This is probably the easiest way: http://en.wikipedia.org/wiki/Shared_secret
A more complex solution would involve a public/private certificate pair, however, as soon as someone gets a hold of this certificate, they will be able to make calls against your server. I'm not enough of an expert on Android security to tell you whether this information can be extracted from an APK. -- Ikai Lan Developer Programs Engineer, Google App Engine Blogger: http://googleappengine.blogspot.com Reddit: http://www.reddit.com/r/appengine Twitter: http://twitter.com/app_engine On Tue, Feb 22, 2011 at 3:52 AM, Charly <[email protected]> wrote: > Hi friends > > I'm new and I'm not sure what is the correct way to secure my servlets > allowing calls only from my android app client. > > What do you recommend me? > > Thanks > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
