Thanks gengstrand, Ill deal with your 3 options in turn:
1. official App Engine options
a) use google accounts as a unified signon: This is how we are
currently implementing, the problem is that if the potential customer/
user is not very technically savvy, and either doesnt have an email or
Ah, sorry Benjamin, my earlier reply to gengstrand was written before
id fully taken in what your blog was saying. I cant be sure that you
have indeed answered my question, as it will take me a little while to
filter through your blog and understand it all, but it certainly seems
to cover the
Hi,
I have a game with account. My method:
On the server side, I have a table with userId/username/password(md5)
and a table userId/loginString
When the user initiate a login, he get his loginString (which is a
random string).
Then when the client communicate with the server, the loginString is
First, take a look at this article and see if it covers your needs.
This is the official position on GAE and authentication.
http://code.google.com/appengine/articles/auth.html
If that's not going to cut it for you, then take a look at
http://www.mindrot.org/projects/jBCrypt/
If you were using
John,
I put a lot of time putting together this blog posting to consolidate
the process of authenticating a client to app engine - the sample i
posted definitely works - it's tailored for Android clients but i hope
it helps you - all about getting the auth token.
really no responses on this one?
On Feb 11, 11:19 pm, John V Denley johnvden...@googlemail.com wrote:
There are plenty of (fairly indepth technical) conversations on here
about the use of passwords and how to send the data/password to the
server.
It very much seems a consensus that unless
There are plenty of (fairly indepth technical) conversations on here
about the use of passwords and how to send the data/password to the
server.
It very much seems a consensus that unless you are using HTTPS/SSL
then its totally pointless doing anything on the client.
Given that Google App