In order for items to be add properly to the shopping cart, it is important that the browser thinks that all of the .class files were loaded from the same URL. See:
for a complete description of this.
So when it comes to having some of your store's pages on your public server and some of your store's pages on your secure server, it comes down to two options:
OPTION 1) The easiest is to set the "codebase" of ALL of your applets (on both the public and secure server) to point to the full URL of the .class files on your public server. Transactions will still be secure as long as you set the "scriptpath" parameter in the uShopOrderCGI and the uShopOrderReaderCGI applets to the location of the ushop_cgiscript on your secure server (beginning with https).
The disadvantages to using this option is:
a) Since you are using the full URL as the codebase of all of your applets, while developing you will have to be connected to the internet in order to test out your pages and let the applets load.
b) Some secure servers will display a warning if the .class files are loaded from the public server.
Two get arround both of these problems, there is another option......
OPTION 2) Follow the instructions at:
in order to setup the uShopOrderButtonCGI applet. This applet will allow you to put all of your store pages on your public server and then transfer the data to the secure server when the customer is ready to check out. By using this method, you can effectively treat the public and the secure server pages as different stores. That is, you can use a relative path for the codebase parameter of your public pages.....or maybe not use a codebase parameter at all.
The uShopOrderButtonCGI applet should have the same codebase (if any) as your other applets on your public server.
Then for the applets on the secure server, you will need to set the codebase to point to the location of the .class files on your secure server. See the example at:
for more info on that.