问题
I'm currently working on an application that has web version (Play! Framework 2.2.x) and Android Client. Due to the fact that Play! is fully RESTful I want to communicate between Play! and Android with JSON requests and responses. Web version of the application is using Play Authenticate plugin which supports authentication and authorization. I would like to know how to enable login in Android Client that would use Play! app and how to secure the communication between Play! app and Android Client.
回答1:
After not getting a reply for my question I figured out the following solution. Each user has it's own name and password and a token. This token is being set during registration and gets updated every two days. I save username and token inside shared preferences in android application and authenticate each request from client with those two fields. Since it was a student project I thought it might be a good choice, but the production product should have better security.
来源:https://stackoverflow.com/questions/23328266/play-framework-2-rest-authentication-and-authorization-for-android-client