I'm trying to establish a 'session' with a mailing house's web services...

First step is to get a security token -- which I've got working great thanks to Ivan OpenXML syntax question.

But, apparently I have to pass both the security token, and the session ID, which comes in the form of a cookie, back on subsequent requests to other methods on the same server.

There is lots of documentation on setting cookies when creating web services, but I cant find how to read a cookie, so that I can pass the session it back to the server on subsequent requests in a HEADER clause. OR does the SQLA web client just do this automatically, like a web browser does?

Here is my code... and the code commented out doesn't work (syntax near BEGIN). Code was lifted from NEXT_HTTP_RESPONSE_HEADER documentation

create function "rhiner"."doAuthenticate"( in in0 long varchar,in in1 long varchar ) 
returns long varchar

url 'http://somebody.com:3080/services/SecurityService' 
type 'soap:doc' 
namespace 'http://ws.defgh.com'
  declare header_name long varchar;
  declare header_value long varchar;
  set header_name = NULL;
    SET header_name = NEXT_HTTP_RESPONSE_HEADER( header_name );
    IF header_name IS NULL THEN 
     LEAVE header_loop
    END IF;
    SET header_value = HTTP_RESPONSE_HEADER( header_name );
    MESSAGE 'RESPONSE HEADER: ', header_name, '=', header_value TO CONSOLE;
  END LOOP; */

I tried the same LOOP code in the procedure that calls this one, and while the code runs, it produces no result, indicating to me that the calling procedure doesn't have access to the headers -- I need to get them from within this function.

So, that's my question... how do I get the cookie and send it back?

I'm running on SQLA

asked 29 Apr '11, 11:06

Ron%20Hiner's gravatar image

Ron Hiner
accept rate: 9%

edited 29 Apr '11, 11:19

Mark%20Culp's gravatar image

Mark Culp

First, if you are defining a procedure that does a HTTP SOAP call to another HTTP server then you cannot define a body, hence why you are getting an error at "BEGIN".

To pass a cookie back to the other HTTP server you must define a "COOKIE" header in the out-going HTTP request. To do this you use the HEADER clause in your create procedure (or function) declaration. Example:

CREATE PROCEDURE foo ( in cookieval long varchar, ...other-parameters )
URL '...some-url...'
HEADER '!cookieval'

Then pass in the header string that will set the cookie value. E.g.

call foo( 'Cookie: sessionid=some-value', ... );

The actual value that you set (in above example: "sessionid=some-value") will be dependent on the cookie value that you got back from the server when you made the call.

See the documentation of create procedure statement for web services in the 12.0.1 docs.

There is also an example in your SQL Anywhere installation called "soapsession.sql" that illustrates how to do this (and I have attached it for your viewing pleasure :-)

If you need to extract the cookie from the HTTP headers from your first request to the server then you need to define your routine as a procedure (not a function) and extract the SET-COOKIE header from the result set returned from the procedure.

Example: Here is a procedure that does a generic web request call (some code extracted out of one of my apps):

create procedure spx_web_get(
            in url    long varchar,
            in header long varchar default null )
    url '!url'
    type 'HTTP:GET'
    header '!header';

And here is a snippet of code that can be used to get the cookie from the headers:

... @url and @header need to be defined before getting here ...
    declare local temporary table web_results(
        attribute long varchar,
        value     long varchar

      into web_results
    select *
      from "{owner}".spx_web_get( @url, @header )
      with ( attribute long varchar, value long varchar );

    select attribute
      into @cookie
      from web_results
     where lower(value) = 'set-cookie';

    ... note: the body of the web response is in the row with attribute = "body"
permanent link

answered 29 Apr '11, 11:31

Mark%20Culp's gravatar image

Mark Culp
accept rate: 41%

edited 29 Apr '11, 17:04

Thanks Mark... I understand how to pass the cookie value to the server... What I'm missing is how to receive the cookie in the first place. It's not coming back in the XML packet, its coming back in the HTTP header.

The method I'm calling wants a handful of paramtners... and my understanding is that the parameter names of the function/produdure are mapped to the paramenter names of the web service... therefore If create a parameter called cookieval, won't the remote server have a problem? Or does the HEADER clause strip that one from the parameter bindings?

(29 Apr '11, 16:17) Ron Hiner
Replies hidden

Any parameter that is consumed by the server as part of expand the '!var' options do not get send as parameters in the call to the remote service.

If the cookie is sent to the client as an HTTP header then you must define the web client routine as a procedure (and not a function), and then extract the header information from the result set that is returned from the procedure. I have revised my answer to include an example.

(29 Apr '11, 16:53) Mark Culp

I had the same question as above. When i try this example, it sort of works, but the cookie is only the last pair of cookies in the response. Here's the cookie info it shows in the query result (attribute,value): 'Set-Cookie','BIGServer-8080=123432138.36895.0000; path=/'

But in Mozilla I can inspect the cookie that gets returned, and it has 11 sets of cookies in the Cookie result. (eg, something like this. values have been changed, shortened to protect privacy): LogoURL=www.blah.com; BlahTicket=12341341234123%7C41ee026bc0000000%7C41df3c04d7800000%7C; BlahUser=blaha%7C41ee026bc0000000%7C41df3c04d7800000%7C; BIGServer-8080=123432138.36895.0000;

How can I get all the other cookie pairs? I'm using Sqlanywhere 10.0.1 build 4135. Thanks,

permanent link

answered 21 Oct '11, 20:04

mxmoss's gravatar image

accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 29 Apr '11, 11:06

question was seen: 4,831 times

last updated: 21 Oct '11, 20:04