我正在使用Yii构建一个SOAP Web服务,并试图通过会话ID管理身份验证,但它在每次请求时都会不断更改
这是我写的代码:
class MessagingController extends CController {
public function login($username, $password) {
$user = User::model()->find('username=:username AND password=:password', array(':username' => $username, ':password' => $password));
if($user) {
$session = new Session();
$session->id = Yii::app()->session->sessionID;
$session->user = $user->id;
$session->start = date('Y-m-d H:i:s', time());
$session->duration = $this->sessionDuration; //Session duration is 1hr.`
return $session->save() ?
$this->generateResponse(0, 'Session initiated successfully.', array('SessionId' => $session->id, 'Timestamp' => $session->start, 'Duration' => $session->duration)) : generateResponse(-1, 'Server error. #S', null);
}
return $this->generateResponse(-1, 'Unknown User. #UU', null);
}
}
配置文件:
"session"=>数组("autoStart"=>true,'超时'=>1440,'cookieMode'=>'allow',),
我认为您必须在SoapServer中指定会话应该是持久的。
http://php.net/manual/en/soapserver.setpersistence.php
由于soap请求是无状态的,每个请求都没有cookie,因此PHP在启动新会话时默认会创建新的cookie。如果您想在SoapServer端跨多个客户端请求使用相同的会话,则应该设置两件事:
-
首先确保始终从请求服务器(通过SoapClient)发送相同的会话cookie。这是由__setCookie()完成的:
$soapClient->__setCookie('PPESSID',$_COOKIE['PPESSID']);
-
秒-如上所述-设置soapserver持久性:
$soapServer->setPersistence(SOAP_PERSISTENCE_SESSION);