I set up Contacts and Synchronization in the application I am developing. Authentication works in directly to the web site using DefaultHttpClient. That means I need to store cookies and every time user does something send it to server using that cookie. What is the better way to store the cookies? It seems CookieSyncManager only works with WebView. Or can I use it with DefaultHttpClient?
In the webview, there is a setting. I think this may help you:
WebSettings.setSavePassword(boolean save);
Related
I want to make an android app which will login to my web application using rest API. In browsers we have a concept of cookie which servers use to identify/maintain session with the users.
In Android how would we accomplish it ? I heard that there is a concept of token which is sent by server in response(first time when credentials are validated) and Android app have to send it to server every time it tries to access a resource(protected). So, what is the better way of doing it ?
Do we need to validate the token again and again when the client requests for a resource ?
Honestly, I can't think of a better way of doing this. Token based authentication seems to be pretty standard when dealing with RESTful APIs. Is there any reason you can't do that?
If you don't want to change the server code, then this could be simulated by adding a cookie header to every request you send. But this is basically the same thing that you mentioned above, just not as clean.
And the browser is already sending a token to be validated again and again. Every request has a cookie header that gets validated through your web application on every request, so this isn't a big deal at all.
And, you don't need anything Android specific to accomplish this. In whatever http library you're using I'm sure there is a method you can called or something you can override in order to set custom headers. Use that to set either your cookie header or token header on every request that you need to make.
I need to make a webview application that POST a username and password and then display the webpage logged-in. I must use cookies but i chouldn't find how to do it, tried the traditional ways but nothing.
Has anyone had any experience with xWalkView and how to get/put cookies ?
(I am using xWalkView since the traditional webview on android 4.2.2 can't load HTML5 webpages)
I had the same problem but I did not find the exact answer. Instead, I found a kind of a work around.
As I am using a servlet container, I append a ";jsessionid=" to every request I make to the server.
The other thing than can actually work for you regardless of what backend you use is to make a request to your web server so that it returns a response with a cookie.
For example if you want to add a name=test you could make some xhr request to some url and the response must have the cookie name=test in it. This technique also work for me for session tracking in my java app.
Good luck
How can I use cookies to authenticate a user in PhoneGap for Android?
The server will send a cookie containing a session ID. As part of each future AJAX request to the server that cookie must get sent to authenticate the user. I don't have access to the server, so I can't change how it works.
So, I have to use cookies. I can't use local storage or anything like that, unless it behaves exactly like a browser would if a server were to send a "Set-Cookie" header.
How do I do this?
Using local cookies with Cordova isn't possible, unless you can store them server-side. In your case, you can make use of local-storage, for easy values/flags/strings, or if you want a relational database, use WebSQL.
Local Storage:
http://docs.phonegap.com/en/4.0.0/cordova_storage_storage.md.html
WebSQL: http://dev.w3.org/html5/webdatabase/
I would recommend WebSQL above others like IndexdDb because it is most wideley supported for mobile devices. See following link: http://caniuse.com/#feat=sql-storage
(I'm asking this partly for learning purposes, I realize what I'm trying to do might be entirely wrong!)
I have a php file on my website that handles log in and sets a cookie for the user if log in is successful. if setcookie() fails, I error out instead of displaying the rest of the page.
When I try to access this page using my android app (which uses HttpURLConnection with POST), the setcookie() fails. I'm guessing this is because the client isn't a browser and can't handle cookies.
so first of all, is there away for my app to be able to receive cookies from the server and store them? if not, how do you handle maintaining a login session with the user so you dont have to send a username and password, every time you want to access data from the server?
THanks
A couple of notes before the workaround:
The function is called setcookie() not set_cookie()
Android browsers do support cookies afaik, so you probably should look into this further. Perhaps the format of your setcookie call is not valid?
If you can't use cookies, then the workaround is to simulate your own session mechanism by passing your cookie value as a url parameter on every request.
I'm a bit confused about when and why to use CookieSyncManager. According to the docs, it can be used to manually force syncing the cookies stored in RAM to permanent storage. Can anyone describe a scenario in which this needs to be done?
In my application, I'm using CookieManager to extract cookies out of a WebView I show, after the user successfully logged in a webapp, using the WebView. Should I force a sync before trying to extract these cookies? So far, I was able to get the cookies without syncing, but reading about CookieSyncManager I'm starting to think that I'm doing something wrong.