Just an idea, but if the handler set a property in the session (e.g. session.set(String name, Object value)) then it could check for the existence of this property and act accordingly. I'm doing something like this with a 'login' service right now.
Grant ----- Original Message ----- From: "Ricky Ho" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 30, 2002 10:34 AM Subject: Re: MessageContext.setMaintainSession > How does the handler detect the incoming request belongs to some existing > sessions ?? (is it assessible via MessageContext ?) And then throw a SOAP > Fault if not. > > Rgds, Ricky > > At 10:29 AM 9/30/2002 +0200, Matthias Brunner wrote: > >On Monday 30 September 2002 10:23, Jan-Olav Eide wrote: > > > > When using HTTP cookies for session management the MS SOAP > > > > library 3.0 supports this automatically. As for .net clients I > > > > do not know but I think they will do the same. > > > > > > So what is the best way to gracefully detect and reject requests > > > from (MS SOAP or Java) clients that are not session-enabled, given > > > that my service requires that they should be ? > > > >IMHO, there is no standard way to detect this. > >One possibility could be to require them to make two calls at the > >start of a session. Clients not session-enabled will fail to make > >the second call within the same session and will start a new session > >with the second call, which can be detected. Thus a soap fault can > >be returned. > >-- > >Matthias Brunner <[EMAIL PROTECTED]> > >PGP FP 7862 32B3 3B75 292A F76F 5042 8587 21AB 5B89 D501 > >Check out http://blumenstrasse.vol.at/~mb/gpgkey.asc > >
