How to ensure access to my web service from my code only?

Question

I am writing a very simple web service for my iPhone app. Let\'s say this is a http page that returns a random number at http://mysite/getRand. How do I ensure that this pag

Answer 1

To follow up on Simon's idea, you could very easily have a key string in your application, then send the device ID, and then the DeviceID XOR'ed (or some other simple algorithm for string encryption) with your key string.

Since you know the key value to use, it's trivial for you to "decrypt" this string on the sever side and verify that the values match.

This way, the password is different for each user's device, and the "key" string is never sent over the wires of the great unwashed internets. :-)

Yes, this would by no means be impossible to figure out, but like others have said, the idea is not to make it impossible. The idea is to make it more trouble than it is worth.