Palm OS Web Application Developer's Guide: Developing and Delivering PQAs with Web Clipping

Many of your WCA applications use device IDs, URL rewriting, or cookies to maintain sessions or to authenticate the user. For native applications, you may or may not need this depending on your design. If your application synchronizes with the server once every few hours and takes just a few seconds to do it, supporting sessions does not make sense. You might as well include the logon credentials every time you synchronize with the server. Because your application keeps the user ID and password in a database or memory, we are also not bothering the user. However, if you plan to reuse server-side code for both native Palm OS clients and desktop Web browsers, you may find that the Palm OS application has to deal with the same backend code that expects to receive cookies or device IDs.
HTTP is a stateless protocol, which means that requests to the server are all treated as independent transactions. For example, you may have a link to download a file from your Web, which leads the user to a license agreement, and eventually from that page to the final download page. You have no way to prevent the user from bypassing your license agreement provided that the user knows the URL. This stateless nature is very powerful, and it allows for simple HTTP server implementations but does complicate designing applications that have state associated with the user. We are not completely...