Question
In our company we are considering to use ServiceStack for exposing domain specific services through REST/SOAP APIs and consume those services from multiple backends including websites. A very common SOA scenario. Our services require authentication as well as session support.
Do I have to persist both ss-id and ss-pid cookies in order to make authentication and sessions work consistently across multiple requests from the same client?
My preference would be to just pick and save one ... so, which one?
Solution
The RememberMe property when the user authenticates to your service will determine whether the Users Session is saved under the Temporary SessionId (ss-id) or Permanent SessionId (ss-pid), this preference is specified in the Users ss-opt=temp/perm Cookie.
By default if RememberMe=true isn't specified, ServiceStack defaults to storing the users session against the temporary ss-id cookie, in which case is the only one that needs to be sent.
https://stackoverflow.com/questions/23529711
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian