developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

SIM - Maintain session attributes

Is there any way to maintain session attributes, using HttpSession or Cookies?

 

I am trying to match the user in the session in the servlet handling the Silent POST and cannot find a suitable way to do this except maintining a database table.

 

 

Thanks for any help.

breitling replica watches

uurijibobr
Member

‎01-24-2012 03:16 AM

0 Kudos
Reply
2 REPLIES 2

The silent post and relay response pages do not have anything to do with the user. Only Authorize.net connects them. So you'll need to add a database record for the transaction up front, pass the record ID with the transaction, then have your relay response or silent post update the transaction status to "completed" or whatever. If you don't care about keeping ongoing records of transactions on your site, and instead just want to give the user access to something on your receipt page, you can instead have your receipt page look up the transaction using the Transaction Details API and give them access if the transaction has completed. Or pass a "transaction complete" value in the receipt URL, along with some sort of verification hash to make sure they aren't just typing in random transaction numbers.

TJPride
Expert

‎01-24-2012 06:35 PM

0 Kudos
Reply

If you are using java, tomcat-based servlet containers have the option to pass the session identifier cookie in the query string rather than as a cookie, so if your relay url is https://myserver.com/relayresponse, you can pass https://myserver.com/relayresponse;jsessionid=COOKIE_VALUE as the value for x_relay_response parameter, where COOKIE_VALUE is the personal JSESSIONID cookie value for the user browser - this way the HttpSession object will automatically become the same when relay response servlet is called.


There certainly are ways to retrieve the session storage for the user in any web platform, you just need to pass the cookie value that identifies the user session as a merchant-defined parameter and then look up the session once you receive the POST for relay_response from authorize.net.

nikolayv
Contributor
In response to TJPride

‎01-26-2012 06:01 AM

0 Kudos
Reply
Copyright © 2024 Khoros, LLC