OCI PunchOut in Infor e-Commerce

Here is my first test of Open Catalog Interface (OCI) in Infor e-Commerce.

About OCI

OCI is a standard from SAP from around year 1999:

It competes with the cXML standard from Ariba also from around year 1999.

I will use OCI for PunchOut with e-Commerce, i.e. for a buyer to place an order in a seller’s e-Commerce, and retrieve the order in the buyer’s system (e.g. SAP, PeopleSoft).


Infor e-Commerce supports OCI out of the box. Unfortunately, the documentation is meager, and when Infor acquired Lawson they removed the examples and screenshots of all documentation:

Thankfully, the old Lawson documentation still has examples and screenshots:

If we are familiar with Infor e-Commerce and OCI, and if we have the old documentation, we can figure it out.

1. Configuration for seller

Let’s configure the seller’s e-Commerce B2B, with role, customers, and users.

One time only, go to Business Center > Roles, select the desired role (e.g. Reseller), enable the Feature Element OCI Capable, and click Save:

For each customer, go to Business Center > Customers B2B > select a customer (e.g. 66045), and in the Customer Details > OCI Agreement, enter the Agreement Name/Description, Valid From/To, and Contact Person Buyer/Seller, and click Save:

For each user of each customer, go to Business Center > Users B2B, select the user (e.g. Thibaud), and in User Details > User Roles, enable the OCI Capable role (e.g. Reseller), and click Save:

2. Configuration for buyer

Setup the buyer’s OCI software (e.g. SAP, PeopleSoft) to launch e-Commerce with the URL in the following format:



  • https://seller.com/infor-ecom-b2b/cc/ is the base URL to Infor e-Commerce B2B Customer Center (replace the host, port, and path as needed). I had tried the B2C URL, but the reqpage had no effect, it only worked with the B2B URL.
  • Default2.jsp is the e-Commerce OCI page
  • @user.userid is the e-Commerce userid
  • @user.password is the e-Commerce password
  • reqpage=ItemList.jsp is the e-Commerce parameter to request the Item List landing page
  • HOOK_URL is the buyer’s OCI URL that will receive the e-Commerce order (ask the buyer for that URL), e.g. https://buyer.com/OCI

As usual, the parameter values must be URL-encoded in the URL.

That URL will launch e-Commerce, will authenticate the user, and will land the user in the items page, ready for the user to place an order.

3. Place an order

The user launches e-Commerce using the URL configured above (e.g. from SAP, PeopleSoft), the URL will authenticate the user to e-Commerce, and land directly in the e-Commerce items list:

Add items to the shopping cart as usual, go to View cart & checkout. Then, click Retrieve Order, it is a new button for the OCI Capable role:

At that moment, e-Commerce will logout, and will send the order to the buyer’s sytem by making an HTTP POST request to the specified HOOK_URL with the order details as x-www-form-urlencoded name/value parameters in the body:

Verify the order on the buyer’s system (e.g. SAP, PeopleSoft). That completes the process flow.


There is a page OciTestPage.jsp that you can use in HOOK_URL for testing purposes:

But it seems to have a few problems in my environment, and I kept getting an HTTP 302 re-direct to the home page, so I had to fix a few things:

  • The parameter NEW_ITEM-VENDORMAT had an incorrect index, I had to correct it manually from [2] to [0].
  • It did not work with my User B2B Thibaud, it says “You are currently not authorized to see the requested page. Please login and try again.” I had to switch to admin, I must be missing a Role.
  • I had to force the parameter retrieveorder to any non-null value.
  • There is a parameter ocirul which I do not know how to use.

Future work

  • OCI does not support edit and cancel operations of requisition orders, unlike cXML, so I must find a workaround.
  • Most OCI implementations have customized tweaks, deviating from the standard, so I have to find the source code for OCI in e-Commerce, and see if I can modify it accordingly.


That was my first test of OCI in Infor e-Commerce for a buyer to PunchOut to a seller.

Special thanks to Wayne Liu and Karl Bonne at Infor for the help.

