When you integrate QLM with an eCommerce provider or if you want to invoke QLM's direct HTTP methods, it is highly recommended to protect access to these methods with a user/password.

The first step is to define the user/password for the eCommerce provider that you will be using:

• Launch the QLM Management Application

• Go to the "Manage Keys" tab

• Click the "3rd Party Extensions" menu item (previously "eCommerce Providers" menu item)

• Locate the Commerce Provider of your choice

• Set the User and Password of that provider

• It is also highly recommended to disable all eCommerce providers you are not using by unchecking the "Enabled" checkbox.

When invoking the URL to connect to the QLM License Server, set the is_user and is_pwd URL arguments to match the user/password you configured.

Example: https://qlm3.net/qlmdemo/qlmLicenseServer/qlmservice.asmx/GetActivationKey?is_productid=1&is_majorversion=1&is_minorversion=0&is_vendor=regnow&is_user=myuser&is_pwd=mypassword

QLM 7 and later

It is also recommended that you modify the defaultCommerceProvider setting of the Server Properties to be the vendor you will be using. For example, if you use FastSpring, update this setting to: FastSpring.

Even if you are not using an eCommerce provider to sell your software, it is recommended that you configure a default eCommerce provider if you plan on using some of the HTTP methods to communicate with the License Server. Once you select an eCommerce provider, you can configure the security settings of the eCommerce provider to restrict access to the HTTP methods with a user/password combination.

QLM 6 and earlier

It is also recommended that you modify the defaultVendor setting in the web.config file of the QLM web service to be the vendor you will be using. For example, if you are using FastSpring, update the web.config file on the server as follows:

<setting name="defaultVendor" serializeAs="String"> <value>fastspring</value> </setting>