On Monday 30 September 2002 10:23, Jan-Olav Eide wrote: > > When using HTTP cookies for session management the MS SOAP > > library 3.0 supports this automatically. As for .net clients I > > do not know but I think they will do the same. > > So what is the best way to gracefully detect and reject requests > from (MS SOAP or Java) clients that are not session-enabled, given > that my service requires that they should be ?
IMHO, there is no standard way to detect this. One possibility could be to require them to make two calls at the start of a session. Clients not session-enabled will fail to make the second call within the same session and will start a new session with the second call, which can be detected. Thus a soap fault can be returned. -- Matthias Brunner <[EMAIL PROTECTED]> PGP FP 7862 32B3 3B75 292A F76F 5042 8587 21AB 5B89 D501 Check out http://blumenstrasse.vol.at/~mb/gpgkey.asc