That’s it!

Please like, comment, subscribe, share, author.

How to install Infor e-Commerce Development Studio

Here is an illustrated guide on how to install Infor e-Commerce Development Studio.


Infor e-Commerce is the B2C and B2B solution for Infor M3. Here is some history I found from the archives. The product was started by Danish-based Catalog-International in 1997, which was acquired by Swedish-based Intentia International in 2002, which was acquired by US-based Lawson Software in 2005, which was acquired by Infor in 2011. Over the years, it has survived many cycles of re-branding, refactoring, re-integration, and feature changes. Its various names have been: Ideal Commerce Suite (Ideal Seller & Ideal Procurement), Movex e-Sales, Lawson e-Sales, Infor e-Commerce, and now Infor Rythm on Infor CloudSuite. The Development Studio is the current plugin for Eclipse to develop for e-Commerce. It is loosely inherited from the old Cat@log Builder and ide@l Design Center.


You can download the documentation from Infor Xtreme > Search > Browse Documentation > Show All Product Lines > Infor e-Commerce:

I will follow the Infor e-Commerce Development Studio Installation Guide and User’s Guide. They do not have screenshots, so I will show you screenshots here:

I will assume the Infor e-Commerce server is already installed and setup with the SQL Server database, IBM WebSphere Application Server (WAS), and IBM HTTP Server (IHS). I will install e-Commerce Development Studio version on a Windows x64. There are strict system requirements for ancient versions of software.

1. Java Development Kit

Install the Java SE Development Kit (JDK) version 1.6.0_45. Set the environment variables JAVA_HOME and PATH:

2. Eclipse IDE

Install Eclipse IDE for Java EE Developers version 3.7.1:

Note: I had used the lasted Eclipse version 4.6, but e-Commerce Development Studio threw an error during installation, and I resolved it by reverting to the old Eclipse version 3.7.1:
Missing requirement: DesignCenter Plug-in 1.0.0 (com.lawson.eap.designcenter 1.0.0) requires 'bundle org.eclipse.core.runtime.compatibility 3.2.100' but it could not be found

To install Eclipse, simply download and unzip, e.g. C:\e-Commerce\eclipse\ :

Then, launch Eclipse, and select a workspace, e.g. C:\Users\X\workspace\ :

You can verify the result in Eclipse > About:

Change the Eclipse > Preferences > Java > Compiler, to JDK compliance 1.6:

By default it uses default JDK compliance 1.2, but then e-Commerce will throw compilation errors:
The return type is incompatible with AbstractSelectComponent.getResultset

3. Subclipse plugin

Install the Subclipse plugin version 1.8.x for Eclipse, even if you will not use it:
4 4_

Note: If you do not install Subclipse – for instance if you want to install Git instead – e-Commerce Development Studio will throw an error during installation:
Missing requirement: DesignCenter Plug-in 1.0.0 (com.lawson.eap.designcenter 1.0.0) requires 'bundle org.tigris.subversion.subclipse.core 1.6.18' but it could not be found:

Note: I used the latest Subclipse version 4.2.x, but Eclipse threw an error, and I resolved it by reverting to the old Subclipse version 1.8.x:
Subclipse talks to Subversion via a Java API that requires access to native libraries. Those libraries were either not found or an incompatible version was loaded.

4. e-Commerce Development Studio plugin

Download the Infor e-Commerce Development Studio plugin from Infor Xtreme > Downloads > Products > Customer Relationship Management > Infor e-Commerce:

Unzip the download, and install the plugin:
0__ 6

Verify the installation details:

In Window > Open Perspectives, select the Infor e-Commerce Development Studio perspective:

e-Commerce Development Studio is ready to be used.

