Home > Store

Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers

Register your product to gain access to bonus material or receive a coupon.

Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers


  • Sorry, this book is no longer in print.
Not for Sale


  • Copyright 2002
  • Dimensions: 7-3/8x9-1/4
  • Pages: 336
  • Edition: 1st
  • Book
  • ISBN-10: 0-201-71932-0
  • ISBN-13: 978-0-201-71932-1

"I'm confident that Implementing B2B Commerce with .NET will pay for itself many times over. That, after all, is what great computer books are all about."
--From the Foreword by Jeff Prosise

As companies worldwide flock to get their Web-based B2B capabilities up and running, developers are faced with the reality of designing, developing, and implementing these systems.

Written for applications developers, programmers, and technical managers, Implementing B2B Commerce with .NET provides in-depth, technical information on the technologies and techniques you need to build effective and secure Web-based B2B solutions for the Microsoft .NET platform. Based on the author's extensive professional experience, this book explores the purpose and advantages of B2B Web systems, and provides specific information on the tools that aid in their development.

You will find detailed explanations of relevant .NET technologies and how to use them to build B2B systems. In addition, the book presents experience-based methods and strategies for managing the development process, as well as extensive coverage of the wide range of B2B applications possible--from simple transaction processing to sophisticated, customized supplier and partner communications.

Specific topics covered include:

  • Implementing vital security measures in B2B applications
  • Working with ASP.NET, Web Forms, and XML Web services
  • XML Web services and BizTalk
  • Using the Webridge B2B framework
  • B2B development traps and pitfalls
  • Forming the B2B development team
  • A proven methodology for B2B project management
  • Creating a secure extranet server to host B2B applications
  • Selling-chain B2B applications
  • Supply-chain B2B applications
  • Plenty of real-world code examples illustrate concepts and provide you with valuable building blocks for your own projects. With these specific technologies and methods for building B2B Web systems, along with an understanding of the kinds of sophisticated B2B applications available, you will be well-equipped to make your organization's B2B plans a reality.


    Sample Content

    Online Sample Chapter

    Implementing Security in B2B Applications

    Table of Contents






    1. Web-Based Applications.

    Web Sites That Are Files.

    Web Sites That Are Programs.

    Web Sites That Are Applications.

    Don't Make Your Clients Fat.

    Don't Use Your Backend for Logic.

    The Sweet Spot Is in the Middle.

    Building Applications Using the .NET Framework.

    The .NET Framework Class Library.

    .NET Framework SDK Samples.

    2. Implementing Security in B2B Applications.

    Security, a Primary Role of B2B Web Sites.

    A Real-World Example of a Fundamental B2B Design Pattern.

    Mechanisms for Controlling Access to Data and Applications.



    Options for Implementing Authentication and Authorization.

    Implementing SQL-Based Authentication and Authorization.

    ASP.NET Web Forms and Authentication.

    Authentication in ASP.NET Web Applications.

    What You Can Do with a Secure Web Site.

    Building the Manufacturer a Web Site.

    4. ASP.NET Web Forms and Database Access.

    Using a Relational Database Server for ASP.NET Security.

    Placing Database Connection Information in the Web.config File.

    Logging In Using Valid User IDs in the Database.

    Showing the Right Information to the Right People.

    5. ASP.NET and Database-Driven Content Access Control.


    Security for Publishing Documents.

    Building an ASP.NET Page that Contains Hyperlinks to Documents.

    Authorization for Documents.

    Preventing Security Bypass.

    Showing Confidential Hyperlinks.

    Uploading Documents.

    Building a Search Page.

    6. XML Web services and BizTalk.

    Real World B2B Commerce.

    XML Web services.

    Building and Using XML Web services in Visual Studio.NET.

    XML Web services Security.

    Completing the Web service Code.

    Creating a Web service Client.

    Calling Web Methods Asynchronously.

    Building a Web service That Returns Files.

    Transactions in XML Web services.

    Scope of Transactions in XML Web services.

    Length of Transactions.

    Getting the Right Transactions.

    BizTalk Server.

    7. Advanced B2B Applications with Webridge.

    Introduction to Webridge Extranet.

    B2B Infrastructure for Rapid Development Projects.

