Paul Downey: If the reason you’re using WS-* is interoperability with tools, then it could be time to rethink that new legacy you’re building.
Even this doesn’t tell the whole story.
Paul Downey: If the reason you’re using WS-* is interoperability with tools, then it could be time to rethink that new legacy you’re building.
Even this doesn’t tell the whole story.
From the documentation:
Use WSDL to construct your SOAP client. Even though a service endpoint URL is indicated in the WSDL, you must provide a location URL to your SOAP toolkit. This is necessary to transmit the application ID and the WSSID. In addition, you must set the cookie header containing the cookie that was returned with the WSSID when you credentialed the user in the previous step.
Cookies aren’t transport level independent. Heck, they are controversial even in HTTP. Do the developers of the Yahoo! Mail Web Service APIs care that they are making choices that may make it difficult to “port” this to a different transport layer than HTTP? I guess not. If I were in their shoes, I doubt I would either.
Looking at the Java example, we find the following comment:
Axis2 requires you to jump through some hoops to set a cookie on the SOAP proxy.
Can this same service be implemented using the JAX-WS (nee JAX-RPC) reference implementation? Would such an implementation, if indeed it were possible, be portable?
In not completely unrelated news, O’Reilly has issued a mascot for the RESTful Web Services book that I have been contributing to.
Update: Dims links to an Axis-specific interface that Yahoo!’s example could have used.
See [link]
stub._getServiceClient().getOptions().setProperty(org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING, "myCookieString");
— dims
Sam, it’s true...cookies aren’t transport independent. We have a traffic router (mail.yahooapis.com) that needs to route traffic based on where the user account is physically located. So having the credentials in the SOAP envelope would really slow down that routing process. Having them in the cookies means the router can get at them pretty quickly.
Hopefully that explains what’s going on. We are looking into how we can efficiently handle credentials inside of the envelope at the traffic router level. Until then, users will have to add some extra parameters to the endpoint URL and some cookies to the stub.
Ryan Kennedy
Yahoo! Mail Web Service
dims, I swear I tried that when I was writing up the sample Java code and it didn’t work. I’ll have to give it a try again.
Ryan Kennedy
Yahoo! Mail Web Service