Can these json ajax requests use remember-me authentication? On my website, I use the spring security core plugin and my persistent logins work great — until I make my first ajax/json request. I then get a cookie theft error and the users needs to login manually. Do you have any examples on how to make persistent logins work with ajax request? Thank you. Jeff.
The issue with the API pattern as it is used in most modern MVC frameworks and tools is that it binds the communication logic and business logic making it so that IO data cannot be shared across a distributed architecture thus making api’s an architectural cross-cutting concern.
To resolve, the api pattern must abstract communication logic from business logic so that IO state can be cached and shared with other architectural components as needed (ie proxy, MQ, api gate, etc). See Grails API Toolkit for example (https://www.youtube.com/watch?v=mZOs7oz0JOI)