    Managing Context.

    A Portal for Integrating and Extending Internal Information Systems.

    How and Where to Use Webridge Extranet.

    B2B Infrastructure and Functionality.

    Infrastructure Code That Is Needed for B2B Applications.

    The Challenge of Building B2B Infrastructure Code.

    The Webridge Extranet Framework.

    Best of Suite.

    Webridge Extranet.


    38. Security in an Insecure World.

    Security, a Primary Role of B2B Web Sites.

    Protecting the B2B Site.

    Insider Negligence.

    Deliberate Attacks from the Inside.

    Attacks from the Outside.

    Building a Hardened B2B Server.

    Secure Communications in Internet Commerce.

    Public Key Algorithms.

    Certification Authorities.

    Secure Sockets Layer (SSL).

    Securing Information Inside an Organization.

    9. B2B Development Traps.

    Complexity of B2B Development.

    B2B Technology.

    Diverse Technologies.

    Understanding the Technology.

    B2B Developers.

    Underestimating Difficulty.

    Lack of B2B Development Experience.

    Bad B2B Implementations.

    B2B Site Owners.

    Scope Creeps.

    Unfeasible Features.

    Inconsequential Features.

    Mutually Exclusive Features.

    Inexperienced Developers.

    More Than a Web Site.

    Features That Don't Add Value.

    Not Enough Attention to the Project.

    Project Management Problems.

    10. The B2B Development Team.

    Forming the Team.

    Knowledge Is Power.

    Lead from the Front.

    The Polluted Environment.

    The A-Team.

    The Right Mix.

    One Project at a Time.

    What We Have Here Is a Failure to Communicate.

    The Geographically Dispersed Team.

    The Cohesive Team.



    The Few, the Proud, the Team.

    Producing the Software.

    The Roles.

    Leadership Roles.

    Full-Time Roles.

    Part-Time Roles.

    B2B Disciplines and Skill Sets.

    B2B Projects.

    Preach to the Choir.

    Vision Document.

    Understanding the Problems.

    Agreeing on the Problem Definition.

    Identifying the Stakeholders.

    Defining the Solution Boundary.

    Identifying the Constraints.

    Completing the Vision Document.


    Managing Complexity.

    “Up and Running”.

    Phased Approach.


    Requirements Management.

    Software Requirement Specification, or SRS.

    SRS Package Ownership.

    SRS Package Organization.

    SRS Package Content.

    Requirements Gathering.


    Analysis and Design.

    Creative Work.

    Technical Work.

    Project Plan and Schedule.


    Development Infrastructure.

    Assignment of Tasks.

    Testing and Deployment.

    Acceptance and Sign-Off.

    Project Timeline.


    12. Extranets and B2B Web Sites.

    Introduction to Extranets and B2B Web Sites.

    The Purpose of B2B Applications.

    Overview of B2B Web Sites.

    A Broad Description of B2B Web Sites.

    A Precise Description of B2B Web Sites.

    B2B Web Site as a Platform for B2B Applications.

    Users of B2B Web Sites.

    User Profiles.

    Features of B2B Web Sites.

    13. Selling-Chain Management.

    Introduction to Selling-Chain Management.

    The Purpose of Selling-Chain Management Applications.

    Overview of Selling-Chain Management.

    Purpose of Selling-Chain Management.

    Business Forces Driving the Need for Selling-Chain Management.

    Technology Forces Driving the Need for Selling-Chain Management.

    Users of Selling-Chain Applications.

    User Profiles.

    Features of Selling-Chain Applications.

    14. Supply-Chain Management.

    Introduction to Supply-Chain Management.

    Overview of Supply-Chain Management.

    The Need for Supply-Chain Management.

    The Purpose of Supply-Chain Management Applications.

    Current Supply-Chain Management Practices.

    New Practices in Supply-Chain Management.

    Users of Supply-Chain Applications.

    CPFR Process Synchronizes Planning.

    User Profiles.

    Features of Supply-Chain Applications.

    Index. 0201719320T12062001


    Audience and Goals for this Book

    There are several business-to-business (B2B) Internet commerce books on the market. Many of these books are intended for business executives, and they explain why Internet commerce is valuable. In contrast, this book is intended for developers and technical managers, and it explains B2B Internet commerce in terms of what to build and how to build it.

