I was reading through an article on www.java.net on how to implement the state across multiple conversations with webservices.
My initial understanding was ws-addressing combined with ws-reliablemessaging provides a very good support of session management. Please correct me If I'm wrong here.
and certain annotations like @Stateful can be used along with StatefulWebServiceManager also support session management.
Now out of these various methods, the one presented in java.net seem to be very simple. But can some one guide me, which of the above options are actually correct and usable and if yes, any justification of each.
Also, apart from the above, are there any other ways of managing sessions. Also, I see that Ivan's notes which talks about the session management in chapter 4 (JAX-WS) resembles the one posted in the java.net article. Is this the widely adopted process ?
Managing state with a web service means that some data that should have been stored in the requests is stored on the web service side. Commonly, but not always, statefulness is used due to a design flaw.
When client A sends its first request to a stateful web service, the state is established and for every subsequent request from client A, the web service retains the state associated with client A.
Compare this to patients going to see the doctor. Statelessness is a patient going to see the doctor at a big hospital; the patient cannot choose which doctor to see, but sees a random doctor each time.
Statefulness is a patient going to see a specific doctor - the patient returns to the same clinic each visit and sees the same doctor.
I cannot see how WS-Addressing and WS-ReliableMessaging would be able to facilitate stateful web services.
Also, as far as I know, @Stateful is used to annotate a stateful session bean and in section 3.2.4 of the EJB 3.1 specification it says:
Stateless session beans and Singleton session beans may have web service clients.
Thus you cannot expose a stateful session beans as a web service.
Kumar Raja wrote:
Also, apart from the above, are there any other ways of managing sessions.
You could extract the HTTPSESSION in your webservice.
When you first call this method you'll receive a response with a "Set-Cookie" parameter in its header.
Copy this value, paste it in the "Cookie" header in your next request, and tataaaa ... counter is 2