Allowing access to encrypted parameters

Cache identifiers are based on non confidential information such as store, language, catalog, category, or product identifiers. These identifiers are typically encrypted in the URL. If the parameters are encrypted, a cache miss would result due to missing parameters for the cache ID. Therefore, in order to use these identifiers they must be made visible in the URL first. Then, a cache hit would result because they are now visible.

Procedure


OptionDescription
Local store To exclude parameters from being encrypted in the URL they must be specified in the wc-server.xml file as NonEncryptedParameters.
  1. Open the HCL Commerce configuration file.
  2. Add the following sample section (you can include more or less parameters as needed) below the <ProtectedParameters> section in the XML file:
    <NonEncryptedParameters display="false">
                    <Parameter name="storeId"/>
                    <Parameter name="langId"/>
                    <Parameter name="catalogId"/>
                    <Parameter name="categoryId"/>
                    <Parameter name="productId"/>
            </NonEncryptedParameters>
    
Remote store To exclude parameters from being encrypted in the URL they must be specified in the crs.ear/xml/config/wc-store.xml file as NonEncryptedParameters.
  1. Open the crs.ear/xml/config/wc-store.xmlfile.
  2. Modify the default settings. The default setting are shown in the following example:
    
    <NonEncryptedParameters display="false"> 
        <Parameter name="storeId"/> 
        <Parameter name="langId"/> 
        <Parameter name="catalogId"/> 
        <Parameter name="categoryId"/> 
        <Parameter name="productId"/> 
        <Parameter name="CIPCurrentOrderPage"/> 
        <Parameter name="CIPReqListPage"/> 
        <Parameter name="CIPOrderStatus1Page"/> 
        <Parameter name="CIPOrderStatus2Page"/> 
        <Parameter name="CIPOrderStatus3Page"/> 
        <Parameter name="cm_cr"/> 
        <Parameter name="cm_mmc"/> 
        <Parameter name="bvdisplaycode"/> 
        <Parameter name="bvappcode"/> 
        <Parameter name="bvproductid"/> 
        <Parameter name="bvpage"/> 
        <Parameter name="bvcontenttype"/> 
        <Parameter name="bvauthenticateuser"/> 
    </NonEncryptedParameters>

Example

The following example shows how allowing access to encrypted parameters helps caching:
Cache miss

The encrypted parameters storeId and catalogId are not visible on the URL. If the parameters are encrypted then a cache miss results due to missing parameters storeId and catalogId for the cache ID.

 https://node/webapp/wcs/stores/servlet/StoreCatalogDisplay?krypto=H6tSfK3MjYdLe5LvbDFXc4X0MKBx5125EC8Vku13IfR%2Bl%2F2XICaYD74ZAL6Cp2JfewdPvFtc34%2Fm%0D%0AzNnuS1hqxgXwxbdKTTeW8o1WestaRyoGDTQ4vTxwXAghBiI1EugbIvXw%2BPJVUawZUrIZO2l73y5v%0D%0Ad4It0fjLCUiRbqDXx0Hmgw9rEtN2sdNhOsL3P%2FRi8hYpvrkCLbsAkWS8m3EnZw%3D%3D&ddkey=Logon
Cache hit

After setting up the NonEncryptedParameters, the parameters are now visible in the URL.

https://node/webapp/wcs/stores/servlet/StoreCatalogDisplay?storeId=10051&catalogId=10101&krypto=ytM2lcQfujt8Gw8jfBKIrWXAAIaYbCyrsz5aYOCvuqX96e3070sapz96PuUyt3b0c5bcMQpwn%2BHN%0D%0AKaP57hGGEFy3X%2B0PDAJRH%2BPS6Khn90gkODzm5P1hv0zNzGEgrlXh2pc0LZhn%2BtDKSH5QkCNLnzVE%0D%0AIGf9hMonFODldvoKbfPk80xaLM1cdA%3D%3D&ddkey=Logon