This content has been marked as final. Show 5 replies
> Is there a way to maintain a session on the server for the duration of a
> series of web service requests for an individual consumer?
I don't know, but if extract how normal web browser requests maintain
sessions then maybe one can apply this to web service requests.
ColdFusion knows which requests belong to what sessions by the cfid and
cftoken values sent with every request; usually in cookies, but
alternately as get (aka URL) values. I would presume that if a web
service request could and would send these values with future request,
then session state could be maintained. But I sure have never tried to
Thanks for your reply. From what I understand, and this may be incorrect, there is no persistent session or cookies available for me to use. If I make consecutive requests the session.sessionid changes each time, as does the cfid/cftoken. I don't think url variables are any good either in this instance, as the request will be coming from a dotnet application and not via a browser.
My theoretical solution is this:
1. To authenticate against the username/password in the soap header,
2. Create a uuid; logging this uuid in the database and then adding that uuid to the SOAP header.
3. Compare the uuid in the SOAP header against the uuid in the database and ensure that the access is authorised and timely.
Does this make sense? Is this good practice?
> Hi Ian,
> Thanks for your reply. From what I understand, and this may be incorrect,
> there is no persistent session or cookies available for me to use. If I make
> consecutive requests the session.sessionid changes each time, as does the
> cfid/cftoken. I don't think url variables are any good either in this instance,
> as the request will be coming from a dotnet application and not via a browser.
My understanding, but I have never tried to make use of this, the
cookies and url variables are available to you, but the application
consuming the web service must take on the role of a browser and handle
the cookies and or URL variables. You know longer get this handled for
you automatically in this scenario.
The first links from Google when I searched for coldfusion web service
Thanks for those links - I had come across Tom's blogs, but didn't see those entries. I'll try and follow those guidelines.