On Monday 30 September 2002 10:23, Jan-Olav Eide wrote:
> > When using HTTP cookies for session management the MS SOAP
> > library 3.0 supports this automatically. As for .net clients I
> > do not know but I think they will do the same.
>
> So what is the best way to gracefully detect and reject requests
> from (MS SOAP or Java) clients that are not session-enabled, given
> that my service requires that they should be ?

IMHO, there is no standard way to detect this.
One possibility could be to require them to make two calls at the 
start of a session. Clients not session-enabled will fail to make 
the second call within the same session and will start a new session 
with the second call, which can be detected. Thus a soap fault can 
be returned.
-- 
Matthias Brunner <[EMAIL PROTECTED]>
PGP FP 7862 32B3 3B75 292A F76F  5042 8587 21AB 5B89 D501
Check out http://blumenstrasse.vol.at/~mb/gpgkey.asc

Reply via email to