Contents Overview 1 Implementing State in a Shopping Cart 2 State vs. Scalability 15 Membership and Authentication 24 Adapting the User’s View of the Site 31 Commerce Server 2000 Personalization Tools 36 Lab 5: Using Business Desk 44 Review 55 Module 5: Managing the Business Logic Layer Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation. If, however, your only means of access is electronic, permission to print one copy is hereby granted. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.  2001 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, ActiveX, BizTalk Server, FoxPro, FrontPage, Hotmail, Jscript, Outlook, PowerPoint, Visio, Visual Basic, Visual C#, Visual C++, Visual Studio, Windows, and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A. and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. Module 5: Managing the Business Logic Layer iii Instructor Notes This module examines the problem of maintaining state in an e-business application. It focuses on several approaches that can be used for saving useful information between each request and response cycle. Where appropriate, this module also covers some of the useful features of Microsoft ® Commerce Server 2000, including the Commerce Server Business Desk. After completing this module, students will be able to:  Describe how to manage state for a Web shopping cart.  List some of the issues related to state and scalability and explain how they can be addressed.  Identify the role of Microsoft Application Center 2000 in software scaling.  List the mechanisms that can be used for identifying the users of an e-business Web site.  Explain how personalization and customization can be used to improve the usability of a site.  Explain how to use the tools in Commerce Server 2000 to implement targeted campaigns, promotions, and cross selling in your e-business. Materials and Preparation This section provides the materials and preparation tasks that you need to teach this module. Required Materials To teach this module, you need the following materials:  Microsoft PowerPoint ® file 2260A_05.ppt  Module 5, “Managing the Business Logic Layer”  Lab 5, “Using Business Desk” Preparation Tasks To prepare for this module, you should:  Read all of the materials for this module.  Complete the lab.  Become familiar with Business Desk.  Read about Microsoft’s latest Customer Relationship Management (CRM) initiatives at http://www.microsoft.com/business/crm. Presentation: 100 Minutes Lab: 70 Minutes iv Module 5: Managing the Business Logic Layer Module Strategy Use the following strategy to present this module:  Implementing State in a Shopping Cart Ensure that students understand what is meant by state before describing the problem in maintaining state with Hypertext Transfer Protocol (HTTP). After explaining the issues with HTTP, describe the techniques available to a Web developer when implementing state on an e-business site. Ensure that students understand the connection between state and shopping carts. Try not to delve too far into personalization because it is also covered in the next section.  State vs. Scalability Discuss the problems with scalability in the context of coping with state management. Although some of these problems have been covered earlier in this module, this will provide an opportunity to introduce some best programming techniques that can be used to resolve some of these issues. Conclude this section with a discussion on how to support software scalability using Application Center 2000.  Membership and Authentication Point out the differences between state management and membership. Some advantages of implementing membership are covered in this section. However, you can also introduce your own examples to emphasize what membership can offer users.  Adapting the User’s View of the Site This builds directly on the concept of membership. CRM is covered in one of the topics. Focus on the business needs of customers rather than on the technical implementation of CRM.  Commerce Server 2000 Personalization Tools Commerce Server 2000 is extensive in scope and it will not be possible to discuss all of its features in this section. Tell the students that only a few of the components—Business Desk, Profiling system, Business Analytics system, and Targeting system—are discussed in this section. The discussion must be limited to how these tools help a developer to build relationships with clients by using powerful tools.  Lab 5: Using Business Desk Students will implement state management in an e-commerce application by using Commerce Server 2000. The Commerce Server 2000 Retail Solution Site will be used in the lab. The students will implement promotions and cross selling by using the tools supplied with Business Desk. Module 5: Managing the Business Logic Layer 1 Overview  Implementing State in a Shopping Cart  State vs. Scalability  Membership and Authentication  Adapting the User’s View of the Site  Commerce Server 2000 Personalization Tools *****************************I LLEGAL FOR N ON -T RAINER U SE ***************************** In this module, you will examine the issues involved in maintaining state in an e-business application. The module describes how state is important to a Web shopping cart and then explains the techniques that can be used to preserve state. It also discusses how state impacts scalability and how to optimize state and scalability in your application. At the end of this module, you will look at how state maintenance enables personalization of a site and how to use Microsoft ® Commerce Server 2000 to implement personalization in your e-business site. After completing this module, you will be able to:  Describe how to manage state for a Web shopping cart.  List some of the issues related to state and scalability and explain how they can be addressed.  Identify the role of Microsoft Application Center 2000 in software scaling.  List the mechanisms that can be used for identifying the users of an e-business site.  Explain how personalization and customization can be used to improve the usability of a site.  Explain how to use the tools in Commerce Server 2000 to implement targeted campaigns, promotions, and cross selling in your e-business. Topic Objective To provide an overview of the module topics and objectives. Lead-in In this module, you will examine the issues involved in maintaining state in an e-business application. 