axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thakur, Viraj" <>
Subject RE: Managing sessions - Soap Header and HTTP Session
Date Wed, 29 Mar 2006 14:13:54 GMT
I am using classes generated by WSDL2Java for implementing the web service. Therefore the servlet
is transparent to me. 
Using a handler similar to SimpleSessionHandler on the request and response of the service,
I can get to the messageContext and the HTTPServletRequest. In the SOAP Header, I am passing
the session id that is same as that of the HTTPSession (basically the cookie id). However
on the way in to the web service, I cannot get to the same HttpSession as that of the id passed
in the SOAP Header. The line of code:

HttpSession httpSession = request.getSession(true);
retrieves the HttpSession but it is not the same as the one on the first request. Is there
any way to retrive the HttpSession given a id? Hope my explanation helped clarify the problem.


-----Original Message-----
From: prashanth shivakumar []
Sent: Wednesday, March 29, 2006 3:22 AM
Subject: Re: Managing sessions - Soap Header and HTTP Session

Dont know whether iam understanding your problem correctly..
JSESSIONID is nothing but a cookie used for session tracking by server..
I dont think you can ever retrieve a session based on JSESSIONID.
I do session handling as mentioned below.

This is how i have done it.. 
Some of the people over in this forum suggested the same..

Make your servlet webservice  endpoint interface implement javax.xml.rpc.server.ServiceLifecycle
Than you need to define init() and destroy() methods.
Using ServletEndpointContext you can retrieve HTTPSession and thats what you need to maintain
Implement your backend logic in stateless EJBs

given below is a small snippet from my servlet endpoint


javax.xml.rpc.server.ServletEndpointContext servletContext;
 public void init(Object context) {
   servletContext = (javax.xml.rpc.server.ServletEndpointContext) context;
 public void destroy() {
  servletContext = null;

On 3/28/06, Thakur, Viraj < > wrote: 

Has anyone encountered the problem of managing sessions using SOAP header and linking the
session with HTTP Session? I am prototyping a set of services on top of an existing application
architecture that uses HTTPSession for state management. In the web services that I am writing,
we would like to maintain session using SOAP header rather than HTTP cookies. Therefore I
need to link the session id in the SOAP header with the session id of the HttpSession. I have
written a handler similar to SimpleSessionHandler. This new handler sets MessageContext session
to use AxisHttpSession. However the linking of HttpSession with AxisHttpSession fails. The
HttpSession is retrieved, like so: 

HttpServletRequest request = (HttpServletRequest) context.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
HttpSession httpSession = request.getSession(true);

The getSession method on HttpServletRequest retrieves the session based on a cookie or URL
but does not accept a "JSESSIONID" to retrieve the session with. Therefore the HttpSession
is always different than the one we are looking for. Has anyone resolved this issue or found
a way to get around it? Any help is much appreciated. 

Rest of the code is something like this:

       AxisHttpSession session = null;
       if (header == null) {
       session = getNewSession(request,httpSession);
     id = session.getRep().getId(); 
       // This session is still active...
       (AxisHttpSession) session).touch();
       // Store it away in the MessageContext.
     context.setProperty (SESSION_ID, id);

Many Thanks


View raw message