This Blog Is Not Updated Any More.

Check out my new blog on Medium:

Topics: Identity and Access Management, Blockchain, Ethereum, Bitcoin, Security, PSD2, GDPR

Saturday, November 1, 2008

AXIS2 session management - Transport Session

This post takes you through transport session scope under Axis2 to session management.

It is highly recommended that you go through this article on Axis2 Session Management written by Deepal.

Here I will take a practical scenario used by WSAS - in it's admin services.

WSO2 WSAS is an enterprise ready Web services engine powered by Apache Axis2. It is a lightweight, high performing platform for Service Oriented Architectures, enabling business logic and applications. Bringing together a number of Apache Web services projects, WSO2 WSAS provides a secure, transactional and reliable runtime for deploying and managing Web services.

You can learn more about WSAS admin services from my previous post.

This post uses following two admin services as illustrated by the diagram.

Let me briefly show how IS_AUTHENTICATED property being set in the ServiceGroupContext, which can be accessed by all the services belong to the same service group.
ServiceGroupContext groupCtx =  MessageContext.getCurrentMessageContext().getServiceGroupContext();

Let's move to the client code - you need to login first and then access ServerAdmin.
final static String ADMIN_SERVICE = "https://localhost:9443/services/ServerAdmin";
final static String GLOBAL_SERVICE = "https://localhost:9443/services/GlobalAdmin";

public static void main(String[] args) throws Exception {
ConfigurationContext context = null;
OMElement response = null;
ServiceClient client = null;
boolean isLoggedIn = false;
String path = null;

path = System.getProperty("user.dir");

// You can copy wso2wsas.jks from [WSAS_HOME]\conf  
System.setProperty("", path + "/src/wso2wsas.jks");
System.setProperty("", "wso2wsas");

// You can copy axis2.xml from [AXIS2_HOME]\conf
context = ConfigurationContextFactory.createConfigurationContextFromFileSystem("repo","repo/conf/axis2.xml");
client = new ServiceClient(context, null);

client.setOptions(getOptions("urn:login", GLOBAL_SERVICE));
response = client.sendReceive(getPayload("admin", "admin"));
isLoggedIn = Boolean.parseBoolean(response.getFirstChildWithName(new QName("return")).getText());

if (isLoggedIn) {
client.setOptions(getOptions("urn:getServerVersion", ADMIN_SERVICE));
response = client.sendReceive(getPayload());
System.out.println("Server version: " + response.getFirstChildWithName(new QName("return")).getText());

private static Options getOptions(String operation, String epr) {
Options options = null;
options = new Options();
options.setTo(new EndpointReference(epr));
return options;

private static OMElement getPayload(String userName, String password) throws Exception {
String bodyXML = "<ns1:login  xmlns:ns1=\"http://org.apache.axis2/xsd\">\n" + "<arg0>"
+ userName + "</arg0>\n" + "<arg1>" + password + "</arg1>\n" 
+ "</ns1:login>\n";
return AXIOMUtil.stringToOM(bodyXML);

private static OMElement getPayload() throws Exception {
String bodyXML = "<ns1:getServerVersion  xmlns:ns1=\"http://org.apache.axis2/xsd\"></ns1:getServerVersion>";
return AXIOMUtil.stringToOM(bodyXML);
You can find more details on Transport session handling from here.