> I want to prevent jail-breaking on the mobile device. Can't be done. The modding community are cracking device bootloaders for breakfast.
> I want to store > the username/password on the mobile device. Bad idea. You can store username safely, and use it as salt for a hashing function on a prompted password though. > I looked at Digest authentication but I am already using https. If you're already using SSL, just use Basic auth instead of Digest. It's trivial to add a servlet filter in front of Jersey to handle this. > Can you please suggest some ways to do this ? Android doesn't have a keyring AFAIK, though rumors says Android 3.0 will gain corporate-level security/encryption support. The good news is that unlike the Oracle JRE, Android provides unlimited encryption strength through Bouncy Castle so if you are willing to require a password, your on-device data can be made very safe (i.e. use a AES-256 cipher and a SHA512 hash). -- You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
