Hi XP
First of all let me tell u that Soap specs does not say anything about
authorization and session maintenance.
It is upto the wish of implementing vendor to provide the support for
autorization and session maintenance.
Though XKMS (XML key management specs, which have been submitted to W3C) is
expected to be incorporated in Soap very soon, which will provide necessary
authentication layer in SOAP.
Currently, as far as i know Apache-Soap provides support for session
maintenace ( it uses underlying HTTP session mechanism).
MS-Soap does not provide any inbuilt support for sessiion maintenance, but
you can achieve this by passing user-specific info (cookie etc.) in
Soap-headers. MS-Soap toolkit also proivdes a example for this.
Regards,
Naresh
----- Original Message -----
From: "X P" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 24, 2001 5:18 PM
Subject: SOAP Authentication
> Hi there,
>
> I'm pretty new to SOAP. I am doing researches on how
> SOAP can help me. What I am planning to do is to
> provide some sort of web services through SOAP. I am
> curiously on how SOAP perform authentication. What I
> need is to have the client sign up once and then keep
> invoking services without additional authentication.
> Well, the server still needs some identifier from the
> client in order to know that's a valid client. My
> current thoughts is to ask the client to pass a
> session id to the server every time it invokes the
> services. Could someone help me how I shall do this?
> Is there any code sample out there that does this?
> Thanks in advance.
>
> - XP
>
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger. http://im.yahoo.com