2 Module 5: Managing the Business Logic Layer    Implementing State in a Shopping Cart  HTTP: A Stateless Protocol  Storing State on the Tiers  Identifying Users with Cookies  Managing State with ASP.NET Sessions  Session and Shopping Cart *****************************I LLEGAL FOR N ON -T RAINER U SE ***************************** The shopping cart is a fundamental requirement of an e-commerce site. The shopper needs to be able to add products to a virtual cart, review the cart, remove items from the cart, and ultimately proceed to the checkout where they pay for the goods. Although the operation of a shopping cart appears straightforward, maintaining state is a challenge that needs to be overcome before the shopping cart will work successfully. Some of the issues that can arise as a result of bad state management may not become obvious until some time after the site has been running. Topic Objective To introduce the topics covered in this section. Lead-in The shopping cart is a fundamental requirement of an e-commerce site. Module 5: Managing the Business Logic Layer 3 HTTP: A Stateless Protocol  State: Information or data that affects the behavior of an application  HTTP is a stateless protocol because the HTTP connection breaks after each response/request cycle Web browser (Internet Explorer) Web server (IIS) 1. TCP/IP connection 2. HTTP request 3. HTTP response 4. Connection closed *****************************I LLEGAL FOR N ON -T RAINER U SE ***************************** Maintaining state is an important functionality of any Web application, particularly in e-commerce applications. What Is State? State is any information or data that affects the behavior of a Web application. For example, if a user browses an e-commerce site and clicks a button to indicate a preference for monetary currency, the site can be designed to reflect that preference every time a price is displayed. Information that constitutes state may be applicable to the user’s current visit only. However, if such information can be retained for subsequent visits, it will significantly enhance the user’s experience. State and HTTP It is important to understand why maintaining state on an e-commerce site can be a problem. State-maintenance problems are caused by the use of Hypertext Transfer Protocol (HTTP), the protocol that delivers information over the Web. HTTP is used to transmit requests between Web browsers (clients) and Web servers. How HTTP works HTTP is a Transmission Control Protocol/Internet Protocol (TCP/IP) application layer protocol that is responsible for the communication that takes place between browser and server and for the delivery of content to the Web browser. The data that HTTP delivers in response to a successful Web request is often written in Hypertext Markup Language (HTML). HTTP is responsible for establishing the connection between the client and server and establishing the syntax of the request and response cycle. As soon as the request for a resource has been received and serviced at the Web server, HTTP breaks the connection. This behavior is by design, and breaking the connection allows HTTP to scale and support many clients on a single server. Topic Objective To describe how HTTP works and how it impacts state management. Lead-in Maintaining state is an important functionality of any Web application, particularly in e-commerce applications. 4 Module 5: Managing the Business Logic Layer Typical Web browsing activity involves a user requesting a page, reading it, and then clicking a link to another page. Users are just as likely to request a page residing on a completely different server as they are to request another page that resides on the current server. Therefore, all connections are broken after a request has been serviced. This lack of continuity between individual requests in HTTP means that there is no awareness on the part of HTTP of an ongoing session. The lack of permanent connection between the Web browser and the Web server leads to the problem of maintaining state between successive pages that are accessed by the same user. HTTP is, in effect, a stateless protocol. Need for preservation of state Implementing HTTP as a stateless protocol is ideal for many simple Web sites, thereby offering the advantage of scalability mentioned above. However, more comprehensive Web applications will require state to be preserved. The lack of state preservation means that each request for a Web page is treated as a unique transaction. HTTP does not remember or consider earlier requests from the same client/user. Without preservation of state, there is no sense of history, even a history that is only a few minutes old. You need to use extra mechanisms to offer a user the ability to put products in a Web shopping cart and see those same products again in subsequent page requests. HTTP version 1.1 does contain the concept of an ongoing session between client and server in which the connection is not broken after each HTTP request. However, dedicating network resources to a client in this way can impact site scalability. The issues related to sessions and scalability are discussed later in this module. Note Module 5: Managing the Business Logic Layer 5 Storing State on the Tiers  State on the Client  Reduces server load  State on the Web server  Need not rely on the client’s ability to store state  State by Using the Shared Property Manager  COM+ feature for sharing state across multiple objects  State in a Database  Persistent storage  Sharing state across multiple Web servers is useful in load-balancing scenarios *****************************I LLEGAL FOR N ON -T RAINER U SE ***************************** A Web application can store state in various places. The location you choose will depend on the type of application and the length of time for which state needs to be stored. Storing State on the Client Storing state on the client reduces server load, but it requires the client to be capable of storing state. Storing state on the client also may require the user to explicitly accept storage of state data, for example, by agreeing to accept a cookie or by agreeing to download and install custom software. In practical terms, this method allows the user to disconnect from the site and yet recover the state of the site when reconnected. Cookies are described in detail in the following section. Storing State on the Web Server By storing state on the server, you do not have to rely on the client’s ability or willingness to store state data in order to maintain state. A simple implementation of state management might make use of the