Hi Naresh, I am sorry for the confusion... I heard about SOAP 2.0 SP2 Toolkit supporting cookies a few weeks ago and trusted that source. The .NET Kit shall also support it, and what I found is, that the MSXML also seems to support it... hmmm still got to research that topic a little bit. I checked that stuff this morning, and in fact, what I found on http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dn_voices_w ebservice/html/service02282001.asp does not make me happy - although it provides comprehenise information about the authentication situation with MS. I agree absolutely with you about those Soap-Header Sample, but that's not the way it should work. Cookie-Passing-Mechanism is something specific to the transport (http-protocol) and I really don't enjoy MS SOAP not supporting it. In fact I got - I guess - similar problems like you and search for the "setMaintainSession (true);" in the MS SOAP toolkit. How did you solve it so far? Did you use this Soap-Header solution? mfg / kind regards, Christoph C. Cemper email: mailto:[EMAIL PROTECTED] www: http://Christoph.Cemper.com -----Ursprüngliche Nachricht----- Von: Naresh Agarwal [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 05. September 2001 14:01 An: [EMAIL PROTECTED]; [EMAIL PROTECTED] Betreff: How to Maintain sessions in SOAP Hi Christoph You are saying the Microsoft Soap Toolkit beta2 supports Session-Cookies and URL-Rewriting.. But i have thoroughly checked Microsoft Soap Toolkit 2.0 for the session maintainenance support and come to the conclusion that it does not provide any inbuilt support (like HTTP does) for session maintenance. However it has given a example, inwhich a trivial session maintenance is achieved via passing user-specific information in the Soap-Headers. This example uses IHeaderHandler class for manipulating the Soap-Headers. So the session maintenance is implemented in this example. Thus as far as i think, one will have to implement the session maintenance logic in MS-Soap by passing information in Soap-Headers. Unlike to Apache Soap, it does not provide any kind of support for setting and reading cookies.. If we use MS-Soap client and Apache-Soap server, and set the cookies in the server's response then MS-Soap client discard those "HTTP headers, which contains the cookies". Please correct me if i'm wrong. If you know of any knid of support MS-Soap provides for session maintenance, please let me know. Thanks a lot. Regards, Naresh Agarwal > > Hi Chiranjeevi, > > > > > > Unfortunately you do not describe, which session-mechanism you > > use - I mean > > the current one. > > > > When talking about sessions - you mean an HTTP session - right? > > > > I want to make that clear, because basically you can send > > SOAP-messages via > > various transports, such a e-Mail, FTP, Message-Queuing-Systems (like IBM > > MQseries etc). > > > > Also there are protocols like the proposed BEEP or HTTPR in the > > experimental > > state, which also > > provide a "reliable messaging", meaning that you can distinguish the a > > message from another duplication of a message and therefore > > -know- about the > > state of a message. > > > > HTTP Session-Tracking for SOAP - transparent to the messages sent - is > > typically done like in other HTTP applications > > > > - via session-cookies > > - via URL-rewriting > > > > Of cource you can also implement a "token-passing", like Chang Sau wrote. > > But implementing > > a "token", which means passing a session-id or context-id via a > > parameter is > > always a > > possibility. > > > > The sexy thing on using a transport or a mechanism like > > session-cookies/urls > > is, that it > > should work for ALL calls, regardsless if they have their > > "session-token"-parameter or not. > > > > AFAIK the following implementations support Session-Cookies AND > > Url-Rewriting > > > > - Apache SOAP 2.2 > > - Apache AXIS > > - Microsoft SOAP Toolkit beta2 > > - Microsoft.NET > > - Idoox WASP > > > > I am sure others like Graham's GLUE and others will also support > > that, but I > > am not sure. Maybe some feedback from the others will clear that up. > > > > That means, that if you can make sure, that the client supports either of > > both (URL or cookie) then the session-tracking should work. That should be > > done via a simple check after a "login"-transaction that creates > > the session > > object. Each Web-Service having to hold the context of the session should > > perform a check for it. > > > > That is quite comparable to JSP-includes that perform a "Is there a valid > > session or not" on every page... > > > > The session-object itself can be retrieved and managed in the > > implementation > > of your service on the server, but I guess you already know that.. > > > > Did that answer your question so far? > > > > > > mfg / kind regards, > > Christoph C. Cemper > > > > email: mailto:[EMAIL PROTECTED] > > www: http://Christoph.Cemper.com > > > > > > > > > > > > > > > > > > -----Ursprüngliche Nachricht----- > > Von: Chiranjeevi Paruchur [mailto:[EMAIL PROTECTED]] > > Gesendet: Dienstag, 04. September 2001 14:25 > > An: [EMAIL PROTECTED] > > Betreff: How to Maintain sessions in SOAP > > > > > > > > Hi! > > > > Can anyone throw some light on how to maintain sessions when I am using > > SOAP. > > > > I know how to do it when I have a java client. > > > > I would like to know how to do it in such a way that any type of > > client can > > have sessions with my SOAP server. > > > > > > Thanks in advance, > > Chiran > > > > >
AW: How to Maintain sessions in SOAP
Christoph C . Cemper @ Cemper.com Mon, 10 Sep 2001 03:26:46 -0700
- How to Maintain sessions in SOAP Naresh Agarwal
- Christoph C . Cemper @ Cemper.com