5. Infor Application Installer (IAI)

Install the Infor Application Installer (IAI):

Note: I had an error earlier because of the missing JDK in the PATH:

Select Install IAI:

Find the WAS folder on your e-Commerce server, e.g. C:\IBM\WebSphere\AppServer\ :

In IAI, click Browse, and select the WAS folder. IAI will automatically find the profile (e.g. AppSrv01), cell name (e.g. Node01Cell), node name (e.g. Node01), and internal server name (e.g. server1). Set the Admin login name and password, and click Start:
7____ 7______

You can verify the installation log in the temp folder, e.g. C:\Users\X\AppData\Local\Temp\Y\install-iai\ :

You can verify the resulting installation folder, e.g. C:\IBM\WebSphere\AppServer\profiles\AppSrv01\installedApps\WIN-70T65OKA2OJNode01Cell\Publish.ear\ :

You can verify the IAI About page, e.g. http://localhost:9080/publish/About :

The Application Installer is now ready to deploy e-Commerce applications.

6. New Application

Back in Eclipse, select File > New > New Registered Application:
8___ 8_

Enter a Project Name and Application Name, e.g. infor-ecom:

It will create the new project, and it will automatically build the workspace and generate the file businessobjectmethods.jar, wait for it to finish:

Whenever a timestamp changes in the project, e-Commerce Development Studio will re-build the project, and it can be time consuming and frustrating. To avoid waiting unnecessarily, un-check the Project > Build Automatically, and remember to manually Build Project before deploying:

Go to menu Infor e-Commerce Development Studio > Set Active Project, and select the project:

Go to menu Infor e-Commerce Development Studio > Deployment Settings, and enter the Deployment Target Properties, with Web Server Name as defined in WAS:
10 10_ 10__

Go to tab Data Sources > MS SQL Server > sqlserver > right-click > Connection, and add a new connection, with the e-Commerce database information:
11_ 11__ 11

The e-Commerce application is now ready to be deployed.

7. Deploy

Build the Project, and wait for the build to finish.

In the menu Infor e-Commerce Development Studio, select Deploy Application:
12 12_

The e-Commerce application is now deployed on WAS, and ready to use. There is no need to restart WAS.

8. Result

Test the resulting e-Commerce application.

Customer Center:

Busines Center:

We now have a working e-Commerce Development Studio, project, and website to develop with.

9. Everyday development

For everyday development:

We can now modify the JSP, CSS, HTML, and other files in the src folder, re-build the project, and re-deploy as needed:

It is quicker to deploy just the presentation, either bc, cc, or common, depending on where we modified the files, rather than re-deploying the entire application:

Remember to set the active project again after each time you exit Eclipse.

Future work

In future work, I would like to:

  • Setup a B2B application (it involves swApp.vbs), in addition to the default B2C
  • Setup a team environment with Subversion for multiple developers to collaborate on the same e-Commerce application at the same time without overriding each other.
  • Setup logging, troubleshooting, and Java debugging for e-Commerce.
  • Deploy multiple applications on the same WAS.
  • Develop JSP that call Business Objects.
  • Use the XML Gateway.
  • Use Git instead of Subversion.
  • Set the Active Project by default.


That was a guide on how to install Infor e-Commerce Development Studio, with lots of illustrations to compensate for the lack of screenshots from the Infor documentation. e-Commerce Development Studio relies on many standards (J2EE, Eclipse, Subversion, etc.), as such it is familiar territory to install. But it requires ancient versions of its software requirements that if not met will cause errors. And the mystery of the e-Commerce Development Studio’s automatic build, at unexpected times, and lengthy, is a known frustration.

That’s it!

Please like, comment, share, subscribe, and come author with us.

M3 Infor Enterprise Search – Search query examples V2

Infor published a new version of the Search query examples document for
M3 Infor Enterprise Search (IES) available on the Knowledge Base at KB 1687355.

IES is an important part of M3 to increase user productivity, like a Google Search for M3.

Here are the topics of the document:

  • Simple search
  • Advanced search
  • Search including reserved words
  • M3 IES usage through API calls
  • Multi level key search
  • Very advanced search queries
  • Lucene references

Here is a sample screenshot of the document:

See the document at KB 1687355.

Thank you Magnus.


