I am obliged to use Middleware Server (Kony Server) for communication of Kony Application (Mobile App) with Application Server (RESTful Service).
The authentication on the service is session based, auth key is returned in headers from "POST /login" (in cookies actually: "Set-Cookie: session=thesupersecretkey"). Then each service method requires the session key to be present in headers to allow data retrieval, otherwise it returns 401. This is how the service works and I just can't change it.
I can add "session" header as a parameter in service designer (e.g., method "GET /data"), put a correct value there (which I got from elsewhere, for exapmle Fiddler) and execute the request, I can tell the middleware, in service designer, to get a value from session scope (middleware session), but I cannot put the value to the session, when "POST /login" executed.
Actually, there is no way to get and process response headers on the middleware. I can retrieve headers in the response handling piece of code, but I cannot save that value in middleware session, so it won't help.
I can get the cookie programmatically, save it in the mobile device memory and pass it each time I make a request to the service. But I want to know if there is any other workaround of this limitation?
Thank you for any help!
Ok, it looks like Kony One Platform is not very popular :) I ended up with service session management on device side, like I mentioned in possible solution section. Kudos, everybody!