I want to manage Sessions with client apps of my Restful WCF Service. Client app can be a J2me application or a .NET application.
What is the recommended way of maintaining sessions in RESTFUL WCF service?
Idea is to recognize that the request is coming from an already authenticated client.
This question may be useful to you: Best Practices for securing a REST API / web service
I think they restful thing to do here is to send the user credentials on each request if you can do that in a way that is transparent to the user and doesn't compromise the credentials. If you can't do that, cookies for the sole purpose of maintaining client identity have become a common concession among developers of restful services. Just don't go storing anything else with the cookie.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With