WebService session sessionstate SOAP

[jb]

*Please* help --- I'm tearing my hair out.

I want to use sessionstate in a webservice, accessed from a client, written
in script (JScript, InfoPath).

I have written my webservice (C# .NET). I have marked the method(s) with
EnableSession=true. I have read everything there is to read! I am told that
to reuse session, my client needs to receive a cookie in the header from the
webservice and then pass this back in all future calls. This can all be
found in HttpWebClientProtocol.CookieContainer. I am told to "Assign the
CookieContainer to the proxy class" in the web client.

But my client isn't a C# .NET app! It's JScript in InfoPath.

I have written code there to invoke the webmethod via SOAP/XMLHTTP, so I'm
in charge of stuff. The call works fine, minus session stuff. But I cannot
see where what I need for preserving the session is kept/accessed? As I
understand it, I'm just looking to preserve a cookie for "sessionid" that
will be in the "header" (SOAP header? HTTP header?) sent to me from the
webservice?

I'm lost & frustrated...

 

[Brian Teutsch [MSFT]]

InfoPath as a client doesn't respect the session cookie. You'll have to
receive the web service through script and store the header information into
the DOM somewhere, and handle the cookie get/send yourself. Sorry I don't
have any more information on how to do this, but at least you can stop
looking for something automatic within InfoPath.

Brian

 

[jb]

Brian,

Thanks for the reply.

Is it possible you're wrong, or I'm *totally* misunderstanding what's going
on? 'Coz now I'm even *more* mystified!

First, forget about SOAP. I think I understand I'm talking about HTTP
headers.

I'm finding, empirically, that my session & state *are* being preserved,
even though I've done nought in InfoPath! Yet you say:

InfoPath as a client doesn't respect the session cookie.

Debugging at the webservice side, I see a session being created for the
first IP request. Then no new session for subsequent requests, and my WS
sees its Session[] variables as it set them up last request. Session times
out as usual after inactivity for a while, as per web.config.

I switch on debugging in IIS to include showing "cookies". For all requests
(after the first) coming in from IP I see at the end of the trace info all
the "cookies", *including* "ASP.NET_SessionId=......." at the end.

This is being passed from IP, right? And the fact it's there is causing the
WS to reuse existing session, right? What am I failing to understand? I
find *all* IP sessions on my machine (no matter what IP form), to the same WS
at least, use the same WS session; any IP sessions from another machine use a
different session.

Maybe I'm not very clear about what I'm wanting/trying to understand. There
are really 2 different things, I don't quite understand how they are related:

1. My WS must see the same session for subsequent requests from the same IP
client (machine will probably do), as indicated by when Session_Start() in
Global.asax.cs gets called. I find this is true. This is vital.

2. My WS sees the same variables/contents in its Session[] bucket for
subsequent requests from the same IP client (machine will probably do). I
find this is true. This is *not* so vital, so long as I know what the case
will be --- I can code as necessary.

I should be *so* grateful if you/whoever would explain.

 

[Brian Teutsch [MSFT]]

I'm going to have to back out from the InfoPath side. I'm not knowledgeable
about our SOAP support.

Sorry,
Brian

Brian,

Thanks for the reply.

Is it possible you're wrong, or I'm *totally* misunderstanding what's
going
on? 'Coz now I'm even *more* mystified!

First, forget about SOAP. I think I understand I'm talking about HTTP
headers.

I'm finding, empirically, that my session & state *are* being preserved,
even though I've done nought in InfoPath! Yet you say:

InfoPath as a client doesn't respect the session cookie.

Debugging at the webservice side, I see a session being created for the
first IP request. Then no new session for subsequent requests, and my WS
sees its Session[] variables as it set them up last request. Session
times
out as usual after inactivity for a while, as per web.config.

I switch on debugging in IIS to include showing "cookies". For all
requests
(after the first) coming in from IP I see at the end of the trace info all
the "cookies", *including* "ASP.NET_SessionId=......." at the end.

This is being passed from IP, right? And the fact it's there is causing
the
WS to reuse existing session, right? What am I failing to understand? I
find *all* IP sessions on my machine (no matter what IP form), to the same
WS
at least, use the same WS session; any IP sessions from another machine
use a
different session.

Maybe I'm not very clear about what I'm wanting/trying to understand.
There
are really 2 different things, I don't quite understand how they are
related:

1. My WS must see the same session for subsequent requests from the same
IP
client (machine will probably do), as indicated by when Session_Start() in
Global.asax.cs gets called. I find this is true. This is vital.

2. My WS sees the same variables/contents in its Session[] bucket for
subsequent requests from the same IP client (machine will probably do). I
find this is true. This is *not* so vital, so long as I know what the
case
will be --- I can code as necessary.

I should be *so* grateful if you/whoever would explain.

InfoPath as a client doesn't respect the session cookie. You'll have to
receive the web service through script and store the header information
into
the DOM somewhere, and handle the cookie get/send yourself. Sorry I don't
have any more information on how to do this, but at least you can stop
looking for something automatic within InfoPath.

