response page 


Response Page Example      Response Page Code (JSP)

We will begin by explaining how the response page works and why it is needed:

Up to this point, you have tested your credit card application by simply requesting the customers' data and then sending it (via a form with an action line which directs the submit) to the ACS server. This determines if the card authorizes or declines, and (up to this point) has produced a generic response page.

But your systems need to know if this credit card payment was approved, what the authorization number is, etc. We accomplish this using a "response page" on your servers.

Here is the sequence of events:
  1. The user requests the input page, they enter data, and submit it.
  2. This causes a request to hit the summary/verification page on your web server. They hit submit.
  3. This last submit does not go to your web server, but rather it goes to the ACS credit card server. This server processes the transaction and determines if the customer's card authorizes or declines. If it declined, then a generic ACS page is delivered to the customer informing them of the decline. (If an error has occured, a generic error page is similarly delivered.)
  4. However, if the payment was successfully authorized, the acs server makes an http request to your servers (sort of acting as a proxy). This http request contains all the parameters (credit card authorization number, order id, etc.) that you need to record the payment on your systems. This request will target your "response page" and it will assume that your web server will, in processing the request, record this payment as received in your systems, and generate as its html output the page that you would like your customer to see when they have successfully paid. This page should act as their receipt for payment.
If this page is hit, then the credit card has been billed successfully.

Step 1 - Decide on the URL for this response page, and put some simple page in place to respond to that URL Make sure that you have give the URL address of this page to ACS before you proceed.
Example URL: http://www.myserver.utah.edu/CC/thankyou.html

Step 2 - Flesh out your page to handle the processing.
REMEMBER - The HTML content on this page will be displayed to the customer so it should show enough information for them to print it as their receipt of payment.

The following are url-encoded parameters that the page can make use of in recording the payment on your systems.
account_name
account_exp
address_1
address_2
city
state
country (may be left blank)
zip
amount (matches amount_with_fee)
uu_order_id
user_id
cust_name
cust_phone
messages
response_page
card_type
auth_code
app_type
amount_with_fee
amount_without_fee


Step 3 - Your server must respond to a hit on this page by recoding the transaction as paid. You should record the uu_order_id, amount_without_fee and auth_code. You can include any other entries at your discretion.

NOTES
  • If the response page is hit then the credit card has been billed successfully. This page will NOT be hit in the event of a decline or a systems failure.
  • System failures may prevent the response page from being hit even though the customer's card has been charged. To find out if this has happened there will be a record of the transaction in the ACS database. Contact Income Accounting and Student Loans for assistance.
  • You must implement some security on this page so that it does not record a payment unless the client hitting the page is washington.acs.utah.edu. Otherwise, a malicious user can simply create a form on their pc, direct the form to your response page, and hit it with a request, thus making it believe that a credit card payment has been made.
  • MAKE SURE all of the URL's that you use for graphics or other included html items are absolute. I.e., use https://www.myserver.utah.edu/graphics/smiley.gif rather than just graphics/smiley.gif. This is important because of the way the ACS server is proxying the request. The original request from the user goes to ACS, which then hits your response page. If you do not make the URL's absolute, they will be looked for on the ACS systems, not yours.

UofU Main Page acs home UofU Main Page disclaimer text site index search acs campus map campus information system campus directory contact webmaster