Session validation in Single Page Application with SP 3.0.2

[Peter Schober]

* Ron Harris <neo204011 at gmail.com> [2018-11-15 15:47]:
> Thank you Peter, I will give it a try.

Mostly this was just an illustration that you can protect a resource
(the server-side API endpoint, in this case) with multiple methods in
Apache httpd, without forcing all API clients to use the same method.
I can't say what's appropriate for your deployment, maybe the JWT
method referenced in that earlier thread is preferrable.
Or something involving OAuth...
-peter