Home/Support/Support Forum/Reusing HTTP Session
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Reusing HTTP Session

0 votes
I am trying to reuse the JSESSIONID from the header of the response in order to reuse the HTTP session. However, everytime I do that I get the following:


(401, 'Unauthorized')
HTTP Status 401 - Full authentication is required to access this resource

my request was a GET for /ws/sci

any idea how to solve this?
asked Oct 8, 2012 in Device Manager by byrsa New to the Community (5 points)

Please log in or register to answer this question.

5 Answers

0 votes
I think you need to supply the authentication headers for each request. Not just the first one.
answered Oct 8, 2012 by mcarver Community Contributor (108 points)
0 votes
You need more than just the JSESSIONID value from the set-cookie header if you want to maintain your session without re-authenticating. The easiest would be to take all of the values sent down in the Set-Cookie header and return them in your Cookie header.

Chris
answered Oct 8, 2012 by cpopp Seasoned Professional (151 points)
0 votes
hi cpopp,

do you have a code example on what you have explained?
answered Oct 9, 2012 by byrsa New to the Community (5 points)
0 votes
I don't have a clean example, but I did code a small rough snippet to try it to make sure it worked before responding earlier. I attached it, but mainly for the purposes of showing how I grabbed the cookies and included them in a subsequent request.

I just saved any entries that showed up in the "Set-Cookie" header, making sure to handle multiple entries, and then included them in the "Cookie" header in subsequent requests. The code would need to be a bit more robust to handle different scenarios though...for example, if your session times out you might need to handle that situation and provide your credentials to create a new session.

Alternatively, you could provide your credentials along with the cookies with each request. The credentials would be ignored unless the session is invalid, and then a new session with be created without a 401 being returned. (In this case, you would be given a new session in the Set-Cookie header).

Chris
answered Oct 9, 2012 by cpopp Seasoned Professional (151 points)
0 votes
Quote:
I am trying to reuse the JSESSIONID from the header of the response in order to reuse the HTTP session. However, everytime I do that I get the following:


(401, 'Unauthorized')
HTTP Status 401 - Full authentication is required to access this resource

my request was a GET for /ws/sci

any idea how to solve this?
I also had this same problem. These post helps me so much.
answered Oct 12, 2012 by AlfredButler New to the Community (1 point)
...