Hi everybody!
After browsing through the archive of this list and searching the web I
am still no quite sure, which session approach to use for my services.
What I need to do is quite simple - let a user authenticate, then only
exchange a token/sessionid for all following calls. As far as I
understand it, I have three alternatives:
Option a) Use a http session
Option b) Use SOAP headers
Option c) Reimplement basic session handling
Obviously c) is not the method of choice, so I am left to choose between
a) and b). The most important issue for my web services is
interoperability, since I am writing only the services but the clients
will be implemented by another company and I have no idea what
programming language/tools they are going to use.
Any input would be appreciated,
Tom
