I can't help you with the preemptive authorization, but why can't you use cookies? Cookies, when used as user authentication/authorization, do not violate any REST principles. In this case, cookies don't hold resource- state. They hold application-state.
On May 6, 8:31 pm, Preston <preston.crawf...@gmail.com> wrote: > I have some questions about a REST client that I'm writing for > Android. I'm struggling with how to properly do preemptive > authorization. > > Basically I'm storing client credentials encoded on the client. I want > to pass them through whenever the user makes a request over HTTPS with > some caching on the server side. > > #1 - I got the idea to use credentials as opposed to cookies or > something of that nature from some REST developers. However, I wanted > to check on the sanity of storing those credentials on the client. > > #2 - Assuming that sounds kosher, then here comes the part where I'm > struggling. I'm struggling getting those credentials passed > preemptively once I have them. I've looked at examples using > HttpRequestInterceptor and they all show it pulling credentials out of > a CredentialsProvider. Do I have to set that up or is there another > way? > > Thanks, > > Preston > > -- > You received this message because you are subscribed to the Google > Groups "Android Developers" group. > To post to this group, send email to android-developers@googlegroups.com > To unsubscribe from this group, send email to > android-developers+unsubscr...@googlegroups.com > For more options, visit this group > athttp://groups.google.com/group/android-developers?hl=en -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