Infor M3 Enterprise Collaborator (MEC) now includes support for SSH FTP (SFTP), a secure file transfer protocol.

FTP vs. PGP vs. SFTP vs. FTPS

Plain FTP does not provide security properties such as confidentiality (against eavesdropping) and integrity (against tampering). FTP provides authentication, but it is plain text. As such, plain FTP is insecure and strongly discouraged.

Even coupled with PGP file encryption and signature verification to protect the contents of the file, the protocol, the credentials, the files and the folders are still vulnerable.

On the other hand, SFTP provides secure file transfer over an insecure network. SFTP is part of the SSH specification. This is what I will explore in this post.

There is also FTPS (also known as FTP-SSL and FTP Secure). Maybe I will explore that in another post.

MEC 9.x, 10.x,

If you have MEC or earlier, your MEC does not have full built-in support for SFTP or FTPS. I found some traces in MEC, 11.4.1 and 11.4.2. And I was told that support for SFTP was made as a plugin sort of, in some MEC 9.x version; maybe they meant FTPS. Anyway, if you are handy, you can make it work. Or you can manually install any SFTP/FTPS software of your choice and connect it to MEC. Do not wait to secure your file transfers.


MEC comes with built-in support for SFTP, and I found traces of FTPS. Unfortunately, it did not yet ship with documentation. I was told a writer is documenting it now. Anyway, we can figure it out by ourselves. Let’s try.

Here are the release notes:

In Partner Admin > Managed > Advanced, there are two new SFTP channels, SFTPPollIn and SFTPOut, which are SFTP clients:
5 6

By looking deeper at the Java classes, we find JCraft JSch, a pure implementation of SSH2 in Java, and Apache Commons VFS2:
2 13

SFTPOut channel

In this post, I will explore the SFTPOut channel in MEC which is an SFTP client for MEC to exchange files with an existing SFTP server.

Unit tests

Prior to setting up MEC SFTPOut, we have to ensure our MEC host can connect to the SFTP server. In my case, I am connecting to example.com [], on default port 22, with userid mecuser, and path /outbound. Contact the SFTP server administrator to get the values, and eventually contact the networking team to adjust firewall rules, name servers, etc.

Do the basic networking tests (ICMP ping, DNS resolution, TCP port, etc.):

Then, do an SSH test (in my example I use the OpenSSH client of Cygwin). As usual with SSH TOFU, verify the fingerprint on a side channel (e.g. via secure email, or via phone call to the administrator of the SFTP server assuming we already know their voice):

Then, do an SFTP test:

Optionally, compile and execute the Sftp.java example of JSch. For that, download Ant, set JAVA_HOME and ANT_HOME in build.bat, set the user@host in Sftp.java, and execute this:
javac -cp build examples\Sftp.java
java -cp build;examples Sftp


Those tests confirm our MEC host can successfully connect to the SFTP server, authenticate, and exchange files (in my case I have permissions to put and retrieve files, not to remove files).

Now, we are ready to do the same SFTP in MEC.

Partner Admin

In Partner Admin > Manage > Communication, create a new Send channel with protocol SFTPOut, hostname, port, userid, password, path, filename, extension, and other settings:

I have not yet played with all the file name options.

The option for private key file is for key-based client authentication (instead of password-based client authentication). For that, generate a public/private RSA key pair, for example with ssh-keygen, and send the public key to the SFTP server administrator, and keep the private key for MEC.

The button Send test message will send a file of our choice to that host/path:

The proxy settings are useful for troubleshooting.

A network trace in Wireshark confirms it is SSH:

Now, we are ready to use the channel as we would use any other channel in MEC.


