Saturday, July 3, 2010

Business Auditing feature in WCS

IBM websphere commerce uses : WebSphere Commerce uses the industry standard Triple DES (data encryption standard)

This ensures that a third party using network-sniffing programs cannot snoop on the network when a user submits a password.
Passwords are never decrypted during the authentication process, as is the common security practice.
All user passwords are one-way hashed using the SHA-1 hashing scheme and encrypted using a 128-bit key based on the merchant key.


Business Auditing:

Business auditing is the capturing of the business logic and objects during a WebSphere Commerce operation.A report on business auditing is available in the Administration Console.

WebSphere Commerce business auditing records the information about the execution of business logic, such as the command, request, response, command context, and other information. For example, if a Customer Service Representative overrides a price for a particular ordered item within an order, this needs to be captured, and is useful to resolve any discrepancies between the price quoted to the customer and the customer's bill.

If an error occurs while executing any business logic, WebSphere Commerce attempts to execute the business logic, and this attempt is recorded to indicate that the request failed.

To use the business auditing feature, you must first enable it using Configuration Manager. By default, when you install WebSphere Commerce, the business auditing feature is already enabled. The WebSphere Commerce system captures the execution of specific business logic based on some default configuration. You can further customize which commands you want captured during a business audit (that is, enable existing or add new commands) by configuring the BusinessAuditDataCapture.xml file. The data captured by WebSphere Commerce system is stored in the BUSAUDIT table.


customization: BusinessAuditDataCapture.xml
enabling: For servers it is enabled using the configuration manager

Adding custom commands:
<AuditCommand eventType="MBR" command="com.custom.commands.CustomActivityControllerCmd" audit="true"/>
<AuditCommand eventType="MBR" command="com.custom.commands.CustomOrderSearchControllerCmd" audit="true"/>

8 comments:

  1. I dont specifically understand how it is 128 bit encryption when it is generated using a 64 bit merchant key. For a successful 128 bit encryption each bit in the key needs to be completely independent and cannot be replicated from a key of lower value.

    ReplyDelete
  2. Great thoughts you got there, believe I may possibly try just some of it throughout my daily life.

    Management Audit

    ReplyDelete
  3. There are many home improvements you can do to boost your property value. Though not every homeowner agrees with the value of home improvements, most agree that you will get a better price for your home, in the event of a sale, if you make a few changes. SolidWorks 2020 Premium SP1

    ReplyDelete
  4. ording to baseball legend Yogi Berra, "If you don't know where you are going, you will probably end up somewhere else." Yogi's one liners often make me laugh, but they also make me think. His quip reminds me of the importance of having a plan when engaging in any endeavor that will impact our personal situations beyond the immediate here and now. That includes the process of estate planning. Now, I will grant you that Yogi probably wasn't thinking about estate planning when he offered this particular slice of wisdom. Nonetheless, his words are absolutely spot-on insofar as the importance of planning for that day which we will not live to see. As important as having an estate plan is for all of us, it is of even greater importance for the small business owner. I think it is no exaggeration to say that thoughtful estate planning is an essential component of every small business owner's overall business plan. Autocad | CheapSoftwareDownload

    ReplyDelete
  5. Thanks for this wonderful post! It has long been very helpful. I wish that you’ll carry on posting your wisdom with us. 먹튀검증

    ReplyDelete
  6. This comment has been removed by the author.

    ReplyDelete
  7. Hey There. I found your blog using msn. This is a very well written article. I’ll be sure to bookmark it and come back to read more of your useful info. Thanks for the post. I’ll definitely return. GRE代考

    ReplyDelete