Persisting an HTTP session across all SOAP calls

In circumstances when a SOAP client makes many calls in a short amount of time, you may want to re-use a single HTTP session for all SOAP calls.

Each SOAP call creates a new user session that persists until it expires. To create a single user session and re-use it for all inbound SOAP calls, develop your SOAP client following these guidelines:

  • Use a module like HTTP::Cookies to create a "cookie jar".
  • Save the cookies returned by ServiceNow after each request (handled automatically by HTTP::Cookies).
  • Re-send the cookies in the cookie jar with each subsequent request.
Note: If you have enabled the session rotation high security setting, it will immediately invalidate the JSESSIONID returned from the server with the first response header. The second response includes a new JSESSIONID.
In perl, you can automatically save and send cookies with the following code:
use HTTP::Cookies;

#we want to store and re-send cookies
my $cookies = HTTP::Cookies->new(ignore_discard => 1);

my $soap = SOAP::Lite
    -> proxy('http://localhost:8080/glide/ecc_queue.do?SOAP');

#Set the cookie jar
$soap->transport->cookie_jar($cookies);