Thanks. I am on tomcat. I will look at ws-security though. If it is easy to setup digital certificates exchange then I may as well try that.
Thanks -rajeev. Glen Mazza wrote: > > It's in the process of being built with CXF right now (we're not there > yet), but what you're describing looks very much like using > WS-SecureConversation, already available with Metro. I would consider > that before rolling your own solution. > > Glen > > > Rajeev jha wrote: >> >> Hi >> We have a requirement to implement an http session like scheme for our >> CXF web services. Essentially you connect to web service and receive an >> identifier. Later you present that identifier and that is how web service >> "remembers" you. standard http session stuff. We believe this cookies >> over SSL scheme is good enough for our purpose. >> >> The problem is, since these are SOAP APIs we need some >> library/implementation that works like http session handling (but without >> http web requests). I would like to ask if anyone is aware of some >> libraries that let you generate identifier tokens with expiry time stamp? >> something That would let us simulate the http sessions? >> >> Tia and regards >> >> -rajeev. >> > > -- View this message in context: http://www.nabble.com/Implementing-Cookies-for-SOAP-services-tp20247250p20267814.html Sent from the cxf-user mailing list archive at Nabble.com.
