Allowing access to encrypted parameters

Allowing access to encrypted parameters
Cache identifiers are based on non confidential information such as store, language, catalog, category, or product identifiers. These identifiers are typically encrypted in the URL. If the parameters are encrypted, a cache miss would result due to missing parameters for the cache ID. Therefore, in order to use these identifiers they must be made visible in the URL first. Then, a cache hit would result because they are now visible.

Procedure
Option Description
Local store
To exclude parameters from being encrypted in the URL they must be specified in the wc-server.xml file as NonEncryptedParameters.
Open the WebSphere Commerce configuration file.
Add the following sample section (we can include more or less parameters as needed) below the <ProtectedParameters> section in the XML file:
<NonEncryptedParameters display="false">
                <Parameter name="storeId"/>
                <Parameter name="langId"/>
                <Parameter name="catalogId"/>
                <Parameter name="categoryId"/>
                <Parameter name="productId"/>
        </NonEncryptedParameters>
Remote store
To exclude parameters from being encrypted in the URL they must be specified in the crs.ear/xml/config/wc-store.xml file as NonEncryptedParameters.
Open the crs.ear/xml/config/wc-store.xmlfile.
Modify the default settings. The default setting are shown in the following example:
<NonEncryptedParameters display="false"> 
    <Parameter name="storeId"/> 
    <Parameter name="langId"/> 
    <Parameter name="catalogId"/> 
    <Parameter name="categoryId"/> 
    <Parameter name="productId"/> 
    <Parameter name="CIPCurrentOrderPage"/> 
    <Parameter name="CIPReqListPage"/> 
    <Parameter name="CIPOrderStatus1Page"/> 
    <Parameter name="CIPOrderStatus2Page"/> 
    <Parameter name="CIPOrderStatus3Page"/> 
    <Parameter name="cm_cr"/> 
    <Parameter name="cm_mmc"/> 
    <Parameter name="bvdisplaycode"/> 
    <Parameter name="bvappcode"/> 
    <Parameter name="bvproductid"/> 
    <Parameter name="bvpage"/> 
    <Parameter name="bvcontenttype"/> 
    <Parameter name="bvauthenticateuser"/> 
</NonEncryptedParameters>
Example
The following example shows how allowing access to encrypted parameters helps caching: Cache miss
The encrypted parameters storeId and catalogId are not visible on the URL. If the parameters are encrypted then a cache miss results due to missing parameters storeId and catalogId for the cache ID.
 https://node/webapp/wcs/stores/servlet/StoreCatalogDisplay?krypto=H6tSfK3MjYdLe5LvbDFXc4X0MKBx5125EC8Vku13IfR%2Bl%2F2XICaYD74ZAL6Cp2JfewdPvFtc34%2Fm%0D%0AzNnuS1hqxgXwxbdKTTeW8o1WestaRyoGDTQ4vTxwXAghBiI1EugbIvXw%2BPJVUawZUrIZO2l73y5v%0D%0Ad4It0fjLCUiRbqDXx0Hmgw9rEtN2sdNhOsL3P%2FRi8hYpvrkCLbsAkWS8m3EnZw%3D%3D&ddkey=Logon
Cache hit
After setting up the NonEncryptedParameters, the parameters are now visible in the URL.
https://node/webapp/wcs/stores/servlet/StoreCatalogDisplay?storeId=10051&catalogId=10101&krypto=ytM2lcQfujt8Gw8jfBKIrWXAAIaYbCyrsz5aYOCvuqX96e3070sapz96PuUyt3b0c5bcMQpwn%2BHN%0D%0AKaP57hGGEFy3X%2B0PDAJRH%2BPS6Khn90gkODzm5P1hv0zNzGEgrlXh2pc0LZhn%2BtDKSH5QkCNLnzVE%0D%0AIGf9hMonFODldvoKbfPk80xaLM1cdA%3D%3D&ddkey=Logon