I'm trying to implement OAuth for a Twitter app with Servlets/JSPs but I have a question.
Since I have to redirect the user to the Twitter authorization site and pull request parameters from the callback, how do I exactly keep all this in one session? My assumption is that when I redirect/forward the user to the new site that's gonna break the session. or at the very least when Twitter returns request parameters to the callback site that won't be in the same session as originally started with my client/user.
Welp!