0

I am creating Android Application for a school where teachers should be login to the android application and perform some activity on daily basis.

We have a complete existing web based solution for the same and now want to implement same in Android.

The application is developed in Asp.net and C#

To authenticate a user on android login, I have created a login API which takes username and password in the query string and in return the API return Json Data From That User.

example : www.yourdomain.com/authenticateuser.aspx?username=xxxx&pas=YYYYY

But I doubt whether its safe to send the data via query string. Can anybody suggest a better possible way where it is not mandatory to send the data in Query String.

Improve this question
4
  • 1
    No, it's never safe to send password in that way. A man-in-the middle approach (en.wikipedia.org/wiki/Man-in-the-middle_attack) can get all access info. Is it possible the use of https? An interesting link: stackoverflow.com/questions/6443401/performing-login-to-https-website-via-android-app Commented Dec 23, 2013 at 13:23
  • 1
    If you want to do that, use HTTPS and send it in the content. When the password is a password in the DB, you should send the hash of the password, not plain text!! Commented Dec 23, 2013 at 13:28
  • How To Create API, which will accept the parameters like the example in your link?? @Seraphim Commented Dec 23, 2013 at 13:33
  • its not only password i have to send, there are other sensitive data which i need to send, Can We use GET Or SET for the same??? Commented Dec 23, 2013 at 13:36

2 Answers 2

Reset to default
2

You can use Soap based web-service. I created a demo to consume Soap Web-service without KSoap Library.

Ref Link: SoapWithoutKSoap

You can use KSoap Library to create complex Soap Data Request.

I hope this can help you.

C# Web-Service: Demo and Demo1

UPDATE

Web Service Link will be something like this : http://123.456.789.012/Abhan/Abhan.asmx?op=JustTest (This is not working as I modified the IP Address)

In Browser, method name and passing parameter(s) information will be like something as attached image.

ASP.Net Service

Thanks.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

i want to create the C# API first, as i dont know how to do that!! please help
@RobertRay Answer updated. Please have a look. Thanks
@Abhan Interesting! But why don't you like ksoap?
@Seraphim Project web service does not have any complex data to send in request and moreover I wanted to try something new. As I did not test performance regarding without KSoap but working smoothly in project.
i created webservice but not able to use that , if you want i can provide the web service address
|
0

I'm using C# web services to autenticate users, send report data and get app updates.

You can get some exmaples in the web (C#):

http://msdn.microsoft.com/en-us/library/8wbhsy70%28v=vs.90%29.aspx

and ksoap2 for Android:

http://code.google.com/p/ksoap2-android/

But I also bought a SSL certificate to use https...

Improve this answer

4 Comments

i created a Webservice but i am not able to use it in android
what kind of problem? Can you open the url (with a browser) and see the wsdl like yoursite.com/TheWebServiceName.asmx?WSDL ?
wait i will give you live Link @seraphim
i have created two API's First : moneyheaps.com/checkuser.aspx?id=1 It Returns The Json Result As You See, you can use id=2 as well for a test i am able to connect This With Android and Parse the Json As well But the Secure Data gets displayed in Querystring and thats not safe Second: moneyheaps.com/User.asmx i tested the web service locally and it displays the Correct Json but i am not able to Fetch Json From The Android , Please help @Seraphim

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.