I have developed many stateless RESTful webservices for a mobile application in Java and they are working very well.
*For example:* - h t t p://.../api/coupon - h t t p://.../api/coupon/{id} - ... Now, I have to extend these services because I have to send different data back to the mobile for every user. So I need to know on the server side which user try to get or set information. And I have to prevent the serve of unauthorized users. *There are two different way how user can login into the mobile application: * 1. log in with facebook account 2. log in with an application account I need to develop two login and a logout services because the users who use the mobile application have to login into the application. I read lots of article about auth and RESTful and OAuth. I think I have to develop two login services with two imput parameters: username and password. *For example:* - localLogin(String username, String password) -> token - facebookLogin(String username, String password) -> token These logon services have to generate a same token and send it back to the mobile application in the http header. And after the login process the mobile client has a token. And the client has to send this token to the server when it makes a RESTful server call. What do you think? Is my idea good? If it is, could you help me how can I start to develop this in Java? If it is not, could you tell me the good way? Thank you. -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.