How to use Intersystem's session within web services

1k views Asked by At

I am trying to set some session information in one web method and return it in another web method, but the session data is always empty on the second web method. Here is what I tried

Web Method 1 - Sets session information

Method StartSession() As %String [WebMethod]
{
     set %session.NewSession = 1
     set %session.Data("key") = "dude"
     Quit "Session Started"
}

Web Method 2 - Gets session information should return dude, but is returning blank

Method TestSession() As %String [WebMethod]
{
    Quit $Get(%session.Data("key"))         
}
2

There are 2 answers

0
O.O On BEST ANSWER

As an alternative to psr's answer another way to handle state is to use custom SOAP headers.

For example:

Create a class for your custom SOAP headers like below:

Class Headers.TimeStamp Extends %SOAP.Header
{
     Property TimeSent As %TimeStamp;    
}

In the web method do this:

set h=##class(Headers.TimeStamp).%New()
set h.TimeSent=$ZTIMESTAMP
do ..HeadersOut.SetAt(h,"Timestamp")

This will generate the following SOAP header:

  <SOAP-ENV:Header>
    <TimeStamp xmlns:hdr="http://www.myapp.org">
      <TimeSent>60712,70996.027Z</TimeSent>
    </TimeStamp>  
  </SOAP-ENV:Header>

This will allow state to be maintained within the SOAP headers rather than using Cache's session management.

4
psr On

To use sessions with Cache web services you need to set the SOAPSESSION class parameter of your web service class equal to 1.

Doing so will cause the web service to return a SOAP session header in the response. If you are using a client that was built to expect this header you may not need to set up anything else. Otherwise, your client application will have to read this header and include it in all further requests, so the server can know which session you are using. An example of this header given in the documentation is:

<csp:CSPCHD xmlns:csp="http://www.intersystems.com/SOAPheaders">value of
CPSCHD token</csp:CSPCHD>

Note that security is a separate issue that your example doesn't address.

Also note that Intersystems has decided that web services will continue to use a license for some period of time after the call has been made. I can't find documentation on this, and I believe it's something like a few seconds per call. I believe that this can cause license issues that would not occur if you used other software to provide web services, and had that other software call Cache via some mechanism other than web services. I believe this is true even when that other software carefully follows all the rules in the license agreement about named and anonymous users. However, I'm not certain about any of this licensing stuff. Still, you might want to do some testing before you commit to an architecture.