on 2011 Apr 29 12:06 PM
I'm trying to establish a 'session' with a mailing house's web services...
First step is to get a security token -- which I've got working great thanks to Ivan OpenXML syntax question.
But, apparently I have to pass both the security token, and the session ID, which comes in the form of a cookie, back on subsequent requests to other methods on the same server.
There is lots of documentation on setting cookies when creating web services, but I cant find how to read a cookie, so that I can pass the session it back to the server on subsequent requests in a HEADER clause. OR does the SQLA web client just do this automatically, like a web browser does?
Here is my code... and the code commented out doesn't work (syntax near BEGIN). Code was lifted from NEXT_HTTP_RESPONSE_HEADER documentation
create function "rhiner"."doAuthenticate"( in in0 long varchar,in in1 long varchar )
returns long varchar
url 'http://somebody.com:3080/services/SecurityService'
type 'soap:doc'
namespace 'http://ws.defgh.com'
/*
BEGIN
declare header_name long varchar;
declare header_value long varchar;
set header_name = NULL;
header_loop:
LOOP
SET header_name = NEXT_HTTP_RESPONSE_HEADER( header_name );
IF header_name IS NULL THEN
LEAVE header_loop
END IF;
SET header_value = HTTP_RESPONSE_HEADER( header_name );
MESSAGE 'RESPONSE HEADER: ', header_name, '=', header_value TO CONSOLE;
END LOOP; */
I tried the same LOOP code in the procedure that calls this one, and while the code runs, it produces no result, indicating to me that the calling procedure doesn't have access to the headers -- I need to get them from within this function.
So, that's my question... how do I get the cookie and send it back?
I'm running on SQLA 12.0.1.3244
First, if you are defining a procedure that does a HTTP SOAP call to another HTTP server then you cannot define a body, hence why you are getting an error at "BEGIN".
To pass a cookie back to the other HTTP server you must define a "COOKIE" header in the out-going HTTP request. To do this you use the HEADER clause in your create procedure (or function) declaration. Example:
CREATE PROCEDURE foo ( in cookieval long varchar, ...other-parameters )
URL '...some-url...'
...
HEADER '!cookieval'
Then pass in the header string that will set the cookie value. E.g.
call foo( 'Cookie: sessionid=some-value', ... );
The actual value that you set (in above example: "sessionid=some-value") will be dependent on the cookie value that you got back from the server when you made the call.
See the documentation of create procedure statement for web services in the 12.0.1 docs.
There is also an example in your SQL Anywhere installation called "soapsession.sql" that illustrates how to do this (and I have attached it for your viewing pleasure 🙂
If you need to extract the cookie from the HTTP headers from your first request to the server then you need to define your routine as a procedure (not a function) and extract the SET-COOKIE header from the result set returned from the procedure.
Example: Here is a procedure that does a generic web request call (some code extracted out of one of my apps):
create procedure spx_web_get(
in url long varchar,
in header long varchar default null )
url '!url'
type 'HTTP:GET'
header '!header';
And here is a snippet of code that can be used to get the cookie from the headers:
... @url and @header need to be defined before getting here ...
begin
declare local temporary table web_results(
attribute long varchar,
value long varchar
);
insert
into web_results
select *
from "{owner}".spx_web_get( @url, @header )
with ( attribute long varchar, value long varchar );
select attribute
into @cookie
from web_results
where lower(value) = 'set-cookie';
... note: the body of the web response is in the row with attribute = "body"
end;
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Mark... I understand how to pass the cookie value to the server... What I'm missing is how to receive the cookie in the first place. It's not coming back in the XML packet, its coming back in the HTTP header.
The method I'm calling wants a handful of paramtners... and my understanding is that the parameter names of the function/produdure are mapped to the paramenter names of the web service... therefore If create a parameter called cookieval, won't the remote server have a problem? Or does the HEADER clause strip that one from the parameter bindings?
Any parameter that is consumed by the server as part of expand the '!var' options do not get send as parameters in the call to the remote service.
If the cookie is sent to the client as an HTTP header then you must define the web client routine as a procedure (and not a function), and then extract the header information from the result set that is returned from the procedure. I have revised my answer to include an example.
I had the same question as above. When i try this example, it sort of works, but the cookie is only the last pair of cookies in the response. Here's the cookie info it shows in the query result (attribute,value): 'Set-Cookie','BIGServer-8080=123432138.36895.0000; path=/'
But in Mozilla I can inspect the cookie that gets returned, and it has 11 sets of cookies in the Cookie result. (eg, something like this. values have been changed, shortened to protect privacy): LogoURL=www.blah.com; BlahTicket=12341341234123%7C41ee026bc0000000%7C41df3c04d7800000%7C; BlahUser=blaha%7C41ee026bc0000000%7C41df3c04d7800000%7C; BIGServer-8080=123432138.36895.0000;
How can I get all the other cookie pairs? I'm using Sqlanywhere 10.0.1 build 4135. Thanks,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
11 | |
10 | |
10 | |
10 | |
8 | |
7 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.