You are viewing a plain text version of this content. The canonical link for it is here.

Posted to c-user@axis.apache.org by Subra A Narayanan <as...@gmail.com> on 2007/11/30 03:49:34 UTC

session cookies

Hello folks,

I have a webservice that requires that should be accessible only by
authenticated users. right now, the way it works is, each and every request
has to be authenticated. i was wondering, if there is a way in axis2/c to
generate a session cookie or id which would be valid for a given period of
time. the webservice would set this cookie after the first request comes in
and is successfully authenticated but each subsequent request would just
pass this cookie and there will be no need for authenticating every incoming
request.

does this make sense? is it doable in axis2c?


Thanks as usual!
Subra

Re: session cookies

Posted by Dinesh Premalal <xy...@gmail.com>.

Hi Subra,

"Subra A Narayanan" <as...@gmail.com> writes:

> Hello folks,
>
> I have a webservice that requires that should be accessible only by
> authenticated users. right now, the way it works is, each and every request has
> to be authenticated. i was wondering, if there is a way in axis2/c to generate
> a session cookie or id which would be valid for a given period of
> time. 

AFAIK, there is no session cookie or id management system in Axis2/C. 

>the
> webservice would set this cookie after the first request comes in and is
> successfully authenticated but each subsequent request would just pass this
> cookie and there will be no need for authenticating every incoming request.
>

Couldn't you use HTTPS for this scenario? Though it is not
authenticate every request, at least it authenticate before session
begins :) 

> does this make sense? is it doable in axis2c?

I think this can be done, My feeling is , this should be handled at http
transport level.

thanks,
Dinesh

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org

Re: session cookies

Posted by Bill Mitchell <wt...@acm.org>.

Related to Subra's unanswered question, I see where the Axis2C options
structure provides support, through the method
axis2_options_set_manage_session(), for the client to request that sessions
be managed, presumably through maintaining and returning cookie information
to the server.  But I don't see that the code behind this yet exists in
Axis2C.  Is it there and I'm just not seeing it?  Is someone actively
working on implementing cookie support in Axis2C to match that in Axis C++?  

Thanks,
Bill

Subra A Narayanan wrote:
> 
> is there a way in axis2/c to generate a session cookie or id which would
> be valid for a given period of
> time? 
> 

-- 
View this message in context: http://www.nabble.com/session-cookies-tf4901301.html#a14098986
Sent from the Axis - C++ - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org