B.5. Don't Use HTTP Cookies
Although ASP.NET lets you use sessions per Web method, you should think hard before you decide to do this. Using ASP.NET sessions relies on HTTP cookies (cookieless sessions do not work with Web services), which means you are tying your session handling to HTTP. That's fine for now, but long term I think this is a mistake. HTTP is not perfect and it forces many limitations on the Web services platform (for example, no callbacks). This means you should expect alternate transports to emerge with higher capabilities and lots of cool, useful features. If, in the future, you decide to expose the same Web service over another transport, (for example, Message Queuing), you have to figure out session management all over again. ...
Get Real World XML Web Services: For VB and VB .NET Developers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
