Authorize.net

[Bob Waycott]

Perhaps we have things configured wrong over here ...

We are trying to test the Authorize.net module.

Payment Settings has accept real payments = True.

Authorize.net settings has accept real payments = True, force test mode, and our client's API login & transaction id. The client's account is also set in TEST MODE on Authorize.net.

Each time we try to purchase items from the store, we receive the following response:

The following error was returned while trying to process your card. Please correct and resubmit

(TESTMODE) Credit card number is required. 

I've input the credit card many times.

Anybody have a clue as to what I might be doing wrong here?

Thanks,

Bob

[Bruce Kroeze]

Try turning on verbose logging and see what the log shows is being sent.

 

[Bob Waycott]

Bruce,

Do you mean the keyedcache logger that Satchmo has? 

ugh ... I think our server admins have that disabled ...

[Bruce Kroeze]

In /settings/ in the auth.net section, there is a "verbose logging" option.  Turn that on, and then look at your satchmo log file.

--
Bruce Kroeze
http://solidsitesolutions.com
Dynamic Designs, Optimized

[Bob Waycott]

Okay, Bruce ... thanks.

I've got that working now -- our server runs Django with some pretty tight privileges. ;)

Any thoughts on what I should be looking for here?

Thanks,

Bob

[Bob Waycott]

crap ... Bruce do you have a way to delete this post? I didn't realize some somewhat sensitive data was in that string.

[Bruce Kroeze]

On Thu, Apr 30, 2009 at 11:44 AM, Bob Waycott <bobwa...@gmail.com> wrote:

I'm seeing currently in the POST the following:

Looks like CC # is being sent as REDACTED ?

No that's just trickery in the logging to keep from writing people's CC# to an easily parsed text file. :)

You should be able to use CURL to post that exact poststring, with REDACTED changed to the real CC# and see if it is Django or your network stopping something.

No I can't delete the post, but you can change your transaction key on the auth.net virtual terminal.

 

[Bob Waycott]

I notice that it is not x_card_num that is REDACTED, but the x_card_code ... is that the security code?

Trying with curl and replacing x_card_code=REDACTED with the actual 3-digit code gives me the response from Auth.net:

"The card code is invalid"

[Bob Waycott]

Bruce,

When in TEST_MODE, what is the expected response from Auth.net?

[Bob Waycott]

Okay Bruce,

Is Satchmo truncating the credit cards to last 4 digits when it actually sends the information to Auth.net?

Via curl, I can successfully complete a test authorization if I replace the x_card_num with the full card number and x_card_code with the correct security code.

Additional note ... apparently there is a conflict when forcing a test post (the Satchmo setting) when an account is in Test Mode (Auth.net setting). Turning Test Mode off and re-running the test post via curl worked.

However, we just tried to make a real purchase via the store -- Auth.net account is no longer in Test Mode & we're accepting real payments and not forcing test transactions.

Still being told via Satchmo that Credit Card is required ... leading me to believe that somehow, we're not sending the full credit card number over.

When I pull the Auth.net post from satchmo.log & use curl now, with x_test_request=FALSE, I get an AVS mismatch -- which is to be expected because we are not using the proper customer address for this card.

So ... any ideas on how I can actually see what Satchmo is sending to auth.net -- and not the cleaned up version that goes to satchmo.log ??

Thanks,

Bob

[Bob Waycott]

To anyone who might be able to help ...

I've rebuilt my local copy of Satchmo, adding some print statements in the Authorize.net processor where it makes the post to Authorize.net ... I have my local dev version of the site set to be live all the way, accepting real payments and everything.

Here's what the print statement on data['postString'] in processor.py is giving me:

x_login=SECRET&x_method=CC&x_type=AUTH_CAPTURE&x_tran_key=SECRET&x_version=3.1&x_delim_char=%7C&x_test_request=FALSE&x_relay_response=FALSE&x_delim_data=TRUE&x_exp_date=5%2F2012&x_card_num=&x_amount=10.93&x_card_code=&x_invoice_num=63&x_last_name=Admin&x_zip=37408&x_phone=4238226850&x_city=CHATTANOOGA&x_country=US&x_state=Tennessee&x_first_name=Bob&x_address=50+E+MAIN+ST&x_email=bobwaycott%40gmail.com

So ... x_card_num & x_card_code are BLANK.

