You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Russell Butek <bu...@us.ibm.com> on 2001/10/01 14:57:57 UTC
RE: How to get/pass header session information
Do we have any concern with letting clients have direct control over
message header info?
I'm still a newbie to the SOAP world, so maybe my assumptions are baloney,
but in the CORBA world, we really didn't want the client to be able to muck
with the message headers. The header was the realm of the ORB and its
services: security, transactions, etc. and we didn't want clients to
tamper with their information. Portable interceptors were developed for
service folks to gain limited access to the header. A client could always
write an interceptor, but access to the header was limited enough that they
could add their own info, but not mess with what was already there.
Russell Butek
butek@us.ibm.com
Glen Daniels <gd...@macromedia.com> on 09/28/2001 04:04:14 PM
Please respond to axis-dev@xml.apache.org
To: "'axis-user@xml.apache.org'" <ax...@xml.apache.org>
cc: "'axis-dev@xml.apache.org'" <ax...@xml.apache.org>
Subject: RE: How to get/pass header session information
Good catch, Mark.
I think the right solution to this might be to add APIs like this to
ServiceClient:
public void addHeader(SOAPHeader header)
public void clearHeaders()
This would allow the user to add headers to outgoing messages. I'm not
sure, but I think a good default might be to persist the headers across
invoke()s unless clearHeaders() is called, which would enable very easy
usage in scenarios like the session one you mention.
Axis-dev'ers? +1, -1?
--Glen
> -----Original Message-----
> From: Mark Roder [mailto:mroder@wamnet.com]
> Sent: Friday, September 28, 2001 4:02 PM
> To: 'axis-user@xml.apache.org'
> Subject: RE: How to get/pass header session information
>
>
>
> I figured out how to get the session information by doing the
> following:
> User aUser=ArchiveDataTEST.getValidUser();
> RPCParam userParam = new RPCParam("User", aUser) ;
>
> String endpoint =
> "http://localhost:80/cgi-bin/wambase/mvsrch_front";
>
> ServiceClient client = new ServiceClient(endpoint);
> client.addOption(AxisEngine.PROP_DOMULTIREFS, new Boolean(false));
> client.addSerializer(User.class,new QName(),new BeanSerializer());
> String ret = (String)client.invoke("Login",
> new Object []
> {userParam });
> Message msg = client.getResponseMessage();
> SOAPEnvelope env=msg.getAsSOAPEnvelope();
> SOAPHeader sessionHeader =
> env.getHeaderByName("urn:schemas-wamnet-com:Session","SessionID");
> String aString = (String) sessionHeader.getValueAsType(new
> QName(Constants.URI_2001_SCHEMA_XSD, "string"));
>
> String sessionId = aString.trim();
> System.out.println("SessionID:" +sessionId);
>
> I can create(I think it works) a header using the following code:
> Document doc = XMLUtils.newDocument();
> Element element =
> doc.createElement(ArchiveConstants.NS_SESSION_ID);
> element.setAttribute(ArchiveConstants.NS_AUTH_REF,
> ArchiveConstants.NS_AUTH_URI);
> element.appendChild(doc.createTextNode(sessionId));
> SOAPHeader sessionHeader = new SOAPHeader(element);
>
> Now that I have the SOAPHeader, it looks like ServiceClient
> is written in a
> way that doesn't allow me to add my own SOAPHeaders to a message.
>
> The invoke(method,args) creates a RPCElement and then runs
> invoke(RPCElement).
>
> The invoke(RPCElement) creates the SOAPEnvelope and adds the
> body, creates
> the message, calls invoke() and then decodes the response.
>
> What I want to do is add my own header after the
> invoke(RPCElement) does the
> work of setting up the message but before invoke() is called.
>
> Options:
> Option1: I started down the wrong path and there is an easier way.
> Option2:
> Change how the invoke methods are called so that the
> RPC invokes call
> a "createEnvelope(method,args)" method that returns a
> SOAPEnvelope. They
> then call the invoke(SOAPEnvelope) method to make the call. A
> "decode(SOAPEnvelope)" method will then return the object.
> This is breaking
> up the current invoke(RPCElement) method into the part above
> invoke() and
> below invoke().
>
> This change would allow me to do the following in my code:
>
> reqEnv = client.createMessage(method,args);
> reqEnv.addHeader(myHeader);
> responseEnv = client.invoke(reqEnv);
> resultObject = client.decode(responeEnv)
>
> Option3: Make a method that you can pass in a header for
> the message
>
> Does this make sense? Am I missing something?
>
> Later
>
> Mark
>
>
>
>
>
>
> -----Original Message-----
> From: Mark Roder [mailto:mroder@wamnet.com]
> Sent: Friday, September 28, 2001 12:29 PM
> To: 'axis-user@xml.apache.org'
> Subject: How to get/pass header session information
>
>
>
> I am just starting to use axis, so this may be simple. I am
> working on a
> soap client application hitting an existing server.
>
> How do I pull the session information out of the header of
> the following
> response?
>
> Then, how do I add it all following requests?
>
>
> My current code:
>
> User aUser=ArchiveDataTEST.getValidUser();
> RPCParam userParam = new RPCParam("User", aUser) ;
>
> String endpoint =
"http://localhost:80/cgi-bin/wambase/mvsrch_front";
ServiceClient client = new ServiceClient(endpoint);
client.addOption(AxisEngine.PROP_DOMULTIREFS, new Boolean(false));
client.addSerializer(User.class,new QName(),new BeanSerializer());
String ret = (String)client.invoke("Login",
new Object [] {userParam });
System.out.println("Sent 'Hello!', got '" + ret + "'");
Response I need to get session information out of:
HTTP/1.1 200 OK Date: Fri, 28 Sep 2001 16:39:10 GMT Server: Apache/1.3.11
(Unix) mod_ssl/2.5.0 OpenSSL/0.9.4 Connection: close Content-Type: text/xml
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<soap:Header>
<auth:SessionID xmlns:auth="urn:schemas-wamnet-com:Session"
soap:mustUnderstand="1">
ses09281011739119691.id
</auth:SessionID>
</soap:Header>
<soap:Body>
<m:LoginResponse xmlns:m="urn:schemas-wamnet-com:Archive" />
</soap:Body>
</soap:Envelope>
Example request I need to put the session information into:
POST /cgi-bin/wambase/mvsrch_front HTTP/1.0 Host: localhost Content-Type:
text/xml; charset=utf-8 Content-Length: 608 SOAPAction:
"urn:schemas-wamnet-com:Archive#GetLibraries" <?xml version='1.0'
encoding='UTF-8'?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/1999/XMLSchema">
<SOAP-ENV:Header>
<auth:SessionID soap:mustUnderstand="1"
xmlns:auth="urn:schemas-wamnet-com:Authentication">
ses09281011809017084.id </auth:SessionID>
</SOAP-ENV:Header>
<SOAP-ENV:Body> <ns1:GetLibraries xmlns:ns1
="urn:schemas-wamnet-com:Archive"
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
</ns1:GetLibraries> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
Thanks
Mark