0

I have a simple service which produces some string value: 

class MyService {

   String foo() {
      return UUID.randomUUID();
   }

}

This value is then put to an activeMQ queue "integration.uuids" by some Camel route. I want this value to be attached to the http session of the currently logged in user.

What are the possible ways to achieve this?
In my web application there is another Camel route - subscriber of "integration.uuids". However, since both the service itself and the subscriber are completely stateless (unaware of which user actually invoked MyServices) I am a bit confused about this scenario.

So far I thought of the following changes to the architecture:

1) introducing one queue per user (problematic for application with thousands users). I think this approach ruins the stateless nature of the MyService, since it will have to know exactly which destination queue to place the value to.

2) Changing the message itself from a plain string with UUID to something like {"caller":"bob", "uuid":"uuid-uuid-uuid-uuid"} However, callers will have to supply their usernames every time they want to invoke the MyService.

Any ideas would be appreciated.

Alexey Buistov
  • 209
  • 2
  • 4
  • 11
  • I would go with 2. It is essential that every service call is authenticated. You can use caching techniques to help with performance however having each call authenticated makes it much harder for some attacker to break the system. – Namphibian Jul 19 '15 at 23:38
  • Google about API key. Recently I saw several implementations sending it as HTTP header – Sergey Jul 20 '15 at 07:31

0 Answers0