[SOLVED] Lost SESSIONID on SOAP Interface

[CAJAX]

Hello!
We had ZCS5 installation and php webpage worked trough SOAP interface with zimbraAdmin class (ftp://ftp.rongage.org/pub/zimbraAdmin/).
Now, after moving to ZCS6 i decided to extended functionlity and noticed that code doesn't work. Works nothing but Auth request.
Digging trough code i found that there is no SESSIONID in auth response.

PHP Code:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header>
<context xmlns="urn:zimbra">
<change token="11189"/>
</context>
</soap:Header>
<soap:Body>
<AuthResponse xmlns="urn:zimbraAdmin">
<authToken>0_*REMOVEDBYME*</authToken><lifetime>43200000</lifetime>
<a n="zimbraIsDomainAdminAccount">false</a>
</AuthResponse>
</soap:Body>
</soap:Envelope> 


So, as you can see there is only authtoken and lifetime.
As i understand all requests rely on sessionid and not working without it.

So where to digg and what to do to make it work ?

[CAJAX]

Does any body knows how to solve it or it is just bug on my server?

[ArcaneMagus]

Please see this thread: Authentication Response does not contain SessionId. Why?

Also in the future try posting in the appropriate sub-forum as not many admins would be able to answer your question, whereas somebody who develops with Zimbra would know the answer.

[CAJAX]

Oops. didn't noticed before.
Thank You!

[techcrammer]

After reading this post I added to the "<session/>" tag to the set_zimbra_header function. This is the way I made the mod in the else clause... (notice to take out the "/" or it will close your <context> tag before getting the <session/>.

//$this->soapheader .= '/>
$this->soapheader .= '>
<session/>
</context>';
$this->soapheader .= '

I then saw the SessionID in the raw data, though was not getting set in the PHP variables. I finally found that you also have to change the zimbra_login function to look for SESSION and not SessionID

$this->zimbra_session = $x['SESSION']['DATA'];
//$this->zimbra_session = $x['SESSIONID']['DATA'];

Probably very simple to most, though it got me for a couple hours so I thought I would share in case it saves anyone else some time.

[CAJAX]

Yes, it helped!

Here i found subject on bug tracker: Bug 19400

Quote:

Currently the server will automatically generate a new session & notification
buffer anytime it gets a SOAP request that doesn't have a valid session ID in it
(unless that request has <nonotify> or <nosession>).

This is causing us trouble -- there are a ton of internal and 3rd party
integration apps that make a few soap calls, and basically none of them care
about having a session of having notifications.

Lets change the server (and all affected clients) to require an explicit-request
to create a session. The client impact should actually be pretty small, since
only those clients that really do need notifications (Web Client, ZClient...and
maybe one or two others) will need to be updated.

Quote:

SOAP requests no longer spawn a session by default. The client must
explicitly include a <session> (*not* <sessionId>) element in the
request to cause notification to occur. If the client already has
an active session, they include <session id="...."/>; if they have
no session but want to start one, they just include <session/>.

This change should make the server, AJAX client, and HTML client
work. The toasters and anything else that relies on sessions to
operate require updating.

Does moderators can move my topic to appropriate forum, please?