HI
I am planning to use the Velocity WebClient service to provide JSON data to a number of mobile clients (around 8000). They will periodically login to the service to get updates on work and to post hours. On this basis this is mainly a mobile app and I was considering how best to handle the client security as sessions and login in each time would be a difficult/annoying. The issues:
1) login in each time you access a site is hard/annoying/fiddly
2) IF the login details are stored on the device much the same as you would a native app they could be passed with each request
3) The server would have an https socket so the passing of U/P would be OK AND they are know to the user anyway
4) Servoy/velocity are both more than capable in performance terms to take this extra query
5) IF the device is lost a) there is no really critical data in the app and b) that is a user management issue perhaps sensibly protected using a pin
6) The site owner will be able to kill user logins in an emergency and that would block the device immediately
Look forward to your options and any thing I may have overlooked
regards
Gordon