> When using HTTP cookies for session management the MS SOAP library > 3.0 supports this automatically. As for .net clients I do not know > but I think they will do the same.
So what is the best way to gracefully detect and reject requests from (MS SOAP or Java) clients that are not session-enabled, given that my service requires that they should be ? -- jo