Hi Lucas,
Thanks for your message. I'm ashamed to say that I never saw the axis.transport.http.AxisHttpSession object while looking into HttpSession integration paths. It definitely makes sense to wrap the HttpSession to make it an axis.session.Session object. However, we're still missing one piece of functionality:
If an Http client does not support cookies, there is no way (?) to get HttpSession#getId() value back from the client.
What we need is something like axis.handlers.SimpleSessionHandler that parses SOAP message headers to retrieve *HttpSession* id's, then gets the appropriate HttpSession and makes it available via something like:
msgContext.setSession(new AxisHttpSession(httpSession));
Once we have this, session management can be totally abstracted away by allowing HttpSession id values to be passed either by JSESSIONID cookies or through SOAP headers, with full session management support from the underlying appserver. I'm almost finished with a Handler that does exactly this and will submit for inclusion in a future release.
justin
At 07:01 PM 10/16/2003, you wrote:
I am not sure if this answers your question, but if you look at the code for org.apache.axis.transport.http.AxisServlet in doPost, you will find the line:
msgContext.setSession(new AxisHttpSession(req));
The AxisHttpSession is basically a SoapSession object that wraps the HttpSession object. So, by using the AxisServlet as a point of entry, your soap session should be the same as any other session created by your application server.
However, if you want to use the HttpSession of your app server, then the client will have to use cookies, or include the session id in the URL. For security reasons, most app servers will not let you grab a session by the ID. I don't beleive that you can create a new session, fetch the session ID, set it as a SOAP header, and then read it out of the headers on subsequent calls and ask for the HttpSession matching that ID. The server requires that client to claim the session by cookie or URL parameters.
So I think that you have to either use SOAP session based upon soap headers, or HTTP sessions based up the HTTP request, but the servlet engine won't allow you to go from http to soap and back again. But if you only need HTTP support, the good news is that axis already does it all for you.
I hope that answered some of your questions, Lucas McGregor
----- Original Message ----- From: "Justin Ruthenbeck" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 16, 2003 6:34 PM Subject: RE: sharing session between servlets and soap services
> > I've been working on HttpSession support in Axis for the last couple days > and a new ServletSessionHandler (based loosely on SimpleSessionHandler) to > implement the integration. The integration isn't as simple as one would think. > > As you alluded to, you'll have to get rid of any calls to > context.getSession() in your services. When you first execute the code you > referenced: > > >MessageContext context = MessageContext.getCurrentContext(); > > HttpServletRequest req = (HttpServletRequest) > > context.getProperty( > > HTTPConstants.MC_HTTP_SERVLETREQUEST); > >req.getSession(true); > > your appserver creates an HttpSession and sends back the JSESSIONID as an > Http header. Depending on whether your client supports Java sessions (some > do, some don't, Axis client does if setMaintainSession() is true), this > will get returned on the next call from the client. Calls to the above > code in whatever service is called the second time will get you the same > HttpSession you created on the first call. > > Using SOAPHeaders to accomplish the same is more complex. > > You're doing something wrong if the HttpSessionListener doesn't get hit > from the service -- it should. This could be symptomatic of something else. > > justin > > > At 06:13 PM 10/16/2003, you wrote: > >what i want to do is to create a session in the soap service and then > >access the same session in a servlet. In my understanding if i create a > >session in service using > >MessageContext context = MessageContext.getCurrentContext(); > > HttpServletRequest req = (HttpServletRequest) > > context.getProperty( > > HTTPConstants.MC_HTTP_SERVLETREQUEST); > >req.getSession(true); > > > >Now in my servlet i already have a request object and so when i do > >requestObj.getSession() i should get the same session object which was > >created in the services. However this does not happen. > > > >Also i have implemented a HttpSessionListener which does not work when i > >create a session in SOAPService but works when session is created in a > >servlet. > > > >How do i resolve these issues. > > > >thanks > > > >abhijat > > > > > >-----Original Message----- > >From: Henrik Vendelbo [mailto:[EMAIL PROTECTED] > >Sent: Thursday, October 16, 2003 6:08 PM > >To: [EMAIL PROTECTED] > >Subject: Re: sharing session between servlets and soap services > > > > > >Apparently the session support is still being worked on, although I have > >little clue what the plans are. > > > >You can sub-class the AxisServlet if you need to access servlet > >functionality until then > > > >----- Original Message ----- > >From: "Abhijat Thakur" <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Sent: Friday, October 17, 2003 1:12 AM > >Subject: sharing session between servlets and soap services > > > > > > > >I have apache axis running under Tomcat. However session created in a > >service cannot be accessed in a regular servlet even though the servlet and > >the soap service are under the same instance of Tomcat. How can we share > >sessions between servlets and soap services. > > > >thanks > > > >abhijat > > > > > ____________________________________ > Justin Ruthenbeck > Software Engineer, NextEngine Inc. > justinr - AT - nextengine DOT com > Confidential > See http://www.nextengine.com/confidentiality.php > ____________________________________ >
____________________________________ Justin Ruthenbeck Software Engineer, NextEngine Inc. justinr - AT - nextengine DOT com Confidential See http://www.nextengine.com/confidentiality.php ____________________________________
