Currently, we are using a legacy application where the Java HttpServletRequest.GetSession() function to get the session from the Client browser where the session is set from the Browser's parent tab.
Now we need to access the same session information [example, we have Token in the session] using our new application with decoupled Microservice architecture [ UI-React JS]. Whether we can able to access the session from Front End?
Appreciate your suggestion on this.
Thank you !
CodePudding user response:
The HTTP Session is a temporary store in the backend, where you store something based on previous requests. As soon as you store something there, the backend will return a Set-Cookie header to the browser with a JSESSIONID that the browser stores for the user. For the next calls, the browser will send the same JSESSIONID cookie, and the backend will use it as a key to retrieve the previously saved data for that user's browser.
If you're migrating to a React JS application, I think there's no need to store tokens in the backend, and use cookies with only JSESSIONID in. Instead, the frontend can store all the necessary data client-side.
I think there's multiple options:
- Keep it in React state (in the browser's memory)
- Keep it in a Cookie that you manage via the frontend
- Keep it in the browser's localStorage (less secure, I think)