RE: Maintain Session with .NET and AXIS

[thomas . cherel]

With cookies, the session id is sent between the client and the server in the HTTP headers, meaning that it is bound to the transport protocol. Change the protocol (for example, use JMS) and it does not work anymore. If you look at the SOAP specification (from w3c.org), a SOAP message is composed of a SOAP body (the content of the message) but also of SOAP Headers which can be used for session management (for example) in a transport independent way. In simple term, what you put in the http header when using cookies, you now put it in the SOAP header. Yes, it means a little more programming on your side as SOAP tools (client and server) do not necessarily handle SOAP headers in a complete transparent manner but it might be worth paying the cost if you are considering using other transport that just HTTP. Take a look at org/apache/axis/handlers/SimpleSessionHandler.java which is a very good start to do SOAP header based session handling (for simple session handling, it can be used as is). The last time I played with that I had to slightly modify it to wrap the sessionID into a complex type so a C# .NET client can handle it in a complete transparent manner.   Thomas   -----Original Message----- From: Sateesh Ayyagari [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 1:30 PM To: [EMAIL PROTECTED] Subject: RE: Maintain Session with .NET and AXIS   Hi Thomas,    I read the mailing list and found your reply to "Stateful Web Services" stating that the SOAP header solution to maintaining state would be the right approach rather than the Cookie-based approach.  I could maintain session and application scope using the HTTP cookies set on the client side and session/application scope on the server side.  Could you kindly explain in detail the Header-based approach? Sateesh.  [EMAIL PROTECTED] wrote: If you are using Axis for your web service, setting the scope to session will turn cookie handling on from the server side point of view (Axis will use the HTTPSession features of the servlet container). On the C# client side, you have to create the cookie container for your service object to turn cookie on as well, and that is it, no need for anything else. If you do a couple of searches in the mailing list archive you will find more details on all that for sure.   Thomas   -----Original Message----- From: Sateesh Ayyagari [mailto:[EMAIL PROTECTED] Sent: Monday, February 10, 2003 1:57 PM To: [EMAIL PROTECTED] Subject: Maintain Session with .NET and AXIS   Hi,    I have a question regarding maintaining session.  How do we maintain session for a Java Web Service which is consumed by a C# client?  Any links would be appreciated. Sateesh.   Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now   Do you Yahoo!? Yahoo! Web Hosting - establish your business online