This post originated from an RSS feed registered with Java Buzz by Fred Grott. Original Post: App Database Feed Title: ShareMe Technologies LLC-The Mobile Future Feed URL: http://www.jroller.com/shareme/feed/entries/rss Feed Description: A Weblog about Java programming and digital convergence on mobile devices in such areas as P2P and collaborative technology. Latest Java Buzz Posts Latest Java Buzz Posts by Fred Grott Latest Posts From ShareMe Technologies LLC-The Mobile Future

In WebView hacking you run into these type of choices that tend to eliminate extra work. An example is whether to do OAUTH as native or as web code. If I do it as native than I eliminate the need of completing a javascript ORM due to the database storage only consisting of the provider authentication keys, the app password, and etc which can be all in the native side as it needs no ORM.

Hmm, I guess I need to set up an App-Settings Intent which would have the  user set an application password and take care of doing the OAUTH logins and getting the authorization keys.  Security wise the OAUTH stuff, the user app password set up and etc should not be in the same class as my WebView set up as the class that has the WebView set up exposes methods to javascript and we want the OAUTH not exposed to javascript as a security measure.