ELECTRONIC COMMERCE ARCHITECTURE Web Client-Server Architecture As it was mentioned before, every computer in the Internet runs a TCP/IP protocol. To an end user, the lower level protocols like TCP/IP on which the Internet is built, is transparent. A user interacts with the Internet through one of several client/server applications. An application (client) running in one computer (client) requests a service from another application (server) running in another computer. In this architecture, there are two major classes of software that work together: Client Software: It usually resides on an end user’s computer and typically requests services such as a Web page, database access, email, and ftp to the server. It does very little work. Server Software: It usually resides on another computer that interprets requests from the client, processes them, access services from other computers if needed, and returns the result to the client. In Web-based client-server application, the client is the Web browser (Internet Explorer, Netscape Navigator) and the server is the Web server software (Internet Information Server, Apache Server). In this section, we will discuss the two- and three-tier Web-based clientserver architecture. We will also discuss the markup languages used to develop a Web page. Copyright 2002: Mohammad A. Rob 2 Two-Tier Client-Server In a two-tier architecture the client is tier 1 and the server is tier 2. A twotier system directs communications between the client on the Internet such as a Web browser and the Web server on the other end. In this mode, typically a user types a URL in the browser’s address line (and hits return) or clicks a link on a Web page. The browser then formats the request into a proper HTTP message and passes to the Internet. A Web server always listens to a particular port (port 80) for any incoming HTTP message. When it receives a request, it establishes a connection with the client computer. It locates the requested Web page and formats it into an HTTP message, and sends it back to the browser. The connection is then broken. When the client receives the message, it recognizes that the page is written in HTML-something it can interpret, and displays the formatted page. If the page contains any graphics, another connection is made between the client and the server. Three-Tier Client Server Application The three-tier builds on the two-tier approach. The first tier is the client, the second tier is the server, and the third tier is typically a database application running in different computer. Electronic commercial sites often require a three-tier system with its own hardware and software to keep track of customer purchases/preferences; query inventory databases or updates their catalog. The database services, which comprise the third tier, are often referred to as the backend machines/programs. When a client request a Web page from the server, the interprets it, and if it is found that the Web server needs to get services from a database, it accesses the database, collects necessary data, and returns the data formatted in HTML to the client. 3 4 E-Commerce Infrastructure In general, an e-commerce system includes mainly three software components that interact over the Internet: a browser, a Web server, and a database server. This is illustrated in Fig. 1. These components create an architecture that is commonly termed as a three-tier client-server architecture. The browser is the client installed on a computer at home or business. The Web server and the database server are installed on computers in a merchant network. The client searches for products through a URL or a link on a Web page that is stored on the Web server. The Web server interacts with the database server whenever a Web page finds any code that requires data access from the database. Fig. 1 also illustrates that a merchant Web server may interact with an Automatic Clearing House (ACH) computer for an on-line credit card processing or with a computer in the shipping company that delivers products for the merchant. These interactions create a multi-tier architecture for the electronic commerce application. A. Network Requirements A merchant must have a presence on the Internet so that a client from anywhere on the Internet can interact with the electronic shop set-up by the merchant. The merchant also needs to interact with other third-party companies through the Internet for order fulfillment. This sets up a multitier architecture as mentioned before and illustrated in Fig. 1. Fig. 1 also illustrates the architecture of the internal network of a merchant. The exact architecture of the network or the number of interconnected networks is not important here, except that many computers can be connected to a network and some of these computers can be used to install necessary software for e-commerce application development. B. Hardware Requirements The hardware architecture for a typical e-commerce application is illustrated in Fig. 2. Three PCs are identified with shaded rectangles that are involved in a typical e-commerce application. Two are server-type PCs and the third is a regular office PC. 5 Once the PCs are available, a network administrator can connect them in the available network nodes, install necessary operating system software, and assign IP addresses to the computers. Typically, these PCs are located in the server room or in close proximity of the network or lab administrator. This arrangement allows the network administrator to manage the PCs like any other network resource in a campus network. C. Software Requirements Several software components are required to develop and manage an ecommerce application. These include: a network operating system, a Web server and a database server. Fig. 2 illustrates the software requirements for an e-commerce application. a. Network Operating System A network operating system is necessary to manage the hardware, software, and users of a network. Microsoft Windows NT operating system is the most popular network operating system in a PC networking area and it should be available in any university. As shown by the dark rectangles in Fig. 2, the NT server should be installed in the server-type PCs, and the NT client or Windows 95/98 should be installed in the other PC. This last PC is typically used to manage the Web server and database server. b. Web Server The Web server is the most important software of an e-commerce application that provides Web presence for a merchant. As shown in Fig. 2, the Web server software needs to be installed in a PC running the NT Server. Microsoft Internet Information Server (IIS) is the choice for the Web server, because it comes free with the Windows NT operating system and is widely used in the industry. Thus it is readily available to a network administrator. To start with, it involves setting up a default Web site, a home directory, and a default Web page. The Internet Service Manager, which is installed with the IIS, is the administrative tool for the management and configuration of the Internet Information Server. See Fig. 3. 