Business-to-Business e-Commerce with Open Buying on the Internet

3.2. OBI Component Design

In order to support the workflow described above the Net.Commerce server needs to be augmented with the OBI/SELL server augments with the features detailed in the following sections.

3.2.1. Digital certificate processing
The web server underlying the Net.Commerce server is enabled to handle HTTPS connections with client authentication. A requisitioner visiting the OBI/SELL Server uses an HTTPS URL (the URL refers to an OBI servlet called OBILogon) to connect to the server using a web browser. As a matter of fact, this URL is the universal entry point for all trading partners in the OBI-enabled selling solution. The web server requests for the requisitioner's digital certificate from the browser and passes it along any other information in the optional HTML POST FORM as specified in the OBI Standard to the OBILogon servlet. The presented digital certificate is verified for authenticity and validity against the issuing Certificate Authority and the information stored in the TradingPartnerInfo and TradingPartnerAggreement database table. And then the identification information in the certificate is used to retrieve information from the Net.Commerce shopper information tables and other OBI-specific database tables. The retrieved information is used to log in the requisitioner into the appropriate Net.Commerce mall or store and also potentially present the user a catalog that is tailored specifically to the user's organization or organizational unit.

This is actually one process with two steps that augment Net.Commerce order placement processing with OBI feature. First, newly submitted Net.Commerce purchase orders are periodically picked up by the OBI Purchase Order Request Daemon from the Net.Commerce shopping carts for all its shoppers. Each such order is packaged as an OBI Object (i.e. Purchase Order Request) and is placed in a PurchaseOrderRequestQueue. The corresponding Net.Commerce order status is changed to a new state POR_OK to indicate that the order is successfully rendered as an OBI purchase order request. The message router would once again periodically pick up all these POR's from the PurchaseOrderRequestQueue and sends them to their originators' OBI/BUY servers with an HTTP POST message over an SSL link.

The message router here is primarily responsible for outbound message routing. The router follows a double-polling process in order to avoid OBI blockage of purchase order request processing in case of a network and/or database jam or breakdown. Furthermore, the router is both secure and reliable. The security is provided by the fact that router uses SSL and client / server digital certificate authentication. It is also reliable in the sense that each message is guaranteed to be delivered to the opposite side until a HTTP 200 OK message is returned by the buying server or a maximum times of sending-retry is reached. The value of maximum retry can be configured during system installation. In the extreme case of delivery failure, an error message is logged together with the OBI object itself and the object is deleted from order request queue as required by the OBI specification. If sending successful, the corresponding Net.Commerce order status is changed to another new state (POR_SENT) to indicate that the order is received by the requisitioner's company, pending for approval.

This process is activated when the buying company successfully processed the previously generated Purchased Order Requests, and as a result, a matching official OBI Purchase Order arrives at the OBI/SELL server for actual notification and delivery of the goods and services ordered, and billing as well.

The OBI/BUY server sends the OBI object to the selling server as an HTTP POST message to a servlet (called OBISeller) on an SSL link. This URL also serves as the universal inbound OBI object receiver for this OBI/SELL solution for all trading partners enlisted. OBI/SELL server presents its own digital certificate to the connecting OBI/BUY server and requests digital certificate from the OBI/BUY server as well. The OBI/SELL server verifies the certificate presented by the opposite server for identification and authentication before the OBI Purchase Order is accepted and logged in the selling server database. The OBI object is then mapped back into the Net.Commerce orders and its status is flagged as COMPLETED to indicate that OBI processing of the order has completed successfully. The Net.Commerce payment and fulfillment modules would pick up the completed order further processing.

BACK TO INDEX PAGE | PREVIOUS SECTION | NEXT SECTION