Anyone have an idea on what gives here?

[Bruce Kroeze]

It could be that the cache is losing your data.  What is your cache? 

[Bob Waycott]

Using db cache with no timeout set currently.

Have tried locmem as well, still get no x_card_num & x_card_code

What's weird is I can see the last 4 of the card in the data dict ... but it's not in data['postString']

[Bob Waycott]

Ah ... I've got it now.

I had a CACHE_TIMEOUT of 0

Bruce, any recommendation on what a good CACHE_TIMEOUT value would be for a production store?

[Bruce Kroeze]

On Thu, Apr 30, 2009 at 2:50 PM, Bob Waycott <bobwa...@gmail.com> wrote:

Ah ... I've got it now.

I had a CACHE_TIMEOUT of 0

Right, CACHE_TIMEOUT of 0 will disable the cache system.

In production, I usually use 30 minutes.  Satchmo is really good at caching and invalidation.  With Auth.net, you need to make sure to give it long enough for the customer to complete the transaction before the encrypted CC# gets expired from cache.

[Bob Waycott]

So I'm guessing CACHE_TIMEOUT is in seconds, right?

[Bruce Kroeze]

correct

On Apr 30, 2009 3:01 PM, "Bob Waycott" <bobwa...@gmail.com> wrote:

So I'm guessing CACHE_TIMEOUT is in seconds, right?

On Thu, Apr 30, 2009 at 5:53 PM, Bruce Kroeze <bkr...@gmail.com> wrote:

> > On Thu, Apr 30, 2009 at 2:50 PM, Bob Waycott <bobwa...@gmail.com> wrote: >> >> Ah ... I've got...

> Bruce Kroeze > http://solidsitesolutions.com > Dynamic Designs, Optimized > >

--~--~---------~--~----~------------~-------~--~----~ You received this message because you are sub...

[Anthony Cintron]

I'm having an issue with my check out page while "Use SSL for the
check out pages?" is enabled in my site settings, Cybersource.net
Payment Settings and "Enable SSL" in payment settings is enabled. Soon
after I click on check out I get a page "Not Found" The requested URL /
checkout/ was not found on the server.

Any ideas what I am missing?

regards,

Anthony Cintron
Flash/Flex Developer
E-mail: anthony...@gmail.com
Fax: 917-591-2836
Web site: sweetiesandgangsters.net
Blog: codegasm.blogspot.com

[Chris Moffitt]

We need a little more info to help out:
- Which web server are you using?
- How is it configured to handle SSL?
- Exactly what error are you seeing?
- Is there anything in the satchmo or your web server error logs?

If you can answer some of these you'll be more likely to get some help.

-Chris

[Anthony Cintron]

I'm using an Apache 2.2.3 server via Media Temple. 

This is the result of going to the checkout page: https://www.rebeccaminkoffstore.com/checkout

I'm not sure how it is configured to handle SSL - I will have to research this.

I'm getting these following errors in my web server error log:

http://privatepaste.com/331c2G9DC3

I hope this is  a bit more useful.

regards,

Anthony Cintron

Flash/Flex Developer

E-mail: anthony...@gmail.com

Fax: 917-591-2836

Web site: sweetiesandgangsters.net

Blog: codegasm.blogspot.com

[Chris Moffitt]

I would look into the error you're getting about the ssl port conflict. Sometimes these types of environments are finicky about how they do the ssl forwarding.

-Chris

[Anthony Cintron]

Yeah, I may have to install another IP address. I'll look into it.

thanks,

Anthony

[Anthony Cintron]

Has anyone successfully launched a satchmo project through media
temple? I am getting this error in my server log:
[error] [client 127.0.0.1] Directory index forbidden by Options
directive: /var/www/html/

I am wondering if someone has had this experience via Media Temple -
possibly you may have an answer to this.

regards,

AC

[Bob Waycott]

That's an htaccess issue. You should take a look at how to properly configure Apache.