You will have to create your own session management - SOAP is intrinsicly stateless. Http sessions are based on Java collections - easy enough to duplicate the idea with standard Java.
Surely you already have some way to uniquely identify each user if this is a commercial application.
Bill
He got surgery to replace his foot with a pig. He said it was because of this tiny ad:
a bit of art, as a gift, the permaculture playing cards