Sending multiple Web service queries (within the same HTTP session)

The architecture of the payment gateway is based on a set of servers with load balancing.

To ensure continuity of the process, each query associated with the same payment within a very short period of time should be made within the same HTTP session.

To do this, a session is created on the server side for each query. The session ID is returned in the HTTP header of the response. It must be returned within the following queries so that the query is processed by the same server and your request will not be rejected since the transaction would not yet be available on other servers.

Example of an application:

You would like to create a payment that should be captured in 30 days via manual validation mode.

Once the payment is accepted, you decide to change the capture date for the next day and validate the transaction.

To do this:

  • You must call the web service for creating a payment (createPayment).
  • The gateway checks if there is a session ID in the HTTP header of your query.

    As nothing has been specified, a new session and a new ID are created.

    The payment gateway will then process your query and send a response in the HTTP header indicating the assigned session id and the name of the server that processed the query:

Example of a query header:

POST /vads-ws/v5 HTTP/1.1 
Host: paiement.systempay.fr
Connection: Keep-Alive 
User-Agent: PHP-SOAP/5.4.14 
Content-Type: text/xml; charset=utf-8 
SOAPAction: "" 
Content-Length: 1922

Example of a response header:

HTTP/1.1 200 OK 
Date: Tue, 24 Feb 2015 11:37:06 GMT 
Server: Apache 
Set-Cookie: JSESSIONID=6qeoRHaVgOGr5avgh6lHnzEm.vadpayment01bdx; 
Path=/vads-ws; Secure 
Content-Length: 2711 
Vary: Accept-Encoding,User-Agent Keep-Alive: timeout=5, max=100 
Connection: Keep-Alive 
Content-Type: text/xml;charset=UTF-8
  • In the HTTP headers of the response, retrieve the JSESSIONID cookie.
  • Initialize the JSESSIONID cookie of your HTTP header.
  • Call the web service for updating and validating the payment.

Example of a query header for maintaining the session:
POST /vads-ws/v5 HTTP/1.1 
Host: paiement.systempay.fr
Connection: Keep-Alive 
User-Agent: PHP-SOAP/5.4.14 
Content-Type: text/xml; charset=utf-8 SOAPAction: "" 
Content-Length: 5793 
Cookie: JSESSIONID=6qeoRHaVgOGr5avgh6lHnzEm.vadpayment01bdx;

  • The gateway checks if there is a session ID in the HTTP header of your query.

The query is then sent to the server that generated the session.

If the session exists, it is reused, if not, a new session and a new id will be created.

The payment gateway proceeds to processing the query and returns its response.

Note:

The session ID will be returned inside the HTTP header of the response only if a new session has been created.

Therefore, it is recommended to systematically check that the cookie is present in the HTTP header of the response and to use the indicated session ID before making another call (e.g. getPaymentDetails).

Example of an HTTP response header maintaining the same session:
HTTP/1.1 200 OK 
Date: Thu, 26 Feb 2015 10:26:01 GMT 
Access-Control-Allow-Origin: * 
Content-Type: text/xml;charset=UTF-8 
Content-Length: 2858 
Vary: Accept-Encoding 
Connection: close

Note: no information about the session id.

Example of an HTTP response header using a new session:
HTTP/1.1 200 OK 
Date: Thu, 26 Feb 2015 10:31:39 GMT 
Set-Cookie: JSESSIONID=W10zI16iiiDiZqGV309xDtLV.vadpayment01bdx; Path=/vads-ws; Secure 
Access-Control-Allow-Origin: * 
Content-Type: text/xml;charset=UTF-8 
Content-Length: 2858 
Vary: Accept-Encoding 
Connection: close

Note: presence of Set-Cookie specifying the id of the new session.