6 Upon installation, the IIS automatically creates a default Web site with a home directory such as C:\Inetpub\wwwroot. The name of the Web site can be changed, and more than one Web sites with different home directories can also be created. Fig. 4 shows the IIS property sheet with the Web Site tab, displaying the name of the web server. The network IP address of the computer is the default IP address of the Web site. Fig. 5 shows the Home directory setting of the IIS. As shown, the home directory can be selected from a directory in the local Web server or it can be changed to a directory in any computer within the network. If a user is allowed to browse the Web site to search for a file in a folder instead of typing the full path in the Web browser, "Directory Browsing Allowed” should be checked. Fig. 6 illustrates the property tab setting for selecting one or more default documents for the Web site. As shown, the “Enable Default Document” box needs to be checked and a default file name needs to be identified. In order to allow any user of the Internet to access the Web site, “Allow Anonymous Access” should be checked on the “Directory Security” tab, as illustrated in Fig. 7. Once the Web server is configured, a user within the network can type the name of the computer in the address line of a Web browser (for example, http://b3308-bpa.cl.uh.edu/isam5931) and the Web server will respond by displaying the default Web page. On the other hand, a user anywhere on the Internet (within the network or outside), can access the default page of the Web server just by typing the IP address of the computer (for example, http://129.7.30.129). To access the Web site through a domain name, the network administrator can assign a name for the computer within the domain and place an entry in the domain name server to identify the computer associated with the IP address. One of the best ways to learn about a Web server is to start with the Microsoft Personal Web server for Windows 95, 98 or NT, which can be downloaded free from the Microsoft site (may not be available anymore). Personal Web server can be used to set-up and configure a Web site in a local host. A book on the Microsoft Internet Information Server might be useful to set-up and administer the Web server. The IIS help menu also provides various features on Web administration and Web publishing. 7 c. Database Server Database is an essential component of an e-commerce application. It holds information of the electronic merchandise and is accessed concurrently by many users over the Internet. Thus a network database is essential to develop a true e-commerce application. A network database has a client portion and a server portion. The server portion is installed in a computer that runs a server-side operating system such as the Windows NT server. See Fig. 2. The client portion is installed in one or more computers in the network running a client operating system such as the Windows 95, 98, or NT client. The server contains the actual database and database-management tools. The client is used for operating and managing the database system from a remote computer within a local network. Many databases can be created in a single database server and many users can access and manipulate a single database from multiple computers. Incidentally, the database server can be installed in the same computer that runs the Web server. This arrangement does not compromise the performance of the database or the Web server in an application development environment. Microsoft SQL Server is a popular network database, because most networked PCs run on the Windows operating system. The graphical user environment of the SQL Server is very simple to use. The SQL server also comes free with the Windows NT operating system and a few other Microsoft software bundles. The security of the SQL server is integrated with the security of the Windows NT operating system. It allows a network administrator to easily map a user’s database access permission to that of the network permission. When the SQL Server is installed, “Enterprise Manager” management tool is automatically installed with both the server and client versions. Thus the SQL server can be managed either from the server computer or from a remote computer within the network. In order to create a database for an e-commerce application, one typically accesses the database server from a client computer. Thus the SQL server client portion needs to be installed in the laboratory personal computers. After installation, each client needs to register with the 8 database server using a valid username of the SQL server. This is performed through the “New SQL Server Registration” option in the Enterprise Manager. Browser PC Automatic Clearing House Client Internet Shipping Company Web Server Gateway Database Server PC PC PC Merchant Fig.1: Multi-tier client-server architecture of an electronic commerce application 9 Stored Web Pages NT Server NT Client Internet Information Server (IIS) Visual Basic, Enterprise Manager NT Server Visual InterDev, Enterprise Manager SQL Server NT Client Database Administration of IIS and SQL Server Microsoft Management Console NT Client Access, Visual InterDev NT Client Fig. 2: Hardware and software architecture of an electronic commerce application development and management environment in a PC Network. 10 Fig. 3. Internet Service Manger window for managing Microsoft Internet Information Server Fig. 4. Web Site property tab showing the Web site name and IP address of the Web server. Note the name of the Web site is changed to UHCLMISWeb. 11 Fig. 5. Default home directory and various permissions of the Web site as shown on the property sheet of the Internet Information Server. Fig. 6. Document tab setting of the IIS property window. The Web server first looks for the Main.htm file, and if not found, it looks for the 12 Default.htm file. Pressing Add button would allow another file to be included in the default document list. Fig. 7. Directory security tab of the Internet Information Server. Selection of "Allow Anonymous Access" allows any user of the Internet to access the Web site or a Web page. 13