Jump to content

Recommended Posts

hi

we've two kinds of clients, web client and an application which works as a client.

now our application simulates web requests by calling index.php as the web client does. we want to change it to calling web services via nusoap. but there's a problem. web services are session-less. for example, a web service is called to authenticate. the second service when called has no sense about the authentication and it's completely a separate call. someone told me that i may put something eg. a hash code in http headers to include the data provided via authentication so that the next web services read the data from header and realize the call has been for what session. this way something like session simulation occurs.

i'm not so familiar with 'http headers'. i don't know how can i do that. in the whole, i like to know what may be the best solution and whether nusoap keeps something internally like sessions so that i may read the in web services?

what's your suggestion?

thx

someone told me that i may put something eg. a hash code in http headers to include the data provided via authentication so that the next web services read the data from header and realize the call has been for what session. this way something like session simulation occurs.

 

You've essentially just described how sessions are retained normally. Cookies are sent in the request as a header:

 

Cookie: foo=bar; baz=quz

 

One of the key=value pairs is the session cookie, generally a hash, which refers back to a session file on the server containing a bunch of serialised data. You could simulate this through a different header, or as normal through the Cookie header if you want.

 

I've never actually used "NuSoap", but it just looks like a wrapper for SOAP. Personally I would keep the authentication process within the realm of the API implementation, not the server listening for the API requests. I'm not sure if this actually happens, but it's perfectly possible you might not send SOAP requests over HTTP. Much like a session cookie though, you could have a session/authentication hash passed back and forth between requests.

hmm, i don't know about cookies and how to use them. i'm not familiar with realm. i'm a newbie in web apps. i've been an application developer. all of what i know about coockies are regarding browsers which must be deleted when i fail loggin in sometimes!

i'm sorry, but please guide me as a newbie.

thx

If I were you I would steer clear of SOAP, if you can that is. The previous company I worked for used it extensively for communicating with the ERP and I hated it. Requests and responses are so needlessly bloated, which is a bigger issue when you're dealing with requests sent over an internet connection.

 

Have a read up on the HTTP protocol -- you should be familiar with it for web development anyway. It's very light-weight and semantic, extremely well supported on any platform, and it's easy to build an API on top of (known as "RESTful APIs".)

 

Cookies are part of the HTTP protocol, and are essentially just small bits of data stored on the user's computer the browser includes with each request. Have a read.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.