The background uses Spring MVC framework to do web service. How to realize rights management and session control when the foreground uses jQuery?

  java, question

Is it to directly encapsulate session access into an interface (do in the serverlet concept? ), the foreground accesses the interface of this session first for every page access or ajax request?

Is this the front end of the legendary backstage?

I have only used php and have not touched java web development. I am a little confused. I feel that this idea may be completely incorrect. please give me some advice!

Save with cookie, most session implementations save sessionID in cookie.
Every time a request is processed by adding a filter, the sessionID will be released if it is valid, and 404 will be returned if it expires or there is no sessionID.