Read original post at Mike Taulty's Blog
I’ve been working with an application builder who’s looking to move an existing application that exists on a “Non Microsoft Platform” over to Windows 8.
Like a lot of applications, the data displayed comes from a set of services that are accessed over HTTP and, again, like many applications those services require authentication. Once authenticated, the data that flows is deemed to be somewhat sensitive and so is encrypted (i.e. sent over SSL).
Authentication involves swapping some credentials for some kind of access token and that access token is then flowed on subsequent services calls and it times out periodically meaning there's a need for re-authentication at that point.