Use cookies to save it. Most session implementations save the session ID in cookies.
For each request, add a filter and process it. If the session ID is valid, it will be released. If it expires or there is no session ID, 404 will be returned
I suggest you try Apache Shiro, this thing is very flexible.
You can customize the verification method, authorization method, permission granularity, and authorization method according to your own needs. You can perform session management without the container, and it is very friendly to Spring.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Use cookies to save it. Most session implementations save the session ID in cookies.
For each request, add a filter and process it. If the session ID is valid, it will be released. If it expires or there is no session ID, 404 will be returned
Bring a sessionID every time you send a request?
servlet filter
I suggest you try Apache Shiro, this thing is very flexible.
You can customize the verification method, authorization method, permission granularity, and authorization method according to your own needs. You can perform session management without the container, and it is very friendly to Spring.
Regardless of language, permission management can be achieved by selecting proxy mode.