Axis2 Session Managment

Question

iam building a small webservice in axis2 (buttom up, i write the java classes and let eclipse wtp generate the service). I would like to use sessions so that a user can login with a username and pass if it exist in a database and than use the webservice but within the context of his session. I quite frankly don't know where to start. How do i create a session and than handle it afterwards?

Answer 1

You may want to use handlers for authentication. Suggest you start here on that topic.

For session information, start here.

As @Maurice Perry said, I'm not sure your question makes sense...remember that web services are supposed to be stateless.

Answer 2

I got you creating the Soap service using eclipse and axis 2

just change in the service XML file to have scope

    <service name="Myservice"  scope="soapsession">

and then your service will be state full not default session as request

you got a long way to go to make change , i cannot discuss all of that

here is the link

http://blogs.deepal.org/2009/06/axis2-tutorials-and-articles.html

Answer 3

Web services supposed to be stateless. So if you planned to use 'session' for authentication you could consider the following approach:

• Define authentication API that returns some key/token that server can identify user with in consecutive calls
• Client must call authentication API first
• Client must pass the authentication key with any consecutive call in form of API parameter or custom http header.

You could to take a look at eBay API, they use both http headers and method parameters.

You have to remember that if you planned to use session for holding the state, there is a bunch of issues you have to take care of in clustering environment since the same client can be served by different nodes.

Answer 4

I'm not sure I understand you question fully. The servlet container (tomcat?) will take care of the session management, and it can also take care of the authentication.