Re: Managing sessions - Soap Header and HTTP Session

[prashanth shivakumar]

why is endpoint servlet transparent to you??

How are you going to to implement the methods defined in WSDL???

i dont understand because i too use wsdl2java and implement as i mentioned in my previous mail.

 

Now coming to ur problem,if you dont get the same httpsession,it means that a new httpsession is being created each time.try to set/get some attributes in 2 different method calls to see whether you have a same httpsession.Bear in mind that you need to call some method on the client stub[i think its [your_stub_name].setHttpSession(true)] and set some session attributes on the server end[by retrieving the httpsession and calling setAttribute() method on it ]to activate httpsessions in client and server.

 

rgds

 

On 3/29/06, Thakur, Viraj <[EMAIL PROTECTED]> wrote:

I am using classes generated by WSDL2Java for implementing the web service. Therefore the servlet is transparent to me.
Using a handler similar to SimpleSessionHandler on the request and response of the service, I can get to the messageContext and the HTTPServletRequest. In the SOAP Header, I am passing the session id that is same as that of the HTTPSession (basically the cookie id). However on the way in to the web service, I cannot get to the same HttpSession as that of the id passed in the SOAP Header. The line of code:

HttpSession httpSession = request.getSession(true);
retrieves the HttpSession but it is not the same as the one on the first request. Is there any way to retrive the HttpSession given a id? Hope my explanation helped clarify the problem.

Thanks

-Viraj
-----Original Message-----
From: prashanth shivakumar [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 29, 2006 3:22 AM
To: axis-user@ws.apache.org
Subject: Re: Managing sessions - Soap Header and HTTP Session


Dont know whether iam understanding your problem correctly..
JSESSIONID is nothing but a cookie used for session tracking by server..
I dont think you can ever retrieve a session based on JSESSIONID.
I do session handling as mentioned below.

================================================================
This is how i have done it..
Some of the people over in this forum suggested the same..

Make your servlet webservice  endpoint interface implement javax.xml.rpc.server.ServiceLifecycle interface
Than you need to define init() and destroy() methods.
Using ServletEndpointContext you can retrieve HTTPSession and thats what you need to maintain state.
Implement your backend logic in stateless EJBs

given below is a small snippet from my servlet endpoint

Cheers

========================
javax.xml.rpc.server.ServletEndpointContext servletContext;
/**
*
*/
public void init(Object context) {
  servletContext = (javax.xml.rpc.server.ServletEndpointContext ) context;

}
/**
*
*/
public void destroy() {
servletContext = null;
}
====================================




On 3/28/06, Thakur, Viraj < [EMAIL PROTECTED] > wrote:
Hello:

Has anyone encountered the problem of managing sessions using SOAP header and linking the session with HTTP Session? I am prototyping a set of services on top of an existing application architecture that uses HTTPSession for state management. In the web services that I am writing, we would like to maintain session using SOAP header rather than HTTP cookies. Therefore I need to link the session id in the SOAP header with the session id of the HttpSession. I have written a handler similar to SimpleSessionHandler. This new handler sets MessageContext session to use AxisHttpSession. However the linking of HttpSession with AxisHttpSession fails. The HttpSession is retrieved, like so:

HttpServletRequest request = (HttpServletRequest) context.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
HttpSession httpSession = request.getSession(true);

The getSession method on HttpServletRequest retrieves the session based on a cookie or URL but does not accept a "JSESSIONID" to retrieve the session with. Therefore the HttpSession is always different than the one we are looking for. Has anyone resolved this issue or found a way to get around it? Any help is much appreciated.

Rest of the code is something like this:

      AxisHttpSession session = null;
      if (header == null) {
      session = getNewSession(request,httpSession);
    id = session.getRep().getId();
      }
      // This session is still active...
      (AxisHttpSession) session).touch();
      // Store it away in the MessageContext.
    context.setSession((AxisHttpSession)session);
    context.setProperty (SESSION_ID, id);
    context.setMaintainSession(true);


Many Thanks

-Viraj