Zied Orabi
Lurker
Hello everyone,
I'm developing an Android app for my website. It relies heavily on Get requests and Put requests (of course, it includes authentification). I read that android applications don't support sessions as browsers do.
Right now, the servlet I made can deliver content to my application and I use shared preferences to ensure if the user is logged in or not.
But from the server point of view, anyone can access those data if they specify the right parameter (e,g Postman) since HttpSession session = request.getSession(false) ; doesn't work.
If you have any idea how to solve this problem so I can secure my data, please feel free to share it with me!
Thank you
I'm developing an Android app for my website. It relies heavily on Get requests and Put requests (of course, it includes authentification). I read that android applications don't support sessions as browsers do.
Right now, the servlet I made can deliver content to my application and I use shared preferences to ensure if the user is logged in or not.
But from the server point of view, anyone can access those data if they specify the right parameter (e,g Postman) since HttpSession session = request.getSession(false) ; doesn't work.
If you have any idea how to solve this problem so I can secure my data, please feel free to share it with me!
Thank you