Chapter 11. Sessions and Security
It is generally advisable that web applications remain as stateless as possible in order to facilitate scalability. However, there are times when it is important for data to be persistent throughout the scope of an HTTP session. Particularly when you are building applications that have user-based authentication and authorization requirements, the need for session-scoped data becomes apparent. Sessions, session data storage, and cookies are all mature aspects in Ratpack’s infrastructure. The use of sessions is provided to you as an optional framework dependency, while cookies are able to be used without the need for additional libraries.
This chapter will give you demonstrations and context for building applications that rely on HTTP sessions and cookies. The knowledge you carry forward from here will prove valuable as you progress through the chapters that follow, particularly the conversation on how Ratpack applications implement security features. Your exposure to the concepts outlined in this chapter will serve as the necessary foundation for your comprehensive understanding of how Ratpack works.
Integrating Session Support
Adding support for HTTP sessions to your Ratpack application is no different than adding any other optional framework dependency to your project. The ratpack-session dependency provides the module necessary to make the session constructs available to your code base. The Gradle build script in Example 11-1 demonstrates adding ...
Get Learning Ratpack now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
