So, I'm communicating with the server using THttpClient of Thrift. The server is already sending the set-cookie header, but I was not sure on how to extract that from the response (in client side), and send back that cookie as the header of the subsequent requests..
Thanks.
Related
So I am deploying a web service developed using gsoap using mod_gsoap. I wanted to set SOAP_IO_KEEPALIVE and SOAP_IO_CHUNK modes of the soap context object to accept chunked requests. How do I achieve this?
Or is there any other way to accept chunked requests? Right now the server responds as soon as it receives the first chunk without waiting for the rest.
The documentation says:
Warning
Do not use any of the SOAP_IO flags to initialize or set the
context, such as SOAP_IO_KEEPALIVE and SOAP_IO_CHUNK.
The Apache server controls the connection settings and HTTP payload parameters to send and receive HTTP requests. Data is received with ap_get_client_block, which de-chunks the content when chunked.
I read many articles cookies are passed over HTTPS connection is encrypted.
I checked with my application, its having SSL connection, but i can read cookie information from request headers. Is anything done for cookie encryption in HTTPS connection?
HTTPS encrypts the entire session, headers included.
But notice that SSL (TLS in fact) works over the Transport Layer. If you are reading the cookies from the Application Layer (for example using javascript or a java servlet to get the HTTP request) the content will be already unencrypted.
See Does SSL also encrypt cookies?
Have a Web application which connects to a jax-ws service. Want to send security credentials in the header. But.. I know that there are two types of headers:
1) soap header, which I can set with handler in client side
2) http header in transport layer
Can anybody explain pros and cons of setting additional information in each of these headers? What is the best practice?
SOAP headers and HTTP headers are not the same.
The SOAP headers contain routing information, authentication information and so on. It independent of the transport that SOAP uses. If you send the data to the web service then you should place it inside the SOAP headers.
SOAP message passed to the receiver.
HTTP headers contain the content type, the content length, the cache directives for clients, cookies and so on. It independent of the what actually transmitted with HTTP. HTTP headers is intercepted in the web server.
See Also:
XML Soap
SOAP Headers
Message Headers
We have a server process that replies to HTTP POST only.
The framework that I use, gsoap, provides an HTTP GET plugin.
I would like to ask what is the purpose of http GET in soap. What are the benefits?
Could you please share your experience, if any?
It represents different message exchange pattern. When you send POST you are issuing SOAP request and receiving SOAP response - that is called request-response message exchange pattern. When using GET you are calling "resource" by URI and including Accept HTTP header to request SOAP response - that is called response message exchange pattern.
These two patterns are used with HTTP binding defined in SOAP 1.2 (not every API supports this binding). Each message exchange pattern has its own purpose:
Response message exchange pattern is only for data retrieval. It should never change any data on the server.
Request/response message exchange pattern is for both retrieval and data modification on the server.
The benefit of HTTP GET can be anything related to differences between GET request and POST request. For example responses to HTTP GET requests can be cached on HTTP proxies.
I am trying to send a SOAP request over HTTP for a web service through the following channels:
Telnet (HP-UX)
C client that opens a socket, writes XML and reads reasponse(HP-UX)
Perl client that does the same thing as the C client above(HP-UX)
Through SOAP UI application (http://www.soapui.org/)(Windows Machine)
While SOAP UI gets a response in about 100ms seconds or so; the rest of the channels get the same response but very slow.
I am wondering what might be the problem. If anybody has any idea about this please let me know.
Possibly the connection stays open per default for subsequent requests (not uncommon for webservers which expect you to request all kinds of javascript files, images, css files directly afterwards). You might want to try to send the Connection: close header.
Check the protocol , may be you are using HTTP1.0 not HTTP1.1