Server-to-Server Handler
Modern applications can have underlying REST requests to some other servers. We could develop a Kerberos-like ticket system to provide to application a ticket available to query other servers (ticket will be available a few seconds):
- in manager, just set an header containing {{llngTicket()}};
- application must set this ticket in an header (may be simply a cookie? a GET parameter?);
- handler will use the ticket instead of normal cookie to retrieve session and verify that {{$ticketTime + $class->tsv->ticketTimeout > time()}}. Then normal process;
- ticket can simply be {{cryptWithLlngKey ( random() . '/' . $sessionId . '/' . time() )}}