I am really new to Spring and J2EE. The current setup is:
* A REST API server which exposes data as REST APIs and also provides a user session mechanism via JSESSIONID cookie after successful authentication.
* A transaction/relay server(Spring MVC with Tomcat as container) which will consume the API's exposed by the API server(using RestTemplate), may or may not do some data manipulation(using Jackson) and finally expose the data as REST APIs to be consumed by the Client App.
* A client App(AngularJs) which will consume the REST API's exposed by the transaction server.
My question is how do I maintain the user session using the JSESSIONID cookie provided by the API server in this kind of a setup wherein I have a middle layer(transaction server). I have some idea but I am not sure if that would be the right approach. I was thinking of intercepting every incoming request from the client to the transaction layer, extract the JSESIONID and store somewhere in a global context(sorry for using vague terminologies, I am really new to this) before reaching to the @Restcontrollers and then after passing through the controllers and services before calling the actual API server via RestTemplate, adding the JSESSIONID cookie to the header of the every outgoing request.
I need to do this for every request and that too in the "Spring way".
A detailed step by step answer my help a lot as I am really new to all of this.
I hope i made my question clear. Thanks in advance!
As per REST standard each request is independent with others request. There should be no relation between them. So each rest service is individual one.
As far as session is maintained in case of GUI application, i think you can maintain the same in HttpServletRequest session attribute where you can save once logged in and whenever required you can fetch it from them
and pass to the REST services.