Skip to main content

Electronic Commerce::Web-up application pattern::Runtime patterns

The Patterns Process: Runtime patterns

After you choose an appropriate Application pattern to meet your e-commerce needs, it is time to select the specific Runtime pattern used to design your solution. The Runtime pattern uses nodes to group functional and operational components. The nodes are interconnected to solve a business problem. Each Application pattern has at least one corresponding Runtime pattern. These runtime patterns are based on the Enterprise Solution Structure (ESS) Thin Client Transactional Pattern and are a representative solution for the Electronic Commerce composite pattern.

Each Runtime pattern may have additional variations as well, including:

Depending on the customer requirements, you might need to extend variations or combine them to achieve desired results.

Proven Basic Runtime Pattern

Web-up:: Proven Basic Runtime pattern Retail Customer Protocol Firewall Dispatcher Commerce Server Domain Firewall Application Application Application Database Content Creation and Management
(Click a node to get a detailed explanation.)

At the logical level, this Runtime pattern involves a synchronous interaction with the user during the first part of the shopping experience. An asynchronous (and deferred) response for the processing of details and confirmation of a submitted order follows. Therefore, this runtime does not allow for real-time features such as immediate inventory validation, order completion, or shipping details.

Web-Up basic online shopping process

  1. From a Web browser client, the shopper connects to the commerce site by entering the Web site URL and does one of the following:
    • Logs in to the commerce site if the user is recognized as a registered shopper from a profile on the database server
    • Browses the site anonymously
    • Enters profile information to become a registered user
  2. The user then interacts with the pages of the site. These are either static pages from the commerce server or pages dynamically built with information from the database server.
  3. The user adds items to a shopping cart. The data for the shopping cart is stored on the database server along with required session state information. A cookie is sent to the client browser. This cookie helps the commerce server track the progress of the customer interactions on the commerce site and connect users with their shopping cart.
  4. When the shopper wants to buy or check out items in the shopping cart, the commerce server stores the submitted order on the database server for later processing. An acknowledgment is sent back to the shopper that the order has been submitted, and the interactive session is terminated.
  5. The system uses one of several techniques to retrieve the order and process it through the back-end fulfillment, inventory, payment, and shipping processes. Note that this pattern does not specify the details of back-end integration. It can be done in batch or manually. The example given below describes how one site performed their order processing functions.
  6. Eventually, a confirmation e-mail of order status (such as delivery, out of stock, credit problems) is sent to the user.

Typically, the logon process uses registration data from the database server node to identify registered shoppers and encryption technology, such as Secure Sockets Layer (SSL), to protect sensitive data (for example, credit card or address information).

Currently, most sites do not use digital certificates. In the Enterprise-out application pattern, the client wants to extend the back-end systems with a tightly integrated Web access channel, and might want to integrate with corporate-wide directory and security mechanisms. For this reason, the Enterprise-out runtime pattern includes directory and security nodes on the internal network.

In the Web-up runtime pattern, however, the directory and security nodes are omitted, because clients do not usually want corporate-wide directory and security mechanisms. The "ESS Reference Architecture", used by IBM Global Services provides a much more detailed flow of the online shopping process and how it interacts with the infrastructure. This information is often used to prepare vendor quotes for the products necessary to physically implement the logical Runtime pattern.

Runtime pattern=Variation 1

Web-up application pattern::Runtime pattern=Variation 1 Web Server Content Creation and Management Domain Firewall Dispatcher Protocol Firewall Database Application Application Application Commerce Server Retail Customer
(where supported, e.g. WebSphere Commerce Suite V5.1)
(Click a node to get a detailed explanation.)

For additional security, this solution may be implemented with the commerce application server node positioned behind the second (domain) firewall.

Runtime pattern=Variation 2

Web-up application pattern::Runtime pattern=Variation 2 Commerce Application Server LDAP Directory Server Database Commerce Application Server Dispatcher Dispatcher Protocol Firewall Domain Firewall
(where supported, e.g. WebSphere Commerce Suite V5.1)
(Click a node to get a detailed explanation.)