Brian

 

[Matthew Blain \(Serriform\)]

I expect you'll have to add the session as a paremeter in the web service
methods. InfoPath is probably relying on something underneath which assumes
that HTTP is stateless, and any shared info can safely be shared across all
calls on the machine--possibly including IE and multiple InfoPath forms.

I have no idea what InfoPath does internally, but this might be a feature
request for future versions. But the inherent statelessness of HTTP means
that relying on sessions may not be such a good idea. Since cookies are not
really part of SOAP (I don't think, I may be wrong), a client can choose to
implement cookie handling any way it wants and still be a perfectly valid
Web Service client.

--Matthew Blain
http://tips.serriform.com/
http://www.developingsolutionswithinfopath.com

Brian,

Thanks for the reply.

Is it possible you're wrong, or I'm *totally* misunderstanding what's going
on? 'Coz now I'm even *more* mystified!

First, forget about SOAP. I think I understand I'm talking about HTTP
headers.

I'm finding, empirically, that my session & state *are* being preserved,
even though I've done nought in InfoPath! Yet you say:

InfoPath as a client doesn't respect the session cookie.

Debugging at the webservice side, I see a session being created for the
first IP request. Then no new session for subsequent requests, and my WS
sees its Session[] variables as it set them up last request. Session times
out as usual after inactivity for a while, as per web.config.

I switch on debugging in IIS to include showing "cookies". For all requests
(after the first) coming in from IP I see at the end of the trace info all
the "cookies", *including* "ASP.NET_SessionId=......." at the end.

This is being passed from IP, right? And the fact it's there is causing the
WS to reuse existing session, right? What am I failing to understand? I
find *all* IP sessions on my machine (no matter what IP form), to the same WS
at least, use the same WS session; any IP sessions from another machine use a
different session.

Maybe I'm not very clear about what I'm wanting/trying to understand. There
are really 2 different things, I don't quite understand how they are related:

1. My WS must see the same session for subsequent requests from the same IP
client (machine will probably do), as indicated by when Session_Start() in
Global.asax.cs gets called. I find this is true. This is vital.

2. My WS sees the same variables/contents in its Session[] bucket for
subsequent requests from the same IP client (machine will probably do). I
find this is true. This is *not* so vital, so long as I know what the case
will be --- I can code as necessary.

I should be *so* grateful if you/whoever would explain.

InfoPath as a client doesn't respect the session cookie. You'll have to
receive the web service through script and store the header information into
the DOM somewhere, and handle the cookie get/send yourself. Sorry I don't
have any more information on how to do this, but at least you can stop
looking for something automatic within InfoPath.

Brian

 

[jb]

Matthew,

If you're interested, see my response to Brian above. Thanks for your help.

I expect you'll have to add the session as a paremeter in the web service
methods. InfoPath is probably relying on something underneath which assumes
that HTTP is stateless, and any shared info can safely be shared across all
calls on the machine--possibly including IE and multiple InfoPath forms.

I have no idea what InfoPath does internally, but this might be a feature
request for future versions. But the inherent statelessness of HTTP means
that relying on sessions may not be such a good idea. Since cookies are not
really part of SOAP (I don't think, I may be wrong), a client can choose to
implement cookie handling any way it wants and still be a perfectly valid
Web Service client.

--Matthew Blain
http://tips.serriform.com/
http://www.developingsolutionswithinfopath.com

Brian,

Thanks for the reply.

Is it possible you're wrong, or I'm *totally* misunderstanding what's going
on? 'Coz now I'm even *more* mystified!

First, forget about SOAP. I think I understand I'm talking about HTTP
headers.

I'm finding, empirically, that my session & state *are* being preserved,
even though I've done nought in InfoPath! Yet you say:

InfoPath as a client doesn't respect the session cookie.

Debugging at the webservice side, I see a session being created for the
first IP request. Then no new session for subsequent requests, and my WS
sees its Session[] variables as it set them up last request. Session times
out as usual after inactivity for a while, as per web.config.

I switch on debugging in IIS to include showing "cookies". For all requests
(after the first) coming in from IP I see at the end of the trace info all
the "cookies", *including* "ASP.NET_SessionId=......." at the end.

This is being passed from IP, right? And the fact it's there is causing the
WS to reuse existing session, right? What am I failing to understand? I
find *all* IP sessions on my machine (no matter what IP form), to the same WS
at least, use the same WS session; any IP sessions from another machine use a
different session.

Maybe I'm not very clear about what I'm wanting/trying to understand. There
are really 2 different things, I don't quite understand how they are related:

1. My WS must see the same session for subsequent requests from the same IP
client (machine will probably do), as indicated by when Session_Start() in
Global.asax.cs gets called. I find this is true. This is vital.

2. My WS sees the same variables/contents in its Session[] bucket for
subsequent requests from the same IP client (machine will probably do). I
find this is true. This is *not* so vital, so long as I know what the case
will be --- I can code as necessary.

I should be *so* grateful if you/whoever would explain.

