I want to include e-commerce features into an application, like access to virtual Point-of-Sale (vPOS) to charge credit cards and allow automatic transfer.

This requires among others the use of encryption schemes with https (instead of http) and electronic signature.

This may seem a stupid question, but how does OICGI distinguish between https and http requests?

I would also appreciate any comments on implementing electronic signature for web applications.

Thanks in advance

Wilhelm

Wilhelm,

OICGI does not *need* to distingush between HTTP and HTTPS. The browser and web server should handle this between them ( provided the server has a a valid certificate installed ) - The information you receive in OI should appear as normal regardless of whether or not you used HTTPS to make the connection.

If you need to check in OI if the information you got was sent securely you could check the HTTPS field in the reuqest or look to see if the SERVER_PORT was 443.

The Sprezzatura Group

[/i]World leaders in all things RevSoft[/i]

Hi Sprezz,

Here is a fragment from a typical login page (which is meant to go through HTTPS).

…

…

Account

User

Password

…

On activating the SUBMIT button, OI-CGI receives the variable names together with the corresponding input values and turns on HTTP.

We use dynamic pages, with the templates stored in an AREV file called HTML, being RP_ACCESS the record key and the name of the corresponding subroutine at the same time.

After receiving the request, INET_RPPMAIN XLATEs('HTML','RP_ACCESS','','X') into a variable and fills out the rest of the page that is going to be returned to the user.

1. So, how can I tell OI-CGI to change to HTTPS request after the user confirms his ID and password?

2. And how do I have OI-CGI return the following pages in HTTPS, instead of HTTP?

Thank for your reply.

Wilhelm

View this thread on the forum...