    This book covers issues that are important in extranet/B2B development, including issues of development, management, and what to build. Therefore this book is organized into three parts: Part 1 covers development issues, Part 2 management issues, and Part 3 what-to-build issues.

    Part 1 is for developers, Part 2 is for managers, and Part 3 is applicable to both groups. Developers should concentrate on Parts 1 and 3 but may want to look over Part 2.

    Managers can skim over Part 1 but should concentrate on Parts 2 and 3. They should read Part 3 first to gain a context on what needs to be built and then readPart 2 for information on the people and project issues involved in building software systems such as these.

    Expectations for this Book

    This is a "do-it-yourself" book for people who need to build B2B applications. Developers cannot compile and run the source code examples in this book without an understanding of and a willingness to use basic debugging techniques. While the code in the book is correct, the reader must know how to deal with differences in machine configurations and software versions and how to track down solutions to their own mistakes to make the code work for them.

    This book does not provide a complete, finished B2B application. The source code examples illustrate elementary coding techniques for implementing typical B2B design patterns. This book tells you what the hard parts are and offers guidance for writing the code, which readers must complete on their own.


    B2B development requires the melding of technology from several different branches of computer science. Therefore, to understand the code samples in Part 1, the reader must have a working knowledge of the following B2B-enabling technologies:

  • Object-oriented programming languages
  • Databases and relational database servers
  • Web servers, browsers, and N-tier development
  • Networking and security
  • Server-side component technologies
  • The source code examples in this book will be useful to programmers who read the book after they have obtained a solid understanding of these B2B-enabling technologies on the Microsoft platform. If you are a developer and would like to assess your own knowledge, refer to the last several pages of Chapter 10 for a list of B2B technical skills. If many of the terms in the list are unfamiliar to you, you may have difficulty with the source code examples in Part 1.

    Note: If you are a developer who is unfamiliar with object-oriented (OO) languages such as C++, Java, or C#, you may have trouble understanding the source code examples in this book. This book assumes that developers who work through the code samples are already proficient with such OO concepts as static methods,virtual methods, abstract base classes, and so forth. You will want to familiarize yourself with true OO concepts before tackling the source code examples.

    Part 1:Coding for B2B Applications

    The chapters in Part 1 deal with the technical portion of how to write B2B applications. Part 1 contains B2B coding examples that are implemented using the Microsoft .NET Framework. This part is particularly relevant for developers.

    As of this writing, .NET is very new, so I assume that many readers may not yet be proficient in it. Therefore I progressively disclose .NET development topics so readers have the opportunity to become proficient in the .NET Framework as they proceed through Part 1. Readers should also plan to use additional sources to develop a thorough proficiency in the .NET Framework.

    In a progressive sequence I explain the particular segments of the .NET Framework that are relevant to B2B programming. Readers who are new to the .NET Framework may find it helpful to use this book as a syllabus or sequence of topicsto learn about it.

    If you are a developer and would like to work through the code examples inthis book yourself, you will need the following Microsoft software:

  • Windows 2000 Server or Advanced Server, or Windows XP
  • SQL Server 2000 or later
  • Internet Information Server (IIS)
  • Visual Studio .NET
  • With Visual Studio .NET, you must install the following items:

  • C# Compiler
  • C++ Compiler
  • Web Development Server Component
  • .NET Framework SDK
  • .NET Framework SDK samples
  • Part 2:People, Politics, and B2B Projects

    To be successful in B2B development, you must handle appropriately the strategic issues that go beyond tools and technologies. Part 2 explains the people portion of the how to write B2B applications. This part is particularly relevant for managers.

    To build B2B applications successfully, you must form a team of the rightpeople with the right skills. Chapter 10 discusses the development team and thenecessary skills.

    Once you have the tools and the team, you will need a methodology for your projects, an organized process for designing your B2B applications, and a repeatable and reliable project methodology for building them. There are several possible procedures, but many are not appropriate for a B2B project. Chapter 11 presents one methodology with which the author has seen repeated B2B successes. In addition to the tools, the people, and the methodology, you need to know what to build.

