We have a few applications that will be passing a token object around and I wanted to get an idea about the best approach at doing this.
For starters, this token object is somewhat simple. It would have about 5 properties or so.
- Would we create a WCF app and reference it through a datacontract?
- What about serializing it and sending it through an http post? (each app have a referenced dll of the object)
- Querystring? (I truly don’t think this would be good, but put it up nonetheless)
- ?
Let me clarify this as well. I’m not concerned with persisting the data, but more of a best practice approach when just using and referencing this class
Anyways, just looking for ideas from you folks who are a lot smarter than me.
Thanks
Jonathan
It really does depend on what you want to do, but assuming you want to keep passing the object around, the only way to track it really is with a cookie or a session object.
ASP.Net uses encrypted tokens to track security in just that way – it takes certain values and pushes them to the client in an encrypted cookie value. It can then unencrypt and deserialize them on every request to keep track of them.
Alternatively, if you are using ASP.Net, you could always store an object in a session and use that. (You need to do it properly, but that’s the subject of another question.)
Of course, you could always push a long-lasting cookie to the browser and use it as a key to reference a serialized object in a database.
If you want to store such objects in a string to pass around between sites, you would probably want to do that with JSON. You would write the object out in the HTML of your page and use javascript to sent it to another server.