For additional load balancing and availability functionality, this solution may be implemented with a duplexed web server and commerce application server and may have a second dispatcher (load balancer) in standby mode.

Runtime pattern=Variation 3

Web-up application pattern::Runtime pattern=Variation 3 Content Creation and Management Domain Firewall Dispatcher Protocol Firewall Protocol Firewall Database Application Application Application Commerce Server User User Retail Customer
(where supported, e.g. WebSphere Commerce Suite V5.1)
(Click a node to get a detailed explanation.)

In our previous example, we followed a major retail department store that wants to expand their sales to the Web. They chose the Web-up application pattern because they need a internet-only solution without any back-end integration.

As shown in the diagram below, the department store implemented support for two distinct buying channels within the same site:

  • Web browser-based shoppers use the Web channel.
  • Telemarketers use their point-of-sales system to complete orders.

Walking through a purchase:

  1. During the shopping process, the user interacts synchronously with the commerce server and the database server. This process is actually similar to the shopping experience found in the Enterprise-out approach. After the shopper decides to buy the items in the shopping cart, however, this pattern takes a very different approach:
    • The shopper is simply notified that the order has been taken and that confirmation is forthcoming.
    • Most importantly, there is no online linkage from the online buying front end to the backend systems.
  2. The lower part of this diagram shows how order processing is completed:
    • In the past, the orders were processed by telemarketers over the phone. With the new Internet front end, the call center representatives simply log in to the new application on the commerce server and access any submitted, but unfulfilled, orders on the database node.
    • On behalf of the online shopper, the call center representatives submit the unfulfilled orders to the back-end order processing systems. These systems send e-mails to the shoppers, confirming their orders and providing information such as delivery dates. Online shoppers, while interacting with the system, are unaware of factors such as delivery dates or out-of-stock items. This is a major drawback of this solution design.

Reasons for this approach:

  • Fast time to market, 2-3 months, was critical to this client.
  • A process for customers to order over the phone was already in place.
  • The back-end order processing systems offered no interactive interface for the commerce server front end to use for direct online access.
  • The back-end order processing systems did not provide the "24x7" hours of operation demanded by Internet shoppers.
  • The volume of orders was not expected to be large initially, so they believed they could handle the load manually. This approach provided a quicker time-to-market than that required by integrating directly with the back-end systems. The retailer expected lower volume due to the nature of their sales: primarily big ticket items such as refrigerators, not high-volume items such as pairs of socks.

Obviously, the retailer intends to expand usage and include many more items. With augmented advertising of the site, the retailer expects sales volume to increase dramatically and faces a pressing need to provide a less manual approach to the order processing back-end systems. This site will evolve over time into one that more closely resembles an Enterprise-out approach, by including automated interfaces to order processing either in batch or directly online.

Next, review product mappings.

Close [x]

Retail Customer Node

This Node is a personal computing device, such as a PC, supporting a commercial browser (e.g. Netscape Navigator or Internet Explorer). The level of the browser is expected to support SSL and some level of DHTML. Most online buying implementations will send a "Cookie" to the browser on this node in order to maintain the shopping session. The cookie will contain a session id, which can be used to reconnect with a partially filled shopping basket or order and to re-establish the conversation for each interaction.

Close [x]

Protocol Firewall Node

Firewalls provide services that can be used to control access from a less trusted network to a more trusted network. Traditional implementations of firewall services include:

  • Screening routers (the protocol firewall in this design)
  • Application gateways (the domain firewall)

The two firewall nodes provide increasing levels of protection at the expense of increasing computing resource requirements. The protocol firewall is typically implemented as an IP router, while the domain firewall is a dedicated server node.

Additional Resources

  • (in English) ESS

Close [x]

Network dispatcher node

The load balancer, or dispatcher, node provides horizontal scalability by dispatching HTTP requests among several, identically configured Web servers.

