In this configuration example, we use HTTP header tokens between the REST client and Airlock Gateway to track sessions. This is usual for non-browser clients or, in general, for HTTP clients not supporting cookies.
For browser-based clients, see Using gateway-generated cookies for session tracking.
- How it works:
- The REST client receives a token in an HTTP header for session tracking from Airlock Gateway, e.g., the header named
X-Session-ID
. - The REST client must return the header's value in a request header, e.g., again a header named
X-Session-ID
with every request.
A mixed setup with REST and browser-based clients usually requires a split setup with two VirtualHost configurations on the Airlock Gateway – one with cookie-based tracking and one with header tracking configuration.