Android programming: Authentication and data exchange with Java EE

Question

I am having a Java application running in a Tomcat server using Spring, Hibernate, etc. and a two web interfaces, one implemented in Tapestry 5 and the other one using Flex with BlazeDS and Spring-BlazeDS.

In my first android application I would now like to log in to the server and retrieve some data.

I´m wondering how I could achieve this in a secure way. First of all I need to know which technology is the best to retrieve data from the server and how can I restrict the access to users only that have been successfully authenticated.

With what I read until now I would try to implement a HTTPServlet on the server and make server calls via HTTP Client. In the servlet I could probably use the HTTPSession to check if the request comes from an authenticated user. And the data I would try to send serialized (JSON). Unfortunately, I´ve never done those things and maybe I´m on the wrong way and there are more comfortable solutions.

Answer 1

Oh yes there are many ways to communicate with server from android. Method one is you are mentioning, that every request will have Servlet or Controller that will intercept request and will send appropriate response. Every time you have to add any new requirement you will make a controller or servlet and add entry in mapping file etc.

Second method is use Service oriented architecture that you will expose services and android will consume those services this method is easy and takes less time to implement things.

Another way is you can use sockets. like UDP or something like that.