    Part 3:Vision Documents for TypicalB2B Applications

    When it comes to B2B Internet commerce, you can find lots of advice on why you should do it, but (outside of this book) you will find very little advice on what you should build. Part 3 is relevant to both developers and managers. Managers should perhaps read the chapters in Part 3 first and then go back and read Part 2. Finally, they can skim Part 1 to get a context on what B2B developers are up against.

    The general concepts of B2B applications are apparent. However, the devil is truly in the details of B2B implementations. Fundamental questions such as "What should the application do?" can be difficult to answer because of the general lack of information and advice.

    This book helps you with the question of what B2B applications should do by providing the Vision documents for typical B2B applications. These chapters should provide a good point of departure for you as you begin to spec out your own applications.

    Information That Is Not in This Book

    This book is not a tutorial on OO, RDMBS, or Web technology. Knowledge of diverse technologies is a prerequisite for building B2B Web sites and applications. These technologies include object-oriented programming, database servers, Web technologies, and network security. These topics are so broad, however, that tutorials for each require a book of their own and thus are not included in this book.

    This book does not provide B2C commerce information. Internet transactions between businesses are generally not conducted with credit cards. This book does not explain how to build a Web site that performs credit card processing because it is not highly relevant to B2B commerce. This book does not deal with other business-to-consumer (B2C) commerce development issues either.

    This book does not tell you how to build B2B marketplaces. B2B marketplaces are intended chiefly to automate transactions. As the Introduction explains, B2B commerce involves far more than the automation of transactions. Instead of talking about marketplaces, this book focuses on extranet-based B2B commerce. In extranet-based B2B commerce, every company has its own extranet and uses that extranet to host B2B applications, which enables each company to move its business to the Web.

    This book does not provide a complete sample B2B application. The soup-to-nuts source code for a complete B2B application would be lengthy, and it would also contain a lot of repeated concepts. Therefore, to convey valuable information in a concise way, the book includes only the fundamental parts of the source code for B2B implementations.

    Finally, this is not a paint-by-numbers book. It does not provide everything you need to implement B2B commerce. This book covers only the little-known aspects of B2B commerce development, topics not covered in detail elsewhere.

    Source Code for this Book

    The source code for this book is available for download on the author's Web site at www.howtob2b.com.



