I put together my own session store bean which is shared by all Impl beans. Later you could use Hibernate cash to replicate it cross hosts.. The Auth.login does auth and generates sessions, then client sends this sessionid in the SOAP header or on the REST request. You put together a In interceptor to validate session key and either let request in or bounce it. Of course the key has to be long > 256bit long secure random seeded, expiring, etc. May be there is a better way, will watch what others say..
olarte.andres wrote: > > Hi, > > What's the best way to implement stateful web services? I was thinking of > including a session id with every call, but was wondering if there's a > better way. > > Thanks, > > Andres > > -- View this message in context: http://old.nabble.com/Stateful-webservices-tp26400779p26401116.html Sent from the cxf-user mailing list archive at Nabble.com.
