CORS - Issues & Solution
- Cross-domain via servlet works ordinarily, but not with an XMLHttpRequest (what we use for Ajax).
  * In that case we need to handle a pre-flight request.
	This can be handled by a filter.
	  A servlet associated with a filter has in web.xml entries 
		that divert the request to the servlet to the filter which then, if successful, 
			chains the request to the original destination.
  * The pre-flight request, i.e. the request to allow CORS, is made with method OPTIONS


Sessions
- Hold individualized information at the browser level, 
	i.e the session is held in a browser an is accessible to a server,
  * Data is stored as name-value pairs.