IBM Support

Enhancing session security in WebSphere Commerce

Technote (troubleshooting)


An Interim Fix which provides enhancements to session security for IBM WebSphere Commerce V7.0 is now available.


WebSphere Commerce enhances the security in session management by generating the session information (session cookie or URL parameters) with a generated encryption key different from the merchant key provided by the administrator.

This enhancement employs separate keys for session and data encryption to improve the overall security for WebSphere Commerce sites.

Resolving the problem

To obtain this fix, please contact support for Interim Fix JR35136.

Document information

More support for: WebSphere Commerce Enterprise

Software version: 7.0

Operating system(s): AIX, Linux, Solaris, Windows

Software edition: All Editions

Reference #: 1418443

Modified date: 21 January 2010