I have few basic questions on session management in GWTP.
Client : GWTP, Server - Restful WebServices using Guice and Jersey.
Application session management is straightforward when i have the backend service with RPC mechanism. But, With GWT client running on android and server side logic exposed as Restful Web services using Jersey, how do we maintain session because Restful WS are stateless. Now how do we achieve user session in this case?
Regarding session management there is no difference whether you use GWT's RPC, RequestFactory or RequestBuilder.
Communication in the web is basically stateless regardless of the communication protocol you are using.
Traditionally session management is done via server side sessions.
However RESTfull services are not supposed to rely on server side sessions as it violates restful principle.
So basically there are two ways to do it:
After going throught lot of comments from different people, here what I have thought of doing.
My application can be accessed from Browser based app and Mobile devices as well. Application was written the http session management in server at first for browser based app. Now while getting Mobile client, we have implemented Rest web services, with same service layer for mobile device and browser client as well.
When user logs in with mobile device, we are creating a unique auth token and we store the http session with this token ID as key, value map in app. Later on we expect every user request from mobile device to return this token, and using this token get the session from map and continue.
Does anybody has any opinion on this approach?
