Sharing Play Session with other Applications


(Decapo01) #1

This is my understanding of how sessions work. Please correct me if I’m wrong.

In play, the session is a client cookie that is signed and encrypted by the application and secret key. When a request comes in play uses the applications secret key to decrypt the session cookie and de-serialize it so you can get the data out of it for your application.

Is it possible to use the same decryption method with the same secret key (of course I would have to write this myself) in another language and web framework (specifically Haskell and Spock)?

So in this scenario a play framework application and Spock would be running side by side and sharing the same secret key. But signins would be handled by the play framework app.