Commerce Server General - Commerce Server 2000 Returning MSCSSID

Author

Commerce Server 2000 Returning MSCSSID

Paul Davies

2004-12-20, 7:49 am

Hi all

Hoping someone may be able to explain why the following is happening, and
help me with my questions.

We have a 3rd party built application that is a web app built on commece
server 2000, my task is to write a monitoring tool which will run as a
scheduled task and will attempt to a) log into the application, b) peform a
number of tests on the application.

If I log into the app from my browser and view the source I see there is a
MSCSSID and MSCSKey which I assume are required as part of the ongoing
authentication process. This is fine.

My App will not be a browser but will use HttpWebRequest and Response from
the .Net 1.1 library but have noticed that the response, whilst appearing
almost exactly the same as that returned by the browser is consistantly
missing the the MSCSSID. I have checked the cookie collection and this
empty.

My Questions are something along the lines of - are the ID and Key that are
returned an integral part of commerce server type sites? Am I correct in my
assumption that both are required for ongoing authentication? If so why
would the ID be returned to a browser and not a .Net WebRequest? Is there a
way around the issue?

Please excuse my complete ignorance of all things Commerce Server, this is
the first time I have ever needed to understand it to any level.

Thanks

Paul Davies

David Messner [MSFT]

2004-12-20, 8:46 pm

Did you create a CookieContainer in your custom client code? One of our
developers recently hit a similar issue using cookies from custom client
code and the magic ingredient was the correct usage of CookieContainer
(he's on vacation or I'd get some sample code for you :-).

I searched the CS2000 code base for "MSCSKey" and "MSCSSID". MSCSKey is
not anywhere in our sources. MSCSSID showed up in some early
(non-shipping) versions of the ASP solution sites. My guess is that this
is a carryover from some Site Server site where the user id was typically
called shopper id (SID).

So these cookies are not baked into any Commerce Server object that I can
find (not documented, not in our sources). They are likely coming from
your site code.

regards
-djm
--
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use. © 2004 Microsoft Corporation. All rights
reserved.

--------------------
From: "Paul Davies" <paul_e_davies@hotmail.com>
Subject: Commerce Server 2000 Returning MSCSSID
Date: Mon, 20 Dec 2004 11:11:47 -0000
Lines: 34
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-RFC2646: Format=Flowed; Original
Message-ID: <u28b9Ro5EHA.1400@TK2MSFTNGP11.phx.gbl>
Newsgroups: microsoft.public.commerceserver.general
NNTP-Posting-Host: globaldns-jserv.register.com 62.140.199.34
Path:
cpmsftngxa10.phx.gbl!TK2MSFTNGXA06.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08
phx.gbl!TK2MSFTNGP11.phx.gbl
Xref: cpmsftngxa10.phx.gbl microsoft.public.commerceserver.general:15272
X-Tomcat-NG: microsoft.public.commerceserver.general

Hi all

Hoping someone may be able to explain why the following is happening, and
help me with my questions.

We have a 3rd party built application that is a web app built on commece
server 2000, my task is to write a monitoring tool which will run as a
scheduled task and will attempt to a) log into the application, b) peform a
number of tests on the application.

If I log into the app from my browser and view the source I see there is a
MSCSSID and MSCSKey which I assume are required as part of the ongoing
authentication process. This is fine.

My App will not be a browser but will use HttpWebRequest and Response from
the .Net 1.1 library but have noticed that the response, whilst appearing
almost exactly the same as that returned by the browser is consistantly
missing the the MSCSSID. I have checked the cookie collection and this
empty.

My Questions are something along the lines of - are the ID and Key that
are
returned an integral part of commerce server type sites? Am I correct in my
assumption that both are required for ongoing authentication? If so why
would the ID be returned to a browser and not a .Net WebRequest? Is there a
way around the issue?

Please excuse my complete ignorance of all things Commerce Server, this is
the first time I have ever needed to understand it to any level.

Thanks

Paul Davies

Paul Davies

2004-12-21, 7:49 am

Thanks for the info David, at least I now know that it is our third parties
code and not commerce server, although it does seem strange that it appears
to distinguish between a WebClient and a web browser

Cheers

Paul

"David Messner [MSFT]" <davidme@online.microsoft.com> wrote in message
news:Q%23sciIw5EHA.3152@cpmsftngxa10.phx.gbl...
> Did you create a CookieContainer in your custom client code? One of our
> developers recently hit a similar issue using cookies from custom client
> code and the magic ingredient was the correct usage of CookieContainer
> (he's on vacation or I'd get some sample code for you :-).
>
> I searched the CS2000 code base for "MSCSKey" and "MSCSSID". MSCSKey is
> not anywhere in our sources. MSCSSID showed up in some early
> (non-shipping) versions of the ASP solution sites. My guess is that this
> is a carryover from some Site Server site where the user id was typically
> called shopper id (SID).
>
> So these cookies are not baked into any Commerce Server object that I can
> find (not documented, not in our sources). They are likely coming from
> your site code.
>
> regards
> -djm
> --
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> You assume all risk for your use. © 2004 Microsoft Corporation. All
> rights
> reserved.
>
> --------------------
> From: "Paul Davies" <paul_e_davies@hotmail.com>
> Subject: Commerce Server 2000 Returning MSCSSID
> Date: Mon, 20 Dec 2004 11:11:47 -0000
> Lines: 34
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
> X-RFC2646: Format=Flowed; Original
> Message-ID: <u28b9Ro5EHA.1400@TK2MSFTNGP11.phx.gbl>
> Newsgroups: microsoft.public.commerceserver.general
> NNTP-Posting-Host: globaldns-jserv.register.com 62.140.199.34
> Path:
> cpmsftngxa10.phx.gbl!TK2MSFTNGXA06.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGP08
> phx.gbl!TK2MSFTNGP11.phx.gbl
> Xref: cpmsftngxa10.phx.gbl microsoft.public.commerceserver.general:15272
> X-Tomcat-NG: microsoft.public.commerceserver.general
>
> Hi all
>
> Hoping someone may be able to explain why the following is happening, and
> help me with my questions.
>
> We have a 3rd party built application that is a web app built on commece
> server 2000, my task is to write a monitoring tool which will run as a
> scheduled task and will attempt to a) log into the application, b) peform
> a
> number of tests on the application.
>
> If I log into the app from my browser and view the source I see there is a
> MSCSSID and MSCSKey which I assume are required as part of the ongoing
> authentication process. This is fine.
>
> My App will not be a browser but will use HttpWebRequest and Response from
> the .Net 1.1 library but have noticed that the response, whilst appearing
> almost exactly the same as that returned by the browser is consistantly
> missing the the MSCSSID. I have checked the cookie collection and this
> empty.
>
> My Questions are something along the lines of - are the ID and Key that
> are
> returned an integral part of commerce server type sites? Am I correct in
> my
> assumption that both are required for ongoing authentication? If so why
> would the ID be returned to a browser and not a .Net WebRequest? Is there
> a
> way around the issue?
>
> Please excuse my complete ignorance of all things Commerce Server, this is
> the first time I have ever needed to understand it to any level.
>
> Thanks
>
> Paul Davies
>
>
>