I have written some web services in dropwizard and secured the resources using dropwizard-shiro bundle. I have annotated the JAX-RS resources with @RequiresAuthentication. These services run on port 8585. I have another php web application running on port 80, consuming those services. The web application has a login form which consumes my login service. The login is successful and creates a new session in port 8585. But when the next request comes to my services, it is coming with another session ID. I have swagger UI running on port 8585 and it is working fine. What mistake am I doing? Should I have to configure anything with ports?
The problem is with my php application. After the login service is called, it returns a session cookie that is used to identify the user. I have to send that session cookie with each request to access secured resources. I am sending them in the header of the php curl.