Summary of Cookie Features
You can use cookies in Commerce Server to apply specific features to your site.
Encrypting Cookies
You can configure Commerce Server to encrypt both the persistent and session cookies that are generated by your site. By encrypting cookies, you ensure that only your Commerce Server applications can read the cookies.
Cookies are encrypted by default on Commerce Server Solution Sites. However, you can disable encryption, for example, for debugging purposes. Never disable cookie encryption on a production site.
To disable encryption, in the CS Authentication resource set the Enable Encryption property to 0. For more information, see Configuring the CS Authentication Resource.
For instructions about encrypting the key for cookie data, see Generating a New Cookie Encryption Key.
Share Cookies across Domains
You can configure Commerce Server to share cookies across different domains. Each cookie has a domain property that determines the domain in which the cookie is valid. For more information about sharing cookies across domains, see AuthFilter Single Sign on Support.
.gif "Ee796649.note(en-US,CS.20).gif")
Note
- If you are using Secure Socket Layers and Secure Hypertext Transfer Protocol (SSL/HTTPS) for an application, the domain scope is built from the secure host name. If you are using HTTP, the domain scope is built from the non-secure host name. For information about configuring the secure host name and the non-secure host name for an application, see Configuring an Application.
Share Cookies across Applications
You can configure Commerce Server so that cookies can be shared across applications on the same site.
In some cases, you may not want to share cookies across applications in the same site, because the presence of cookies will impact the analysis results of user activity on your site. For example, if you have a site that sells office supplies, and you share cookies between a supplier application and a retail application, your analysis results will not differentiate user activity between the two applications. The purchases made at the supplier site may show one user purchasing office supplies in very large quantities, but the retail site may show users purchasing supplies in small quantities.
For more information about sharing cookies across applications, see Enabling Cookie Sharing across Applications.
See Also
Generating a New Cookie Encryption Key
Managing Encrypted Profile Properties
AuthFilter Single Sign on Support
Copyright © 2005 Microsoft Corporation.
All rights reserved.