    Abort command (BizTalk), 109
    ACatalog application (Web service client), 101-103
       Web methods, calling asynchronously, 103-105
    access control
       anonymous users, 49
       need for, 23
       selling-chain management sites, 40
    Access Control Lists (ACLs), authorization, 28
    accounts (user), authentication and authorization in NOS, 26-27
    ACID (Atomicity, Consistency, Isolation, Durability), transactions and, 107
    ACLs (Access Control Lists), authorization, 28
    acquisitions, selling-chain management and, 248
    Action command (BizTalk), 109
    Active Directory, security limitations, 27-28
    Active Server Pages. See ASP
    Add Web Reference dialog (Solution Explorer), 102
       URIs (Uniform Resource Identifiers), 13
       URLs (uniform resource locators), 4
    administrators, B2B Web sites, 231, 235
       supply-chain applications, 278
    AFR (Aggregate Forecasting and Replenishment), 266-267
    algorithms, encryption, 145-147
    alpha version, timeline for, 215-216
    Amazon.com, 229
    analysis and design phase, 210-211
       timeline, 214-215
    Anchor property (DataGrid control), 102
    anonymous users
       access, denying, 49
       B2B Web sites, 231-232
       selling-chain management and, 253
    applications. See also programs
       automated clients, 106
       B2B, purpose of, 223-224
       BizTalk Orchestration Designer, 110
       client/server code implementation, 8-10
       console, creating, 12-16
       cross-company, security, 29
       e-Business principles and, 164-165
       selling-chain, 242, 254-258
       supply-chain management, 263-264
       Web sites as, 7-10
    applications (B2B). See also Web sites (B2B)
       ACataolg (Web services), 101-103
       authentication and authorization, 28-29
       B2B Web sites and, 229-230
       basic characteristics, 3
       basic security issues, 19
       code implementation considerations, 8-10
       complexity of, 153-154
       cost, 177-178
       design considerations, 20-25
       development teams, member characteristics, 168-177
       difficulty of creating, danger of underestimating, 156-157
       purpose, 223-224
       tasks of, 7-8
       technology requirements, 154-155
       valueless features, 162-163
       Web server requirements, 9
    artists, on development teams, 183
    asmx files, 95
    ASP (Active Server Pages)
       compared to ASP.NET, 45
       dynamic Web pages and, 7
    .asp file extension, 7
       code-behind pages, 43-45
       compared to ASP, 45
       configuration file, 47
       design time considerations, 45
       document hyperlinks, 79-81
       Home pages, creating, 41-45
       pages, creating, 49
       runtime, 45
       security, relational databases and, 55
       trace facility, 80-81
       user list, storing, 55
       using directives, 44
    aspx pages, document authorization, 81-84
    asymmetric key algorithm, encryption, 145-146
    attacks on Web sites, 143
       asmx files, 96
       authentication (security), 26
       WebService, 97-98
    authenticated users, B2B Web sites, 231-233
       selling-chain management and, 253
       supply-chain applications, 277-278
    AuthenticateRequest event, Manufacturer A Web site, 62-65
    authentication, 25
       adding to Manufacturer A Web site, 45-50
       cookies, 48-50
       implementation, 26-29
       Internet commerce and, 144
       numeric keys, 100
       SQL, 29-38
       Web services and, 99-100
    authentication tag, changing mode attribute, 48
    authority, characteristics of, 168-169
    authorization, 25-26
       ACLs (Access Control Lists), 28
       C#, programming for resource requests, 66-76
       databases, requests for resources,66
       document IDs, returning, 34
       documents, adding functionality for, 81-85
       implementation, 26-29
       SQL, 29-38
    AuthorizeRequest event, 64
    automated applications, 106
    back- and front-office applications
       e-Business principles and, 164-165
    backend, application logic implementation considerations, 8
    backend applications, integrating, Webridge and, 117-118
    backup, uploaded file storage considerations, 91
    B2B applications. See applications (B2B)
    B2B servers, hardening, 143-144
    B2B Web sites. See Web sites (B2B)
    Begin command (BizTalk), 109
    BeginGetProductList method (Form1 class), 105
    best-of-bread, 122-123
    beta test, timeline for, 216
    BizTalk Server
       Dehydration and Rehydration, 112
       Messaging Service, 113
       Orchestration Designer, 110
       overview, 109-110
       Scheduler Engine, 112
       transactions, 111-112
       Webridge and, 118
       XLANG schedules, running, 112
    blank pages (Visual Studio .NET), renaming, 41
    Bodacious Boogey Boards, 226
    breakpoints, setting in C#, 50
       static Web sites and, 4
       Web page rendering, design issues, 162
    browsing, preventing direct document access, 86
    bullwhip effect, 261
    business object specialists (development teams), 181
    business objects, 9, 226-227
       .NET Framework Class Libraries, 11
    business plans, CPFR and join, 272-273
    C# programming language
       authorizing resource requests, 66-76
       breakpoints, setting, 50
       comments in, 58
       compiler error messages, 15
       console applications, creating, 12-16
       document authorization aspx pages, 81-84
       introduction to, 12-13
       memory, releasing, 14
    caching document authorizations, 84-85
    case-sensitivity, C#, 13
    categorizing information, internal security, 149-150
    certification authorities, security, 147-148
    champion role (development teams), 177-178
    channels, proliferation, 248
    Class attribute (asmx files), 96
    class libraries. See .NET Framework Class Library
       Console, 14
       ContextUtil, 107
       DocumentHandler, 81-84
       Form1, 104
       HttpApplication, 62-65
       Login, 57
       NameValueSectionHandler, 56
       Page, 45, 62
       Person, 66-76
       SecurityModule, 71-73
       SqlHelper, 58-61
       StreamReader, 14
       WebForm1, 44
       WebRequest, 14
       Webridge, 121-122
    client/server applications, code implementation and B2B applications, 8-10
       ACatalog (Web services), 101-103
       automated applications, 106
       code implementation considerations, 8
       Web s


    Submit Errata

    More Information

    Unlimited one-month access with your purchase
    Free Safari Membership