best practice for mobile/kiosk applications with no signon required
Have a simple application that is to be accessed via kiosks and mobile browser.
The application is read only and there are 100,000 possible users who have no real identifiers or authentication mechanism. Really basic applicaiton
user enters a reference ID and submits "lookup"
lookup data from an external source
if data is found, display it. Otherwise, display "invalid ID"
What's best way to deliver a smooth experience? Some ideas are
- logon screen with hard coded hidden credentials to auto-submit and log in under common ID?
- logon screen with redirect to hard coded authentication service that always allows signon
- skip logon entirely - build the application in the splash screen itself
- do the lookup as an unauthenticated rule-service-http and build widget outside.
Wat have you done?