Long running sessions - AquaticInformatics/aquarius-sdk-net GitHub Wiki

The AQTS authentication model has sessions that expire when:

  • A DELETE /session request is received (which immediately expires the session)
  • Or when 60 minutes have elapsed after the last received request from the session

The recommended usage of the AquariusClient class is to wrap it in a using () statement, issue multiple requests within the using block, and allow the Dispose() method to automatically delete the session for you.

using(var client = AquariusClient.CreateConnectedClient("myserver", "myuser", "mypassword"))
{
    var parameters = client.Provisinging.Get(new GetParameters()).Results;
    var methods = client.Publish.Get(new MonitoringMethodListServiceRequest()).MonitoringMethods;
    
    Console.WriteLine($"There are {parameters.Count} parameters and {methods.Count} methods.");
}

// Now I'm disconnected from AQTS

This approach works fine 99% of the time, and is the preferred way to group multiple requests together, since all requests are made from the same session. Requests would only start to fail with 401 Unauthorized if more than one hour elapsed between individual HTTP requests, which given the above code structure, is not likely.

Long-running sessions

Sometimes your code that needs to send REST requests may be very decoupled from the code that creates the IAquariusClient connection. Your code may not know when the last request was issued by the client, so the session may have already timed out. Integration code that is run as part of a Windows Service often ends up being structured like this.

A "long-running session" in this context is a single IAquariusClient object which has the potential to wait more than an hour in between requests to AQTS. When that hour since the last AQTS request has elapsed, the session token is invalid and the next request made to AQTS will respond with 401 Unauthorized.

The SDK provides two different approaches to help your integrations cope with long-running sessions.

SDK Version 18.6.3 and newer - Do nothing special at all

This is the simplest approach, since your integration needs no special logic at all.

SDK 18.6.3 added automatic reauthentication if any request responds with 401 Unauthorized. The SDK will reauthenticate with the AQTS server, receive a new session token, and resend the original request with the new authentication token. It will only make one re-authentication attempt. If the secondary request fails (with any 4xx or 5xx status code), a WebServiceException will be thrown.

SDK Version 18.6.2 and earlier - Wrap request code in using (client.SessionKeepAlive()){} blocks

The IAquariusClient.SessionKeepAlive() method can be used to solve the the problem of "I don't know whether the session has timed-out already".

private IAquariusClient _client; // Created elsewhere, at some unknown time

public List<Parameter> GetAllParameters()
{
    using(_client.SessionKeepAlive())
    {
        return _client.Provisioning.Get(new GetParameters()).Results;
    }
}

Simply wrap your code inside a using(client.SessionKeepAlive()) statement, and your session will be guaranteed to be valid before any requests are made. The SessionKeepAlive() method will know when the last request was issued, and if too much time has elapsed, it simply re-authenticates using the cached credentials already provided to the CreateConnectedClient() method.

Still have questions? Feel free to raise an issue or contact our Support Team

⚠️ **GitHub.com Fallback** ⚠️