axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Hawkins <HAWKI...@uk.ibm.com>
Subject Re: Handling sessions with cookies
Date Mon, 01 Nov 2004 10:57:49 GMT




There is a question here "what does the web server do when it sees one with
only these settings?" Does it expire it at a given time - probably
configurable per server?

What are the other options - what is "secure" - sounds important - will
this affect ?

Overall, I think we should look to be the same as Axis Java? However, when
they change their support how do we ensure we keep in step?

John Hawkins




                                                                           
             Samisa Abeysinghe                                             
             <samisa_abeysingh                                             
             e@yahoo.com>                                               To 
                                       axis-c-dev@ws.apache.org            
             01/11/2004 10:35                                           cc 
                                                                           
                                                                   Subject 
             Please respond to         Handling sessions with cookies      
              "Apache AXIS C                                               
             Developers List"                                              
                                                                           
                                                                           
                                                                           
                                                                           




Hi All,
   I am in the process of implementing support for sessions with Cookies.

The syntax for Set-Cookie header is:
Set-Cookie: NAME=VALUE; expires=DATE;path=PATH; domain=DOMAIN_NAME; secure

However, looking at how Axis Java has implemented it they just assume that
there will only be
NAME=VALUE and igniore the rest. If we also agree that this a reasonable
assumption, I could
implement cookie support very easily.

However, in case it is possible for web services to use 'path' in the
Set-Cookie syntax, the
client side cookie handling logic becomes a bit complex (see
http://wp.netscape.com/newsref/std/cookie_spec.html). Should I KISS and do
it like Aaxis Java or
do I need to look further into an alorithm for dealing with 'path' in
Set-Cookie.

Thoughts please...

Thanks,
Samisa...



_______________________________
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now.
http://messenger.yahoo.com



Mime
View raw message