Welcome to MSDN Blogs Sign in | Join | Help

adarsh's blog

Adarsh Khare works at Microsoft. Everything here, though, is his personal opinion and is not read or approved by Microsoft before it is posted. No warranties or other guarantees will be offered as to the quality of the opinions or anything else offered here.
Establishing cookie based session with WebServices and HttpWebRequest

Create cookie based session with HttpWebRequest

One common requirement for Http based application to maintain the session state within the application, if your http based application is using the System.Net.HttpWebRequest class, then you could use Cookiecontainer property to send and recieved the cookies. Important thing to note that you should create a single CookieContainer instance and use it across all applications

Following example code snippet shows the sending and recieving the cookies from client application.

CookieContainer myContainer = new CookieContainer();

// following line will add a cookie in container, which would be for all urls on the domain myDomainstr

myContainer.Add(new Cookie("name","value","/",myDomainstr));

HttpWebRequest request1 = (HttpWebRequest) WebRequest.Create(httpUrlString);

request1.CookieContainer = myContainer; // use this same container for all requests in your app

HttpWebResponse response = (HttpWebResponse) request.GetResponse(); //you can check cookies on response.Cookies

..........

...........

HttpWebRequest request2 = (HttpWebRequest) WebRequest.Create(httpUrlString2);

request2.CookieContainer = myContainer; //all relevant cookies recieved on request1 would be automatically included in request because of same Cookiecontainer instnce.

HttpWebResponse response = (HttpWebResponse) request.GetResponse();

Create cookie based session with WebServices

If application want to use WebServices with cookie based session variables to execute service (ex. UserId of current ASP.Net session). This could be done via using the CookieContainer class and no need to add extra parameter inside the webservice call.

Following code demonstrate the setting of userID on the webservice from client side, In this example adarshk_srv.RunSoap is the WebService proxy object on client side

adarshk_srv.RunSoap RunService = new adarshk_srv.RunSoap();

RunService.CookieContainer = new System.Net.CookieContainer ();

RunService.CookieContainer.Add (new Uri(RunService.Url),new Cookie ("userName",ā€¯adarshk"););); 

On the server side WebService implementor could access the cookies send by the client from the HttpContext as shown below

if(Context.Request.Cookies != null && context.Request.Cookies["userName"] == "adarshk")

{

// access data specific to adarshk

}

else

{

// return the general data

}
  

This posting is provided "AS IS" with no warranties, and confers no rights
Posted: Tuesday, August 24, 2004 4:18 PM by adarshk

Comments

aaron said:

good info but a complete example would help me better, there are some unanswered questions that i have.  should i send the cookie back to the server?  i see that the cookie is being stored but how does the server know that?  what is the servers interaction with the stored cookie.  server sends cookie to client and does nothing with it after that?
# August 8, 2006 3:26 PM

tverskoy said:

Good tip, Adarsh, thanks. It helps.

I am looking for a simple solution how can a client get cookies if the web service provides cookies only if "login" web method calling?

Direct hhtp-request/response to the server does not have cookies. Web method Login(..) works OK without cookies, but other methods do not work without cookies.

To call other methods on the web service I have to call login method first, then parse the header, then create the new CookieContainer  with the parsed values, and then call the other methods - that works ok.

My questions: is there another simple way to provide cookies to the web service in this situation?

# August 22, 2007 10:14 AM

Andreas said:

I have the following problem: I am creating web services using sessions with the cookie container. But now the problem; We have at least 3 servers. How can I find out or make sure that the following calls via web service find the server where I have my session??

# April 25, 2008 6:50 AM

Ozan BAYRAM said:

Andreas , you can use state server or store your session on the sql server

# July 25, 2008 10:41 AM

vinodperoor said:

thank you adarsh

this blog helped me a lot

i searched ,more than 2 days, to find it almost all sites having a a string like HttpWebRequest. but i didnt find anywhere that describes how can a client application keep session when using HttpWebRequest.

Thank you thank you very much

# August 12, 2008 3:33 AM
Leave a Comment

(required) 

(required) 

(optional)

(required) 

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Page view tracker