tags:

views:

29

answers:

3
Q: 

How can I share one session between several wcf's clients?

I have several web services. One of this services is used for retrieve a session id (authentication). I pass this id when call other services through SessionInfo. I want to use WCF instead of classic web methods. How can I share one session between several wcf's clients?

A: 

As marc_s says you cannot share the session.

But what you can do is to pass the session id as a parameter in your WCF calls, so that you know on whos behalf the call is being made.

Make sure that you use encryption on these calls.

Shiraz Bhaiji  2010-09-30 13:07:27
+2  A: 

It is not clear what do you mean by session. WCF supports four types of sessions:

  • Transport session - for transport protocol which maintains session between server and client. For example: Net.Tcp, Net.Pipe
  • Reliable session - support for reliable in order delivery over unreliable channel if both client and server are running
  • Security session - client has to be authenticated only for the first call, subsequent calls are authenticated by session token. This session is also called security context.
  • Application session - this has a meaning for IsInitiating and IsTerminating parameters of operation contract and PerSession instancing. This session can be used only if any of preceding sessions is used as well = it can't be used in BasicHttpBinding because it doesn't support transport, reliable and security session.

All these sessions are related to communication between single client proxy and single service instance. Nothing else is provided out of the box. Moreover there is no special "session" object.

So what exactly are you trying to achieve? Are you going to replace ASMX services wich are using ASP.NET session? In that case check this sample.

Edit:

The idea about receiving single Id from the first service and reusing this Id on subsequent calls to multiple services should be called corelation (one big activity/transaction) or federation (security related) not session.

Ladislav Mrnka  2010-09-30 13:11:30
A: 

The recommanded way to that is by manually maintaining session state between calls. You generate session IDs the way you want and load/persist session information into a database on every call using your own logic.

By doing that, you will support sessions in a way that will enable:

  • Load balancing
  • Session sharing
  • Fail over
Johann Blais  2010-10-01 07:29:03

related questions

Displaying Version Information in a Web Service
Example Web Service
SoapException: Root element is missing occurs when .NET web service called from Flex
Best practice for webservices
What is your preferred method of sending complex data over a web service?
.Net - Returning DataTables in WCF
Is it possible to return objects from a WebService?
How much extra overhead is generated when sending a file over a web service as a byte array?
Returning Large Results Via a Webservice
File Uploads via Web Services
best way to persist data in .NET Web Service
What is the difference between an endpoint, a service, and a port when working with webservices?
Calling REST web services from a classic asp page
Best way to write a RESTful service "client" in .Net?
Where can I find some good WS-Security introductions and tutorials?
ASP.NET Web Service Results, Proxy Classes and Type Conversion
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
Document or RPC based web services
How to easily consume a web service from PHP
Timer-based event triggers
How to pass enumerated values to a web service
Homegrown consumption of web services
How do I print an HTML document from a web service?
How do I fill a DataSet or a DataTable from a LINQ query resultset ?