I'm trying to consume a rest services from android app.
I want the username and password is entered only once. Then the system can work without having to reapply username and password.
I do not know what would be the right way to do this. Save the password on the phone seems a bit insecure, maybe it's just my paranoia. applications like facebook, store the password in the phone?
What I'm trying to do is generate a token, store the token on the phone, and send the token in the header in each request. I do not know if it is the right solution. I can not find how to do this without the token lose the session.
I have also read about OAuth2, but I have not got any example of a small application That Demonstrates the use, not that of Facebook, Google, Twitter.
I used a Spring Server to communicate with my Android app.