Loading ...
Sorry, an error occurred while loading the content.

question about cookie behavior

Expand Messages
  • Alan D. Salewski
    Hello All, I have been experimenting with a SOAP::Lite client to a web service implemented using Apache SOAP. The service sets a cookie on the response to an
    Message 1 of 2 , Apr 25, 2003
    • 0 Attachment
      Hello All,

      I have been experimenting with a SOAP::Lite client to a web service
      implemented using Apache SOAP. The service sets a cookie on the response
      to an initial 'login()' function, and I'd like the client to send that
      cookie back to the server with successive requests.

      I've read through some previous posts to this list, the online
      SOAP::Lite user's guide, and the cookie-related pod for both SOAP::Lite
      and SOAP::Transport::HTTP. The way I read the documentation, providing a
      reference to an HTTP::Cookies object in the proxy() call should be
      enough to cause the SOAP::Lite implementation to handle the rest:

      $soap->proxy('http://localhost/',
      cookie_jar => HTTP::Cookies->new(ignore_discard => 1));

      However, my tests indicate that the cookie is not being sent
      automatically. The test script below makes two SOAP calls, and I would
      expect that the second call would automatically send the cookie returned
      in the first call; it is not (as revealed in the SOAP::Lite trace of the
      conversation).

      When I turn on verbose debugging for the underlying LWP stuff with
      use LWP::Debug qw(+);
      I see messages about the cookie matching (which seems right), but the
      cookie is not actually sent to the server. Here is an abridged version
      of what I see in the that output:

      HTTP::Cookies::add_cookie_header: - checking cookie JSESSIONID=eb0688...
      HTTP::Cookies::add_cookie_header: it's a match

      Am I misreading the documentation? Is there something else that I need
      to do in order to have the cookie sent? Any help would be much
      appreciated.

      Thanks,
      -Al

      ----------------------------8<-----------------------------
      #! /usr/bin/perl -w

      use strict;

      use HTTP::Cookies;
      use SOAP::Lite;

      use constant WT_SOAP_ENDPOINT => 'http://someh.somed.com/foo/bar';
      use constant WT_SOAP_URI => "urn:myinterface";
      use constant WT_SOAP_NS => "http://foo.bar.com/interface.xsd";

      use vars qw/$res/;

      SOAP::Trace->import(debug => sub {print @_ });

      my $soap = SOAP::Lite
      ->uri(WT_SOAP_URI)
      ->proxy(WT_SOAP_ENDPOINT,
      'cookie_jar' => HTTP::Cookies->new('ignore_discard' => 1))
      ->xmlschema(2001)
      ->readable(1);

      $res = $soap->login(SOAP::Data->name('param0')
      ->attr( { "xsi:type" => "ns2:urn:myinterface",
      "xmlns:ns2"=> WT_SOAP_NS
      }
      )
      ->value( [
      SOAP::Data->name('password')
      ->type('string')
      ->value('thepasswd'),
      SOAP::Data->name('loginID')
      ->type('string')
      ->value('testid'),
      SOAP::Data->name('firmID')
      ->type('long')
      ->value(1234)
      ]
      )
      );
      unless ($res->fault) {
      printf STDERR "response: %s\n", $res->result();
      } else {
      printf STDERR "ERROR: %s\n", (join ', ', $res->faultcode,
      $res->faultstring);
      }

      ### This is where I would expect the cookie to be automatically sent
      $res = $soap->submitNewSearchOrder("foo");
      unless ($res->fault) {
      printf STDERR "response: %s\n", $res->result();
      } else {
      printf STDERR "ERROR: %s\n", (join ', ', $res->faultcode,
      $res->faultstring);
      }
      ----------------------------8<-----------------------------

      --
      a l a n d. s a l e w s k i salewski@...
      --------------------------------------------------------------------
      We have introduced an extraordinarily robust run-time framework.
      --------------------------------------------------------------------
      Generated from WWW Marketing Phrase gizmo: www.lyra.org/phrase.cgi
    • Alan D. Salewski
      [Replying to my own post] On Fri, Apr 25, 2003 at 08:50:57AM -0400, Alan D. Salewski spake thus: *snip* ... *snip* Evidently I did not read through enough of
      Message 2 of 2 , Apr 26, 2003
      • 0 Attachment
        [Replying to my own post]

        On Fri, Apr 25, 2003 at 08:50:57AM -0400, Alan D. Salewski spake thus:
        *snip*
        > I've read through some previous posts to this list, the online
        *snip*

        Evidently I did not read through enough of them, though. The piece of
        information I needed was posted by Paul in a reply to another post way
        back in Nov. 2002 [0]


        > and SOAP::Transport::HTTP. The way I read the documentation, providing a
        > reference to an HTTP::Cookies object in the proxy() call should be
        > enough to cause the SOAP::Lite implementation to handle the rest:
        >
        > $soap->proxy('http://localhost/',
        > cookie_jar => HTTP::Cookies->new(ignore_discard => 1));
        *snip*

        The above does in fact work just as it is documented. I misinterpretted
        the debugging data I was looking at.

        My eureka moment occurred when I read the following in [0]:

        <quote author="Paul Kulchenko">
        The trace data shows the information from Request object, and the auth
        headers will be added by LWP::UserAgent right before the request is made
        (you should be able to see it in LWP debug).
        </quote>

        The HTTP headers sent to the server are still subject to further munging
        by the underlying LWP mojo /after/ the SOAP::Lite trace is printed; the
        headers as dumped by the SOAP::Lite trace are not necessarily the
        complete set of headers that are sent to server.

        Because I did not see the cookie being set in the soap trace output, I
        thought there was a disconnect between the documentation and what I was
        seeing. It turns out that the disconnect was between my ears ;-)

        In my particular test case, what this means is that I should not expect
        to see the session cookie in the headers sent to the server in the
        SOAP::Lite trace because the cookies are handled by the underlying LWP
        implementation.

        Running my test through a tunnel[1] verified that the cookie was, in
        fact, being sent back to the server.

        -Al

        [0] http://groups.yahoo.com/group/soaplite/message/2108
        [1] org.apache.soap.util.net.TcpTunnelGui

        --
        a l a n d. s a l e w s k i salewski@...
        --------------------------------------------------------------------
        We have announced an infinitely versatile downloadable solution.
        --------------------------------------------------------------------
        Generated from WWW Marketing Phrase gizmo: www.lyra.org/phrase.cgi
      Your message has been successfully submitted and would be delivered to recipients shortly.