what must be done on the server-side to ensure correct authorization checks are being performed?

Once an Android client has authenticated to a web service, what must be done on the server-side
to ensure correct authorization checks are being performed?

Once an Android client has authenticated to a web service, what must be done on the server-side
to ensure correct authorization checks are being performed?

A.
For each request that is considered more sensitive than previous ones, force the client to reauthenticate so that the user’s identity can be confirmed.

B.
For each request, check the session token to verify the client has been authorized for that
device and session.

C.
For each request, ensure that the client is authenticated and that the specific Android device
identified in the request is the same as for the last request.

D.
For each request, ensure that the client is authenticated and that the specific client is
authorized to perform the specific action on the specific data.

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *