This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
SOAP specifically does not say anything about persistence via sessions or any other mechanism so it is up to you, the programmer. The HttpSession mechanism gets activated before your SOAP service sees the request.
If your service is only going to be accessed by browsers implementing cookies, sure you can use sessions. Of course some potential users may have cookies turned off so that could be a problem.