  • The SFTPOut channel does not allow us to verify the key fingerprint it receives from the SFTP server. Depending on your threat model, this is a security vulnerability.
  • There is a lack of documentation (they are working on it)
  • At first, I could not get the Send test message to work because of the unique file name (I am not familiar with the options) and the jzlib JAR file (see below).
  • MEC is missing JAR file jzlib, and I got this Java stacktrace:
    com.jcraft.jsch.JSchException: java.lang.NoClassDefFoundError: com/jcraft/jzlib/ZStream
    at com.jcraft.jsch.Session.initDeflater(Session.java:2219)
    at com.jcraft.jsch.Session.updateKeys(Session.java:1188)
    at com.jcraft.jsch.Session.receive_newkeys(Session.java:1080)
    at com.jcraft.jsch.Session.connect(Session.java:360)
    at com.jcraft.jsch.Session.connect(Session.java:183)
    at com.intentia.ec.communication.SFTPHandler.jsch(SFTPHandler.java:238)
    at com.intentia.ec.communication.SFTPOut.send(SFTPOut.java:66)
    at com.intentia.ec.partneradmin.swt.manage.SFTPOutPanel.widgetSelected(SFTPOutPanel.java:414)

    I was told it should be resolved in the latest Infor CCSS fix. Meanwhile, download the JAR file from JCraft JZlib, copy/paste it to the following folders, and restart MEC Grid application and Partner Admin:
    Partner Admin\classes\
  • Passwords are stored in clear text in the database, that is a security vulnerability yikes! SELECT PropValue FROM PR_Basic_Property WHERE PropKey='Password' . I was told it should be fixed in the Infor Cloud branch, and is scheduled to be merged back.
  • With the proxy (Fiddler in my case), I was only able to intercept a CONNECT request, nothing else; I do not know if that is the intention.
  • In one of our customer environments, the SFTPOut panel threw:
    java.lang.ClassNotFoundException: com.intentia.ec.partneradmin.swt.manage.SFTPOutPanel

Future work

When I have time, I would like to:

  • Try the SFTPPollIn channel, it is an SFTP client that polls an existing SFTP server at a certain time interval
  • Try the private key-based authentication
  • Try SFTP through the proxy
  • Try FTPS
  • Keep an eye for the three fixes (documentation, jzlib JAR file, and password protection)


This was an introduction about MEC’s support for SFTP, and how to setup the SFTPOut channel for MEC to act as an SFTP client and securely exchange files with an existing SFTP server. There is more to explore in future posts.

Please like, comment, subscribe, share, author. Thank you.

UPDATES 2017-01-13

  • Corrected definition of SFTPPollIn (it is not an SFTP server as I had incorrectly said)
  • Added security vulnerability about lack of key fingerprint verification in MEC SFTPOut channel
  • Emphasized the security vulnerability of the passwords in clear text

User synchronization between M3 and IPA – Part 4

I re-discovered a technique to synchronize users between Infor M3 and Infor Process Automation (IPA) using IPA’s web based administration tools.

It is now my preferred technique for the initial mass load of users, whereas previously in part 2, I had been using command line tools.

IPA web admin tools

The IPA web admin tools are located at http://host/UserManagement/home?csk.gen=true for the gen data area, to create the Identities, Actors, Actor-Identity, and Actor-Roles; and at http://host/lmprdlpa/LpaAdmin for the environment data area – PRD in my case – to create the Users, Tasks, and User-Tasks. It is the same as the IPA Rich Client Admin but web-based instead of Java GUI based.

To find the tools, use the shortcuts ValidationURLs.htm in your IPA installation folder: 0

Replaying the actions

I manually created users in the IPA web admin tools, intercepted in Fiddler the HTTP requests of each action, replayed the POST requests in Fiddler Composer, and repeatedly pruned the unnecessary data away until I identified the minimum set of values.

I then translated the result into the equivalent JavaScript code.


Here below is the result. It supposes you already have an array of users which you can generate with SQL or M3 API (from MNS150 and CRS111).






Source code

I posted the source code WebAdmin.js on my GitHub repository. I will update the source code there.

Future work

  • Stitch the JavaScript code together
  • Create the Tasks (from MNS405)
  • Create the User-Tasks (from MNS410)


This is yet another technique to synchronize users between M3 and IPA. I find it easier than the command line tools I was using previously. Follow the progress on the GitHub repo.

