IBM SG24-6320-00 Manuel D’Utilisation
6320ch_migrating.fm
Draft Document for Review July 28, 2004 7:33 pm
214
Keeping Commerce Applications Updated WebSphere Commerce 5.1 to 5.6 Migration Guide
--please replace MASTERCATALOG_ID with one of the catalog of the store you want
to designate as MasterCatalog
update storecat set mastercatalog='1' where catalog_id=10002 and
storeent_id=10001;
insert into catgrptpc (catgroup_id,catalog_id,tradeposcn_id) values
(0,10002,10001);
to designate as MasterCatalog
update storecat set mastercatalog='1' where catalog_id=10002 and
storeent_id=10001;
insert into catgrptpc (catgroup_id,catalog_id,tradeposcn_id) values
(0,10002,10001);
To execute the file, run the following from a DB2 command window:
db2 -tvf choosemc.sql
Ensure that the script has run successfully be examining the output.
11.3.3 Migrating the encrypted data
Once the database is migrated there are some additional steps to complete the
migration.
migration.
Merchant key and encrypted data
The merchant key in WebSphere Commerce Suite V5.1 can be either default or
custom. A default merchant key is a fixed value selected by WebSphere
Commerce Suite V5.1 while the custom key is defined by the user. A default
merchant key is not valid in WebSphere Commerce V5.6 and must be changed
to a user defined merchant key. Since the encryption behavior has changed for
sensitive data (as described below) the encrypted information must be
re-encrypted using the new behavior to ensure that encrypted data is valid.
custom. A default merchant key is a fixed value selected by WebSphere
Commerce Suite V5.1 while the custom key is defined by the user. A default
merchant key is not valid in WebSphere Commerce V5.6 and must be changed
to a user defined merchant key. Since the encryption behavior has changed for
sensitive data (as described below) the encrypted information must be
re-encrypted using the new behavior to ensure that encrypted data is valid.
Users
Users stored in USERREG table (registered users) have a logon ID and a
password. In WebSphere Commerce Suite V5.1 the password is encrypted using
the merchant key and can be decrypted using the merchant key. In WebSphere
Commerce V5.6 the USERREG has an extra column SALT (introduced in
WebSphere Commerce Suite V5.4), which is used as an extra factor in the
encryption of the password. The SALT key is added to the password and a one
way hash key (SHA-1) is returned from the concatted string. This hash key is
then encrypted. This method ensures that it is almost impossible to decrypt and
retain the password. Because of this extra security the passwords must be
decrypted and re-encrypted with a random SALT key and using a one way hash
key.
password. In WebSphere Commerce Suite V5.1 the password is encrypted using
the merchant key and can be decrypted using the merchant key. In WebSphere
Commerce V5.6 the USERREG has an extra column SALT (introduced in
WebSphere Commerce Suite V5.4), which is used as an extra factor in the
encryption of the password. The SALT key is added to the password and a one
way hash key (SHA-1) is returned from the concatted string. This hash key is
then encrypted. This method ensures that it is almost impossible to decrypt and
retain the password. Because of this extra security the passwords must be
decrypted and re-encrypted with a random SALT key and using a one way hash
key.
Credit cards
Credit card data stored in ORDPAYINFO, ORDPAYMTHD and PATTRVALUE
contains sensitive data and will typically be encrypted. The variable PDIEncrypt
in the instance file indicates if credit card data is encrypted. Prior to WebSphere
Commerce Suite V5.1.1.2 the merchant key was not used to encrypt credit card
contains sensitive data and will typically be encrypted. The variable PDIEncrypt
in the instance file indicates if credit card data is encrypted. Prior to WebSphere
Commerce Suite V5.1.1.2 the merchant key was not used to encrypt credit card