How to make JAX-WS webservice respond with JSESSIONID (session id)

StackOverflow https://stackoverflow.com/questions/8844493

Question

I am a newbie in web services. I have a JAX-WS service which I need to implement session mechanism for. The SOAP messages are transported over HTTP, we use WebLogic, so JAXWS application is deployed on WebLogic app server and the services are accessible from WSDL document.

I have @WebServiceProvider (class that implements Provider< SOAPMessage >)

Now when I fire a login request I want JSESSIONID session cookie to be sent back, but we don't want to use CXF or anything else, just so called Metro, which frankly I don't yet completely understand. We also do not want to make this a persistent cookie, so manually adding a cookie to the response header is also not an option. But that works, I tried it. I just do not understand why session cookie is not set up automatically.

I've been searching the web and trying many things for 4 days now, nothing works. Please help.

Was it helpful?

Solution 2

I found the answer to my own question. The issue was in the way the bindings are used in WebServiceProvider implementation. If HTTP binding type is used then SOAPMessage cannot be used as a type for Provider. The correct solution here is to use Source (not sure if something else can be used too, didn't try), i.e.

package com.primavera.ws.jaxws.provider;

import javax.annotation.Resource;
import javax.xml.ws.BindingType;
import javax.xml.ws.Provider;
import javax.xml.ws.Service;
import javax.xml.ws.ServiceMode;
import javax.xml.ws.WebServiceContext;
import javax.xml.ws.WebServiceProvider;

@WebServiceProvider(portName="MyPort", serviceName="MyService", targetNamespace="http://mytargetlocation", wsdlLocation="WEB-INF/wsdl/My.wsdl")
@ServiceMode(value = Service.Mode.MESSAGE)
@BindingType(HTTPBinding.HTTP_BINDING)

public class MyProvider implements Provider<Source> {

    @Resource
    private WebServiceContext context;


    public MyProvider()
    {
    }

    @Override
    public Source invoke(Source request)
    {
        MessageContext mc = context.getMessageContext();
        HttpSession session =    ((javax.servlet.http.HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST)).getSession();
        if (session == null)
            throw new WebServiceException("No HTTP Session found");

        System.out.println("SessionID: " + session.getId());

        return request;
    }
}

OTHER TIPS

Typically, just accessing the HttpSession in your web service should be sufficient to set the session cookie in your response.

You can do this by injecting the WebServiceContext into your web service like so --

@Resource
private WebServiceContext ctx;
public void webServiceMethod() {
     MessageContext mc = ctx.getMessageContext();
     HttpSession session =    ((javax.servlet.http.HttpServletRequest)mc.get(MessageContext.SERVLET_REQUEST)).getSession();
     if (session == null)
         throw new WebServiceException("No HTTP Session found");
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top