Monday, May 14, 2012

Activity Access Restriction Implementation in a Monodroid Application

I have a requirement where I need to restrict access to an activity of a Monodroid Application. Hence i tried a spike where the application IntentSayHello would have an access restricted Activity called SayHelloActivity. As the first step i defined the permission tag in the AndroidManifest.xml of the application as below:



...
...
</application>
<permission
android:name="intentsayhello.permission.SAYHELLO"
android:protectionLevel="signature" android:label="@string/permlbl_restricted"
android:description="@string/permdesc_restricted">
</permission>
</manifest>


Please note that i'm using protectionLevel = signature which means that any other application signed with the same certificate as IntentSayHello can only access the restricted activity.



Now i coded the SayHelloActivity as below:



    [Activity(Label = "SayHelloActivity", MainLauncher = true, Icon = "@drawable/icon", Permission = "intentsayhello.permission.SAYHELLO")]
[IntentFilter(new string[] { "companyXYZ.intent.sayhello.MAIN" },Categories = new string[]{Intent.CategoryDefault},
DataMimeType = "vnd.companyXYZ.say.hello/vnd.companyXYZ.activity")]
public class SayHelloActivity : Activity
{
.....
.....
}


After this i tested with a client application by invoking SayHelloActivity of IntentSayHello through an implicit intent and i got SecurityException as expected.



Permission Denial: starting Intent { act=companyXYZ.intent.sayhello.MAIN typ=vnd.companyXYZ.say.hello/vnd.companyXYZ.activity cmp=IntentSayHello.IntentSayHello/intentsayhello.SayHelloActivity }
from ProcessRecord{4094f850 9126:DiffKeyHello.DiffKeyHello/10097} (pid=9126, uid=10097) requires intentsayhello.permission.SAYHELLO



Now if i want my client Application to be given access to the SayHelloActivity of the restricted application, i'm supposed sign my client application with the same keystore (certificate) and also mention in the AndroidManifest.xml of the client application as below:



...
<uses-sdk android:minSdkVersion="4" />
<uses-permission android:name="intentsayhello.permission.SAYHELLO" />
</manifest>


But when i did both of this, the client application still could not invoke the SayHelloActivity and same SecurityException is thrown.



I would like to know the directions/solution to this issue.
Thanks





No comments:

Post a Comment