ASP.NET Session object. This object enables the server to identify the client and maintain state on the server. ASP.NET introduces several improvements to the implementation of session management. These will be discussed later in this section. Storing State by Using the Shared Property Manager COM+ provides the Shared Property Manager, which makes sharing state in a multi-user environment as easy as it is in a single-user environment. The Shared Property Manager provides a mechanism to share and access global information among server processes. You can use the Shared Property Manager for a range of tasks, including workflow, performance monitoring and management, and process serialization through global locks. Topic Objective To describe the possible locations for storing state. Lead-in A Web application can store state in various locations. Note 6 Module 5: Managing the Business Logic Layer The Shared Property Manager eliminates the housekeeping tasks, which are needed to share information among applications. The Shared Property Manager takes care of memory management, thereby freeing developers to concentrate on program logic. To use the Shared Property Manager to store and share state between different objects and applications, the objects must be running in the same server process as the Shared Property Manager. Storing State in a Database State data that is already stored on a Web server can be also stored on a database. This enables the server to retrieve a client’s current state from the database. Having a central storage point for state, such as a database, allows multiple Web servers to share state data, thereby removing the affinity between a particular user and a single server in a multiple Web server scenario. The ability to store state data in this manner in the back end (that is, in a database) is very important for implementing load-balancing solutions. However, there are also disadvantages to storing state in the back end. The disadvantages are:  The database resources required in storing state information  The computing cost that is incurred by frequently moving data from the client to the database Note [...]... “Transaction Processing on the Business Logic Layer, ” in Course 2260A, Designing E -Business Applications with Microsoft NET Enterprise Servers Module 5: Managing the Business Logic Layer 31 Adapting the User’s View of the Site Topic Objective To introduce the topics in the section Lead-in Adapting the content of a site to suit the needs of a user is called personalization Managing Customer Relationships... depending on the amount of business they do Module 5: Managing the Business Logic Layer 27 Authenticating Users Topic Objective To introduce the various options for authenticating users Lead-in To provide membership services, the user must be uniquely identified by the site Options for Authentication Basic authentication using a user name and password A stronger form of authentication based on a secure... individual shopping cart on the server for them This section focuses on the concept of membership and authentication These techniques go beyond the concept of constructing state for a transaction and move closer to building relationships between the site and the intended users Module 5: Managing the Business Logic Layer 25 Need for Membership Topic Objective To describe the benefits of a membership-based... 14 Module 5: Managing the Business Logic Layer Unfortunately, the session ID is unique only among all the current sessions It is not a globally unique identifier This means that if the cart information is stored in the database for a long period of time, it is possible that at a later time, another shopper will receive the same session ID and retrieve a partially filled cart in error Module 5: Managing. .. leaving those resources underused when the peak recedes could be significant Managing and monitoring clusters is difficult The more computers that are added to the cluster, the more difficult it becomes to monitor and manage them Ideally, there should be a single interface to manage all of the computers in the cluster 22 Module 5: Managing the Business Logic Layer Using Application Center 2000 Topic... to the cluster When the traffic reduces, these servers can return to their original roles 24 Module 5: Managing the Business Logic Layer Membership and Authentication Topic Objective To introduce the topics covered in this section Lead-in Sessions allow us to track a user and build information They even allow us to store that information persistently As site requirements increase, we move toward the. .. resources For example, there are a limited number of TCP/IP sockets and they can be used by only one client at a time By using these resources for only as long as they are needed, HTTP makes these resources immediately available to other users However, you must use cookies or dynamic URL rewriting to create virtual sessions Module 5: Managing the Business Logic Layer While the mechanisms used to create... client, thereby resulting in a simple but powerful authentication mechanism 28 Module 5: Managing the Business Logic Layer Form-based authentication ASP.NET offers an advanced authentication scheme by using HTML forms This allows the developer to easily implement logon pages that blend in with the site design When a user authenticates successfully through the logon form, a cookie containing encrypted user... failure, such as the case of a complete power outage on the Web server In this case, the contents of the ASP.NET Session object can be reloaded after the computer has recovered from the failure 12 Module 5: Managing the Business Logic Layer Creating an ASP.NET Session A new ASP.NET session is created each time a user without a session interacts with an aspx page in a Web application The session can... value=""> Module 5: Managing the Business Logic Layer Problems with using these techniques Although these techniques are suitable for session tracking, unlike a cookie, the information will not persist over multiple visits On closing the browser, the session state data will be destroyed On a subsequent visit, a new session identifier needs to be created These techniques are not useful . herein may be the trademarks of their respective owners. Module 5: Managing the Business Logic Layer iii Instructor Notes This module examines the problem. this module. Note Module 5: Managing the Business Logic Layer 5 Storing State on the Tiers  State on the Client  Reduces server load  State on the Web