ibm mobilefirst - How to maintain session in IBM worklight server side login module -

in ibm worklight demo app i've implemented login module. works fine, in way should maintain session ? want log-out user if log-out action performed not when app goes background. when app closed android device button or anyhow if app goes background session gets expire , again user has login. can achieve maintaining server side session?

when close application os destroys webview component destroying http context, jsessionid cookie. result next time open have new session , need reauthenticate.

if want implement "remember me" functionality there several solutions. 1 might following

1. keep in mind "remember me" reduces security level
2. see #1
3. create sort of server side token , store on client side (e.g. in localstorage, encryptedcache or jsonstore)
4. make sure token associated user identity on server side
5. send token server on application startup (e.g. global header, adapter procedure invocation param etc.)
6. detect token in login module , establish authenticated session.