Related articles

  • Part 1, overview of user synchronization between M3 and IPA

That’s it! Please like, comment, subscribe, share, and author with us.

Troubleshooting M3 Web Services

I forgot how to troubleshoot Infor M3 Web Services (MWS) and wasted time researching again. This time I share what I rediscovered so I remember next time.


I created a simple web service of type M3 Display Program (MDP) that creates a Facility in CRS008. The steps work correctly in M3:

MWS Designer error

I created the equivalent web service in MWS Designer (MWSD), but it throws ‘Unable to execute MPD!’:

MWS Designer log

The MWSD log does not provide more information:

We can increase the MWSD log level from WARN to DEBUG/TRACE, it shows some HTTP/SOAP information (remember to revert when done as it fills the disk space):
10 10_

Fiddler proxy

We can use an HTTP proxy such as Fiddler to see the HTTP/SOAP request/response:
11 11_


We can use another SOAP client such as SoapUI to test the web service:
12 12_

Generated Java code

MWS Server generates Java code for each web service. I do not see any error with the generated code. The code uses Apache Axis2/CXF for SOAP, and the old Intentia Movex MPD for the interactive session:
7_ 7__

MWS Server log

The MWS Server log provides some more information, it mentions m3.program which hints me to believe my web service is correct and the problem is in M3:


I increased the Grid’s log levels of Subsystem and MWS to DEBUG and TRACE (remember to revert when done as it fills the disk space):
5 5

I ran the test case again, and opened the merged log:

This time the log shows more information. It shows the <MPD> XML, and it shows the error Abnormal termination of mvx.app.pgm […] Dump log created:


The M3 dumplog shows even more information, it shows there was a NullPointerException on READ_DSP ICFCMD:
6 6__

I do not know how to analyze an M3 dumplog, so I will forward it to an M3 developer and ask for help. The problem points not to MWS but to the M3 program. That is as far as I can go in my troubleshooting.

Future work

Furthermore, depending on the case, it may also be useful to:

  • Intercept network traffic to the BCI port, and troubleshoot the old Intentia Movex BCI protocol; MPD uses M3Session which uses BCIConnection:
    8 8_
  • Use the Advanced Grid tools:
  • Analyze the Thread dumps:
    9-1 9-2
  • Analyze the MWS Profiler:
  • Analyze the Grid Status Report:
  • Decrypt the encrypted Grid network traffic
  • Debug the MWS Server Java code line by line at runtime


That was how to troubleshoot M3 Web Services and digg more information about an error. I dug as far as I could, all the way to M3, and asked help to an M3 developer. Furthermore, there are plenty other ways to troubleshoot and dig beyond.

That’s it!

Please like, comment, subscribe, share, and come author the next post.

Related posts

Route optimization for MWS410 with OptiMap (continued)

Today I unbury old scripts from my archives, and I post them here and on my GitHub.

This script illustrates how to integrate the M3 Delivery Toolbox – MWS410/B with OptiMap – Fastest Roundtrip Solver to calculate and show on Google Maps the fastest roundtrip from the Warehouse to the selected Delivery addresses; it’s an application of the Traveling Salesman Problem (TSP) to M3. This is interesting for a company to reduce overall driving time and cost, and for a driver to optimize its truck load according to the order of delivery.


The Warehouse (WHLO) is now detected from the selected rows, and its address is dynamically retrieved using API MMS005MI.GetWarehouse; no need to specify the Warehouse address as a parameter anymore.

Create a view in M3 Delivery Toolbox MWS410/B that shows the address fields in the columns (e.g. ADR1, ADR2, ADR3), and set the field names in the parameter of the script.

8 10 13

OptiMap_V4  [PENDING]

Add ability to Export OptiMap’s route to M3 Loading (MULS) and Unloading sequence (SULS) using API MYS450MI.AddDelivery, closing the loop of integrating M3 to OptiMap.

This is an idea for version 4. Script to be developed…

Source code

I posted the source code on my GitHub.

Related posts