Skip Headers
Oracle® Discussions Application Developer's Guide
10g Release 1(10.1.2)
  Go To Table Of Contents
Go To Index


5 Understanding the Authentication Service

The Authentication Service interface provides methods related to user login and logout. The login() method should be invoked before invoking any other Web Service operations. The logout() method is to be invoked after the user finishes with the Web Service operations.

This chapter addresses User Login and Logout.

User Login and Logout

The following is an example for logging in:

Example 5-1 Logging in

import java.util.Date;import*;import java.util.*;import javax.mail.*;import javax.mail.internet.*;import org.apache.axis.transport.http.HTTPConstants;import;import*;import;import;import;

public class WSClient
  private static AuthenticationService as = null;  
  public static String getCookie() throws Exception
      //STEP - 0: User Login
      //Create the service locator for authentication service. The locator
      //contains information about
      //the webservices endpoint.
       AuthenticationServiceServiceLocator assl = new
      //Get the handle to the actual webservices interface.
       as = assl.getAuthenticationService();
      //Indicate to the server that the client is interested in maintaining
      //HTTP is stateless and the user state is maintained in the session.
      //Unless the user is willing to participate in a session, user state cannot
      //be preserved.
            //Invoke the actual login webservices call.
            //Retrieve the cookie. The cookie is set on successful authentication.
             String cookie = (String)((AuthenticationServiceSoapBindingStub)as)
             System.out.println("Cookie : " + cookie);
             return cookie;

         public static void main(String args[])
            //STEP - 0: User Login
             String cookie = getCookie();    
            //STEP - 1: Invoke web service related operations.
            //STEP - 2: User Logout
        catch(TdWSException ex)
          System.out.println("Error Code :" + ex.getErrorCode());
          System.out.println("Error Message :" + ex.getErrorMessage());
          String[] trace = ex.getServerStackTrace();
          if(trace != null)
             for(int i = 0 ; i < trace.length ; i++)
                 System.out.println("trace[" + i + "]" + trace[i]);
       catch(Exception ex)       {         System.out.println("Never went into tdex :" + ex.getMessage());           ex.printStackTrace();       }     }     public static void logout() throws Exception     {       System.out.println("User logout.");       //Once all the webservices operations are done, invoke logout       //operation.       //On logout, user state is destroyed and the cookie is invalidated.       as.logout();       System.out.println("Done");     }}


tFor all the examples mentioned in this guide, the package structure need not be The package structure will be same as the package-to-namespace-mapping provided during the WSDL2Java invocation or the package structure in which the compiled artifacts are present.

The login() method authenticates the user to be a valid Oracle Internet Directory user and if the authentication is successful, a cookie is returned to the user. The same cookie is to be passed between the user (client) and server for all Web Service invocations, until the user logs out.


User nickname and password are to be supplied in plain text.


Without setting the cookie and indicating the server to maintain the session, the user will not be able to invoke any operation despite logging in successfully.

The logout() method invalidates the user session. It is invoked after the user completes Web Services method invocations. Once logged out, the user will not be able to invoke any Web Service until the user logs in again. The cookie created during login is destroyed.