I have just had to implement a similar system. I don't know if this will
help but it may give you some ideas.
when a client sends it's first (ie log-in) message to the server, the
server creates a basic session object - just a simple java object - and
stores it in a hash with a unique id. this id is then passed back to the
client as part of the response message. on subsequent requests the client
then sends the session id as an extra parameter along side the message
itself. the server then retrieves the session object from the hash using
the unique id and performs the necessary checks etc.
this is totally non-SOAP specific but it uses the SOAP protocol to send the
id as an extra parameter along side your message - just ensure you have the
appropriate methods exposed in however you implement your web service. we
also run our web service in IBM WebSphere App Server, so it's easy for us
to manage these session objects.
Duncan
Cristian Opincaru
<cristian.opincar
[EMAIL PROTECTED]>
To
[email protected]
04/07/2005 21:05 cc
Subject
Please respond to Re: Sessions with SOAP: Any ideas?
[EMAIL PROTECTED]
he.org
Thanks Johnathan. But HTTP cookies only solve a small part of the
problem. If I use SOAP-over-someotherprotocol or if I have
intermediaries, the HTTP cookies will be lost.
Are there any alternatives to cookies? Is there some SOAP specific way
of implementing cookies?
I read today about WS-Addressing and WS-Context but these
specification seem not to be ready (at least WS-Context is still a
draft version, while WS-Addressing is in submission at the W3C) and on
the other hand they seem to make things quite complicated.
Thankx,
Cristian
> On 7/4/05, Jonathan Roberts <[EMAIL PROTECTED]> wrote:
> > Hi.
> >
> > You need to use a session token that you pass back and fore between the
> > client and the server.
> >
> > however soap actually aids this but inbuild functionality:
> >
> > http://ws.apache.org/soap/faq/faq_chawke.html#Q5_2
> >
> > http://ws.apache.org/soap/docs/guide/migration.html
> >
> >
> > J
> >
> >
> >
> >
> > Cristian OPINCARU <[EMAIL PROTECTED]>
> > wrote:
> > Hi all,
> >
> > I have the following problem: I want to have implement a session
between a
> > SOAP client and a SOAP server (something like cookies for example,
every
> > time a client makes a request, it always sends a Session ID with his
> > request).
> >
> > The problem is that SOAP (like HTTP) is a stateless protocol, that is,
by
> > default there is no mechanism embedded for session management.
> >
> > Does anyone know how I can implement sessions in SOAP? Is there any
> > specification that addresses this issue?
> >
> > Thankx!
> >
> > ===========================================================
> > Dipl. Ing. Cristian OPINCARU
> > University of Federal Armed Forces, Munich - Faculty of Informatics
> >
> > Werner-Heisenberg-Weg 39, D-85577, Neubiberg, Germany
> > Building 41 / Room 0224
> >
> > Tel : +49-89-6004.2279
> > Fax : +49-89-6004.3898
> > E-mail: [EMAIL PROTECTED]
> > Web :
> > http://inf3-www.informatik.unibw-muenchen.de/~opincaru
> >
> >
> >
> > ________________________________
> > Yahoo! Messenger NEW - crystal clear PC to PC calling worldwide with
> > voicemail
> >
> >
>
