the Certificate Server. Creating a certificate can be cheaper, but the client needs to trust the certification authority used by the server, and the user gets prompted that the browser doesn’t know who has issued the certificate. Q257591 - Description of the Secure Sockets Layer (SSL) Handshake  


      Maintaining and Supporting an Application

      Fix errors and take measures to prevent future errors

      Logic errors (known also as bug) occur when the application can be executed, but doesn’t work as expected.

      Syntax errors occur when the application can’t be executed because of the errors in the source code.

      Tracing the flow of the program with Response.Write or with log file is useful to see how the program is executed.


      Other things to know

      High availability and scalability

      Cluster server (or services in Windows 2000) can be used when high availability issues are important.

      Windows Load Balancing Server (or Network Load Balancing in Windows 2000) can be used when there are high availability and scalability issues.


      Client-side scripting

      Client-side scripting is used to validate forms before sending them to the server, to process little pieces of information on the client and so on.

      Netscape only supports Javascript on the client

      Internet Explorer supports both VBScript and JScript (that is the Microsoft version of JavaScript)

      Every browser has its vesion of the Document Object Model.

      Home | Abroad | Academics | Advice | Alumni Associations | Career Watch | Competitive Exams | Career Counseling | Distance Education | Forms | Organisations | Relax Zone | MBA | Engineering | Medical | Humanities | Sciences | Computers ICSE/ISC/CBSE | Scholarship | Loans
       Contact Us | Feedback | Advertise | Disclaimer | Privacy Policy
      ©2000-2001 All rights reserved "DD Web Vision Private Limited"

      Site developed by