Session Handling
TIBCO MDM web services allow the SOAP client (web client) to maintain a session between web service calls, so the client need not provide the user credentials in subsequent requests called.
The following table illustrates various scenarios involved in a web service session management behavior in TIBCO MDM.
Note: The
UserInfo section is mandatory for TIBCO MDM Cloud. The username and password in the web services is not used for authentication, however, a dummy username and password must be provided. This username and password is ignored and only the enterprise name is passed in user info. The Enterprise name is mandatory in the user info section which is the Project Name.
WS request launched within running TIBCO MDM | URL Writing | Cookie enable | User Information Provided | Session exists | Description |
---|---|---|---|---|---|
Y | N | Y | Y | Y (Existing session is used, that is, the one created by the TIBCO MDM UI) | The "userInfo" section uses a dummy user name and password. However, the enterprise name is mandatory. |
Y | N | Y | N | Y (Existing session is used, that is, the one created by the TIBCO MDM UI) | No new session is created. The existing session is used. |
Y | Y | N | N | Y (Existing session is used, that is, the one created by the TIBCO MDM UI) |
No new session is created, but the web service session ID needs to be passed to the GI based web service client which appends the jsessionid=<> to the endpoint URL. No new session is created.Note: Currently, the passing of sessionId to GI Application is not supported. |
N (Launched in a different browser window) | N | Y | N | Y (Existing session is used, that is, the one created by the TIBCO MDM UI) | No new session is created; existing session is used.
Note: The login service should be invoked first. |
N (Launched in a different browser window) | N | Y | Y | Y (Existing session created using the Login service is used) | The "userInfo" section uses a dummy user name and password. However, the enterprise name is mandatory. |
N (Launched in a different browser window) | Y | N | N | Y (Existing session created using the Login service is used) | No new session is created, but as cookies are not enabled jsessionid=<> needs to be appended to the endpoint URL. |
N (Launched in a different browser window) | Y | N | N | N | Throws an exception stating user does not exists. |
N (Launched in a different browser window) | Y | N | Y | N | The invocation is stateless, that is, no new session is created if any service apart from Login service is invoked, even if the session does not exists. |
Copyright © Cloud Software Group, Inc. All rights reserved.