安卓:跟踪用户的身份验证 [英] Android: Tracking user authentication
问题描述
我正在开发将由多个用户使用的Android应用程序(每个用户都会有自己的设备)。我试图执行某种会话跟踪,看看用户进行身份验证,并在此基础上进一步允许使用应用程序。我正在努力实现的是同一种跟踪我会话对象在网络上使用。有没有办法做到这一点Android系统?
I'm developing an android application that will be used by multiple users (each user will have his own device). I'm trying to implement some kind of session tracking to see if user is authenticated and based on it allow further use of application. What I'm trying to achieve is the same kind of tracking I use on the web with session object. Is there any way to do this on android system?
推荐答案
您可能不得不重新考虑你的概念。
You maybe have to re-think your concept.
为什么你会喜欢的用户身份验证,当1设备用于1个用户?
如果你必须有用户认证,你会在哪里保存凭证? Android提供了对数据存储的几个选项。
Why would you like user authentication, when 1 device is used by 1 user? If you MUST have user authentication, where would you store the credentials? Android offers several options for Data Storage.
-
如果您存储在手机上的凭据,你必须解决加密问题(例如使用自定义的共享preferences与实施加密 - 有一个实现的在这里,请记住这不是100%安全)。但是,还有更严重的问题 - 如果用户更改的设备,并重新安装应用程序,他预计他的所有数据进行保存。在这种情况下保存用户数据 - 凭证等在手机上是不是很好的选择。
if you store the credentials on the phone, you have to solve the encryption problem (for example use custom SharedPreferences with Encryption implemented - there's one implementation around here, keep in mind it's not 100% secure). But there's more serious problem - if the user changes the device, and installs again your application, he would expect all his data to be saved. In this case saving user-data - credentials etc. on the phone is not good choice.
如果您保存凭证在线某处(云等),你还必须提供一些安全保障。但你怎么会在这里处理的用户没有连接到云,并希望来验证你的应用程序的情况下?
if you store the credentials somewhere online (cloud, etc.) you still have to provide guarantee of some security. But how will you handle the case where the user has no connectivity to the cloud and wants to authenticate to your app?
也许你拿出肚里像一些混合解决方案:
用户>本地电话>与远程位置同步>与远程位置等同步本地电话。搞定来自这个的所有情况。
Maybe you have to come up with some hybrid solutions which goes like: user > local-phone > sync with remote location > sync local phone with remote location and so on. Handle all cases that come from this.
这篇关于安卓:跟踪用户的身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
