Sessions in Web Services

Hey All,

I was hoping I might be able to get a little bit of assistance. I’m working with a web app right now that passes me all of their information via an XML HTTP Request. I process the request using the file_get_contents & SimpleXML functions.

I grab the data I need from the XML and then send a response back to the SSO service. Once the service receives my response, it redirects to the actual app I’m working with.

I’m able to process the data and get what I need and I set it all with PHP sessions.

The problem I’m having, however, is I can’t seem to reach sessions after the response and redirection occurs.

I’ve got session_start() on both my authentication and landing pages. I’m at a real loss and this project has been mentally exhausting. I’m hoping someone here can see something I’ve over looked and help me move forward.

Authentication Page:

	// import the classes
	$authUser = new AuthUser();
	if (! $authUser->pc_validate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
		header('WWW-Authenticate: Basic realm="Restricted Area"');
		header('HTTP/1.0 401 Unauthorized');
		echo "You need to enter a valid username and password.";
	// If everything is good moving forward then start 
	// making REST requests and REST responses.
		$postdata = file_get_contents("php://input");
		$userXML = new SimpleXMLElement($postdata); 
		$restUtils = new RestUtils();
		$_SESSION['firstname'] = $userXML->SignOnUser[0]->GivenName[0];
		$ssoRequest = $userXML->SignOnRequest[0];
		// This creates the single sign on token:
		$ssoToken = $authUser->genRandomString();
		$_SESSION['ssoToken'] = $ssoToken;
		$body = '<SingleSignOn>

                // Make sure that the response is being sent properly
		$body = trim($body);		
		$File = "assets/testResponses.txt"; 
		$Handle = fopen($File, 'w');
		$Data = $body; 
		fwrite($Handle, $Data); 
		// Sends response
		$restUtils->sendResponse("200", $body, "text/xml");

Landing Page script:

	// Get url variables
	$var = $_SESSION['firstname'];
	echo "--> " . $var;

I’ve renamed some variables and names as I can’t reveal the client or anything like that… but this should be enough to give you guys an idea on the problems I am encountering.