0

I am using a gwt based application and I want to introduce web service [Apache CXF ] to provide access business layer to other application which is build up in other technology like php, iphone and android.

As per client requirement, 

->create gui pages in php
->create login module (with oauth concept) in php 
->Use php webservice for login process 
->Use java webservice to access business layer

Now my question is to access particular business layer for security reason we have to maintain user session some how. right?

so as I mention requirement how can I manage session in my Java EE app server. should I have to create a session for per user request?

How could I maintain session for user if my login module on Apache server?

Note: Please note that my login is using a php app which has some oauth feature and that will redirect to Java EE app.

Arjan Tijms
  • 37,782
  • 12
  • 108
  • 140
bNd
  • 7,512
  • 7
  • 39
  • 72

1 Answers1

0

Passing JSESSIONID between instances of application server will do you nothing. Unless sessions are clustered, each application has it's own session container and cannot be shared, (unless you write a custom valve that will search for all sessions in application server). Plus WS does not have a notion of http session, you would have to implement your own mechanism. Plese elaborate what are you trying to achieve? And then we will be able to help you more.

damiankolasa
  • 1,508
  • 9
  • 8