Win a copy of Practical SVG this week in the HTML/CSS/JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

purpose of org.apache.axis.client.Call.setMaintainSession()?

 
Ravi Danum
Ranch Hand
Posts: 154
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

What is the purpose of the

org.apache.axis.client.Call.setMaintainSession()

method? I created a Call object and used it throughout the application to call methods on our web service.

During this time a call to Call.getMaintainSession() would return false (which is the default).

So what type of different behavior would be expected if it were set to true?

Thanks in advance.

-Ravi
 
Ivan Krizsan
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
I am not all that familiar with Axis, but my guess is that if you tell the client to maintain a session when calling a web service and if (if and only if) the web service supports maintaining sessions, then you can develop stateful web services. Generally speaking, stateful web services is not a good idea since the statefulness limits scalability etc.
Best wishes!
 
Ravi Danum
Ranch Hand
Posts: 154
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ivan and All,

I am using a client certificate to authenticate with a web service. I want to maintain an ssl session with the web service, so I don't have to go through the initial ssl handshaking each time. This is why I asked about Call.setMaintainSession().

Do you agree that maintaining the session is necessary for ssl with the web service?

Thanks...I appreciate your help.

-Ravi
 
Ivan Krizsan
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
No, I am almost entirely certain that you do not need to set the maintain session property in a Call instance to true in order for SSL to maintain a session.
Think of it this way: Is instances of Call exclusively used with SSL? No, they can be used with plain HTTP as well.
Additionally, SSL is supposed to be transparently interchangeable with plain HTTP.

The mechanism for web services to maintain session, which you set in the Call instance, is exactly the same as the servlet session mechanism.
Best wishes!
 
Ravi Danum
Ranch Hand
Posts: 154
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ivan,

How does ssl work then? My understanding is that first there is an initial handshaking, after that a key and other parameters are passed between client and server for the duration of the session. So if I don't call setMaintainSession to true, will these parameters still be passed and ssl maintained?

Thanks so much again.

-Ravi
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!