See Also

Additional Resources

  • (in English) ESS

Close [x]

Commerce server node

This node provides the infrastructure for application logic and can be part of a commerce server node. It is capable of running both presentation and business logic.

Close [x]

Domain firewall node

Firewalls provide services that can be used to control access from a less trusted network to a more trusted network. Traditional implementations of firewall services include:

  • Screening routers (the protocol firewall in this design)
  • Application gateways (the domain firewall)

The two firewall nodes provide increasing levels of protection at the expense of increasing computing resource requirements. The protocol firewall is typically implemented as an IP router, while the domain firewall is a dedicated server node.

Additional Resources

  • (in English) ESS

Close [x]

Application node

Existing applications are run and maintained on nodes that are installed in the internal network. These applications provide for business logic that uses data maintained in the internal network. The number and topology of these existing application and data nodes is dependent on the particular configuration used by these legacy systems.

Close [x]

Database Server Node

The database server node's function is to provide persistent data storage and retrieval in support of the user-to-business transactional interaction. The data stored is relevant to the specific business interaction, for example, bank balance, insurance information, current purchase by the user, and so forth.

Note that the mode of database access is perhaps the most important factor determining the performance of this Web application, in all but the simplest cases. The recommended approach is to collapse the database accesses into a single call or very few calls. This can be achieved through coding and invoking stored procedure calls on the database.

Close [x]

Content Creation and Management Node

This node represents the functionality supporting the creation of the data that resides on the Database Server and Commerce Server Nodes. It also represents the function to manage and stage that data into production on the servers. The functionality of this node is quite broad, and might be thought of as encompassing an entire subsystem.

The timely synchronization of several Web Servers is sometimes achieved by using a Shared File System as the content storage, capitalizing on the replication capability of this technology.

Close [x]

Web Server

A process that supports the use and management of Web pages and other Internet-related material.

Close [x]

User Node

The user node is most frequently a personal computing device (PC) supporting a commercial browser, for example, Netscape Navigator and Internet Explorer. The browser is expected to support SSL and some level of DHTML. Increasingly, designers need to also consider that this node might be a pervasive computing device, such as a Personal Digital Assistant (PDA).

Close [x]

LDAP

Lightweight Directory Access Protocol (LDAP) refers to the protocol that is used to communicate from a calling program (running on a node such as a Commerce Server) and a Directory Node. Information is kept on the LDAP-based directory node about such topics as people and/or services.

For example, the directory could be used to store information needed to identify registered shoppers (referred to as authentication). It could also be used to store information about what functions those shoppers are allowed to perform after being identified (referred to as authorization).

Close [x]

SSL

Secure Sockets Layer (SSL) refers to encryption technology which is commonly used between the browser on a users PC and a Web Server Node. It is used to protect the data in messages from being viewed in an un-authorized fashion while travelling over a TCP/IP network. It can also continue to protect the messages as they flow over internal TCP/IP networks between nodes after passing the web server.

Close [x]

Digital Certificates

A digital certificate is an electronic credential issued by a trustworthy organization such as a bank, credit union, or large company. The digital certificate vouches for an individual's, business's, or organization's identity and authority to conduct any transaction over the Internet. The issuing organization is called a Certificate Authority, or CA. VeriSign is an example of an existing CA.

Digital certificates address the issue of ensuring that the owner of a public key is really who he claims to be .This technology provides a mechanism to distribute public keys in a special format called a certificate. In addition to the key itself, the certificate contains information about the sender. The whole package is then signed by the issuing CA using its private key. The receiver of the certificate can then verify the CA's digital signature using the CA's public key. Digital Certificates are made available to the public through on-line directories based on X.500 standards.

Digital certificates are defined by the X.509 standard. A X.509 certificate is typically a small file that contains:

  • Subject's distinguished name
  • Issuer's distinguished name
  • Subject's public key
  • Issuer's digital signature
  • Validity period
  • Certificate's serial number

Close [x]

IBM Global Services

IBM Global Services refers to that organization within IBM that provides professional IT Services and Consulting.