Login and session cookie management

Each CRUD service and CommonServicesWcf has

  • Login
  • Logout
  • IsLoggedIn

methods. But since WCF services using basic http protocol are stateless the next method called after Login will return error message "Session is null. Login missing?".

To have a possibility of sustaining session cookies between subsequent calls into the services we can use two approaches:

  1. Configure the service to use cookie transmission between server and client. In app.config file we need to add the attribute allowCookies="true" attribute in binding section.
    <bindings>
   <basicHttpBinding>
      <binding name="BasicHttpBinding_ICompaniesWebService" allowCookies="true"/>
   </basicHttpBinding>
</bindings>
  2. Use WCF service’s behavior extension infrastructure to intercept cookies returned by server and pass them between each service client configured to use that extension.
    Note: This mechanism is equivalent of passing CookieContainer instances between Common Services and other services in update.seven webservices.

    An example of the implementation of such behavior extension is located in the CookieManagerLib project and it's usage is illustrated in the Custom Query sample project.

    Note: You have to remove the allowCookies attribute or set it to false otherwise behavior extension won’t be able to intercept cookies.