InfoPath as a client doesn't respect the session cookie. You'll have to
receive the web service through script and store the header information into
the DOM somewhere, and handle the cookie get/send yourself. Sorry I don't
have any more information on how to do this, but at least you can stop
looking for something automatic within InfoPath.

Brian

*Please* help --- I'm tearing my hair out.

I want to use sessionstate in a webservice, accessed from a client,
written
in script (JScript, InfoPath).

I have written my webservice (C# .NET). I have marked the method(s) with
EnableSession=true. I have read everything there is to read! I am told
that
to reuse session, my client needs to receive a cookie in the header from
the
webservice and then pass this back in all future calls. This can all be
found in HttpWebClientProtocol.CookieContainer. I am told to "Assign the
CookieContainer to the proxy class" in the web client.

But my client isn't a C# .NET app! It's JScript in InfoPath.

I have written code there to invoke the webmethod via SOAP/XMLHTTP, so I'm
in charge of stuff. The call works fine, minus session stuff. But I
cannot
see where what I need for preserving the session is kept/accessed? As I
understand it, I'm just looking to preserve a cookie for "sessionid" that
will be in the "header" (SOAP header? HTTP header?) sent to me from the
webservice?

I'm lost & frustrated...

 

[jb]

Thanks for being honest!

Actually, like I said, I think you can forget SOAP. I have now done
extensive testing and stand by what I said, viz. InfoPath specifically *does*
maintain the cookie used to reuse sessions ("ASP.NET_SessionId"). I have
written a program to compare IP behaviour with that of a web client using
HttpWebClientProtocol.CookieContainer, as per MSDN "How to maintain state in
webservices ...", and IP behaves in the same way as a webservice client which
*does* use this to maintain state.

I have little choice but to rely on this, as otherwise every single
interaction (roundtrip) between IP and a webservice would create a brand new
session, which would be unmanageable. Of course, I would be *much* happier
if MS would confirm this is the behaviour intended...

Thanks for your (and others') help.

I'm going to have to back out from the InfoPath side. I'm not knowledgeable
about our SOAP support.

Sorry,
Brian

Brian,

Thanks for the reply.

Is it possible you're wrong, or I'm *totally* misunderstanding what's
going
on? 'Coz now I'm even *more* mystified!

First, forget about SOAP. I think I understand I'm talking about HTTP
headers.

I'm finding, empirically, that my session & state *are* being preserved,
even though I've done nought in InfoPath! Yet you say:

InfoPath as a client doesn't respect the session cookie.

Debugging at the webservice side, I see a session being created for the
first IP request. Then no new session for subsequent requests, and my WS
sees its Session[] variables as it set them up last request. Session
times
out as usual after inactivity for a while, as per web.config.

I switch on debugging in IIS to include showing "cookies". For all
requests
(after the first) coming in from IP I see at the end of the trace info all
the "cookies", *including* "ASP.NET_SessionId=......." at the end.

This is being passed from IP, right? And the fact it's there is causing
the
WS to reuse existing session, right? What am I failing to understand? I
find *all* IP sessions on my machine (no matter what IP form), to the same
WS
at least, use the same WS session; any IP sessions from another machine
use a
different session.

Maybe I'm not very clear about what I'm wanting/trying to understand.
There
are really 2 different things, I don't quite understand how they are
related:

1. My WS must see the same session for subsequent requests from the same
IP
client (machine will probably do), as indicated by when Session_Start() in
Global.asax.cs gets called. I find this is true. This is vital.

2. My WS sees the same variables/contents in its Session[] bucket for
subsequent requests from the same IP client (machine will probably do). I
find this is true. This is *not* so vital, so long as I know what the
case
will be --- I can code as necessary.

I should be *so* grateful if you/whoever would explain.

InfoPath as a client doesn't respect the session cookie. You'll have to
receive the web service through script and store the header information
into
the DOM somewhere, and handle the cookie get/send yourself. Sorry I don't
have any more information on how to do this, but at least you can stop
looking for something automatic within InfoPath.

Brian

*Please* help --- I'm tearing my hair out.

I want to use sessionstate in a webservice, accessed from a client,
written
in script (JScript, InfoPath).

I have written my webservice (C# .NET). I have marked the method(s)
with
EnableSession=true. I have read everything there is to read! I am
told
that
to reuse session, my client needs to receive a cookie in the header
from
the
webservice and then pass this back in all future calls. This can all
be
found in HttpWebClientProtocol.CookieContainer. I am told to "Assign
the
CookieContainer to the proxy class" in the web client.

But my client isn't a C# .NET app! It's JScript in InfoPath.

I have written code there to invoke the webmethod via SOAP/XMLHTTP, so
I'm
in charge of stuff. The call works fine, minus session stuff. But I
cannot
see where what I need for preserving the session is kept/accessed? As
I
understand it, I'm just looking to preserve a cookie for "sessionid"
that
will be in the "header" (SOAP header? HTTP header?) sent to me from the
webservice?

I'm lost & frustrated...