4

Where should you manage a users session in a SOA? Should you manage it in the Web Service or in the client and why?

My application is SPA (Considering that this will be the stacked that will be used Apache CXF for Web Services AngularJS for making REST calls)

gnat
20.5k29 gold badges117 silver badges308 bronze badges
asked Dec 26, 2013 at 2:44

2 Answers 2

2

I think session should be managed of Client side as far as possible in SPAs.In SOA , Mostly service are viewed as stateless and puting state logic inside it will be deviation. Servies ae meant to perform the task without botherig about sessions. However maintaing session on client side increasese the complexity a lot.

answered Dec 27, 2013 at 12:50
3
  • Well. If service exposes some REST API, then it should be able to somehow distinguish users and perform authorization... Commented Sep 15, 2017 at 17:36
  • How can the app store the session data. By Database? Commented Aug 7, 2018 at 8:15
  • One way to maintaining session at client side could be browser storage(browser's local storage or session storage) which are urls based. Commented Aug 9, 2018 at 8:19
0

Session should be managed at client side, as services mainly for server side processing and not for maintaining user session. But if we are managing user session at client side we need take care of security pitfall at client side, as user data is prone to get changed.

answered Jun 1, 2014 at 17:35

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.