I am about to start developing an application for the iPhone that should log in securely and transfer information between the application and the web server. Before, I did not do much development in this area, so I did some research and would be very grateful for any contribution to how to deal with this in the best / easiest way.
Currently, people developing a web server do not know / have a request processing system from the application that I will develop, so they most likely will need to create something new.
Authentication: As far as I understand, using HTTP authentication is generally unsafe, and the best approach is to use HTTPS? What is the difference in iphone application when using HTTPS or HTTP? I believe the server and client need a certificate and what does the apple think about using SSL?
Regardless? from what I choose, how does it work ?: 1. Create an NSURLConnection with the server, listen to the didReceiveAuthenticationChallenge callback and answer with user / password 2. use the connection created to send any other information?
Communication with the web server: The application requires sending about 20 different requests to the server and should act on the responses. Would SOAP or any other web service be a good way to handle this? I believe that SOAP is pretty much XML-bound through HTTP, so in an application it should be as simple as creating an NSMutableURLRequest and then parse the response using XMLParser?
Or is there another much better solution?
thanks
source share