Android programming: Authentication and data exchange with Java EE

I am having a Java application running in a Tomcat server using Spring, Hibernate, etc. and a two web interfaces, one implemented in Tapestry 5 and the other one using Flex with BlazeDS and Spring-BlazeDS.

In my first android application I would now like to log in to the server and retrieve some data.

I´m wondering how I could achieve this in a secure way. First of all I need to know which technology is the best to retrieve data from the server and how can I restrict the access to users only that have been successfully authenticated.

With what I read until now I would try to imp开发者_如何学JAVAlement a HTTPServlet on the server and make server calls via HTTP Client. In the servlet I could probably use the HTTPSession to check if the request comes from an authenticated user. And the data I would try to send serialized (JSON). Unfortunately, I´ve never done those things and maybe I´m on the wrong way and there are more comfortable solutions.

Oh yes there are many ways to communicate with server from android. Method one is you are mentioning, that every request will have Servlet or Controller that will intercept request and will send appropriate response. Every time you have to add any new requirement you will make a controller or servlet and add entry in mapping file etc.

Second method is use Service oriented architecture that you will expose services and android will consume those services this method is easy and takes less time to implement things.

Another way is you can use sockets. like UDP or something like that.

http://james-bennet.com/?p=167

How to make rest-ful queries to a web service. The example in my link works with a yahoo news API by formulating the correct get requests, and retrieving and parsing some JSON for use in the app. Includes code.