Topic: How do I send _session_id other than cookies
I have a typical web application and use session data using session_store :active_record_store in many places. Now, i need to expose some of controller methods as JSON based web service(which I can do with format.json), can be used from my other sub-domains.
My login web-service returns a session id(not sure if this is right way, considering security aspect).
Can I use this session ID to pass with all my subsequent requests as request body rather than header, and let the system use cookie whenever it is requested from a browser?
Any better ways to achieve this, so that both works (browser based requests and just URL based AJAX requests)?
Thanks in advance for any help!