Android™ Application Development - Bahar Ali Khan

More documents

Recommendations

Info

Chapter 11: Advanced Android <strong>Development</strong> Paranoid Android 354 Much of Android’s security is native to the underlying Linux kernel. Resources are sandboxed to their owner applications, making them inaccessible from other applications. Android provides broadcast Intents, Services, and Content Providers to let you relax these strict process boundaries, using the permission mechanism to maintain application-level security. You’ve already used the permission system to request access to native system services — notably the location-based services and contacts Content Provider — for your applications. The following sections provide a more detailed look at the security available. For a comprehensive view, the Android documentation provides an excellent resource that describes the security features in depth at code.google.com/android/devel/security.html. Linux Kernel Security Each Android package has a unique Linux userID assigned to it during installation. This has the effect of sandboxing the process and the resources it creates, so that it can’t affect (or be affected by) other applications. Because of this kernel-level security, you need to take additional steps to communicate between applications. Enter Content Providers, broadcast Intents, and AIDL interfaces. Each of these mechanisms opens a tunnel for information to fl ow between applications. Android permissions act as border guards at either end to control the traffi c allowed through these tunnels. Introducing Permissions Permissions are an application-level security mechanism that lets you restrict access to application components. Permissions are used to prevent malicious applications from corrupting data, gaining access to sensitive information, or making excessive (or unauthorized) use of hardware resources or external communication channels. As you’ve learned in earlier chapters, many of Android’s native components have permission requirements. The native permission strings used by native Android Activities and Services can be found as static constants in the android.Manifest.permission class. To use permission-protected components, you need to add uses-permission tags to application manifests, specifying the permission string that each application requires. When an application package is installed, the permissions requested in its manifest are analyzed and granted (or denied) by checks with trusted authorities and user feedback. Unlike many existing mobile platforms, all Android permission checks are done at installation. Once an application is installed, the user will not be prompted to reevaluate those permissions. There’s no guarantee that your application will be granted the permissions it requests, so it’s good practice to write defensive code that ensures it fails gracefully in these circumstances.
Declaring and Enforcing Permissions Chapter 11: Advanced Android <strong>Development</strong> Before you can assign a permission to an application component, you need to defi ne it within your manifest using the permission tag as shown in the following code snippet: Within the permission tag, you can specify the level of access that the permission will permit (normal, dangerous, signature, signatureOrSystem), a label, and an external resource containing the description that explains the risks of granting this permission. To include permission requirements for your own application components, use the permission attribute in the application manifest. Permission constraints can be enforced throughout your application, most usefully at application interface boundaries, for example: ❑ Activities Add a permission to limit the ability of other applications to launch an Activity. ❑ Broadcast Receivers Control which applications can send broadcast Intents to your receiver. ❑ Content Providers Limit Read access and Write operations on Content Providers. ❑ Services Limit the ability of other applications to start, or bind to, a Service. In each case, you can add a permission attribute to the application component in the manifest, specifying a required permission string to access each component, as shown below in a manifest excerpt that shows a permission requirement for an Activity: Content Providers let you set readPermission and writePermission attributes to offer a more granular control over Read/Write access. Enforcing Permissions with Broadcasting Intents As well as requiring permissions for Intents to be received by your Broadcast Receivers, you can also attach a permission string to each Intent you broadcast. When calling sendIntent, you can supply a permission string required by Broadcast Receivers before they can receive the Intent. This process is shown below: sendBroadcast(myIntent, REQUIRED_PERMISSION); 355
Page 1 and 2:
Professional Android Application su
Page 3:
Professional Android Application D
Page 6 and 7:
Professional Android Application D
Page 8 and 9:
About the Author Originally from Pe
Page 10 and 11:
Acknowledgments A big thank you goe
Page 12 and 13:
Contents Chapter 2: Getting Started
Page 14 and 15:
Contents xii Saving and Loading Fil
Page 16 and 17:
Contents Chapter 10: Accessing Andr
Page 19 and 20:
Introduction Now is an exciting tim
Page 21 and 22:
Introduction covered, you can move
Page 23:
Introduction At http://p2p.wrox.com
Page 26 and 27:
Chapter 1: Hello, Android 2 Using t
Page 28 and 29:
Chapter 1: Hello, Android An Open P
Page 30 and 31:
Chapter 1: Hello, Android 6 ❑ ❑
Page 32 and 33:
Chapter 1: Hello, Android 8 When ma
Page 34 and 35:
Chapter 1: Hello, Android 10 In mar
Page 36 and 37:
Chapter 1: Hello, Android 12 Each A
Page 38 and 39:
Chapter 1: Hello, Android 14 ❑ Da
Page 40 and 41:
Chapter 1: Hello, Android 16 ❑ an
Page 43 and 44:
Getting Started All you need to sta
Page 45 and 46:
Chapter 2: Getting Started Unless o
Page 47 and 48:
Installing the ADT Plug-in Install
Page 49 and 50:
Chapter 2: Getting Started 3. In th
Page 51 and 52:
Chapter 2: Getting Started If every
Page 53 and 54:
} lp = new LinearLayout.LayoutParam
Page 55 and 56:
❑ ❑ ❑ ❑ ❑ Small screens w
Page 57 and 58:
Chapter 2: Getting Started on how t
Page 59 and 60:
Chapter 2: Getting Started To start
Page 61 and 62:
Ensuring a Seamless User Experience
Page 63 and 64:
Figure 2-11 Chapter 2: Getting Star
Page 65 and 66:
} myListView.setAdapter(aa); Chapte
Page 67 and 68:
Chapter 2: Getting Started A number
Page 69 and 70:
Creating Applications and Activitie
Page 71 and 72:
Chapter 3: Creating Applications an
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Creating Resources Chapter 3: Creat
Page 79 and 80:
❑ ❑ #ARGB #ARRGGBB Chapter 3: C
Page 81 and 82:
Page 83 and 84:
android:startOffset=”500” andro
Page 85 and 86:
Referencing Resources in Resources
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
} } Chapter 3: Creating Application
Page 97:
Page 100 and 101:
Chapter 4: Creating User Interfaces
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Chapter 5: Intents, Broadcast Recei
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 183 and 184:
Data Storage, Retrieval, and Sharin
Page 185 and 186:
Chapter 6: Data Storage, Retrieval,
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
} Chapter 6: Data Storage, Retrieva
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
} } } Chapter 6: Data Storage, Retr
Page 205 and 206:
Querying Your Database Chapter 6: D
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
} // Open or create the database to
Page 213 and 214:
Page 215 and 216:
Adding, Updating, and Deleting Cont
Page 217 and 218:
Page 219 and 220:
Page 221 and 222:
} } Chapter 6: Data Storage, Retrie
Page 223 and 224:
Page 225 and 226:
Page 227 and 228:
} } break; Chapter 6: Data Storage,
Page 229 and 230:
Page 231 and 232:
Maps, Geocoding, and Location-Based
Page 233 and 234:
Chapter 7: Maps, Geocoding, and Loc
Page 235 and 236:
} Chapter 7: Maps, Geocoding, and L
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
Page 263 and 264:
Page 265 and 266:
Page 267 and 268:
Page 269 and 270:
Page 271:
Summary Chapter 7: Maps, Geocoding,
Page 274 and 275:
Chapter 8: Working in the Backgroun
Page 276 and 277:
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
Page 284 and 285:
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
Page 292 and 293:
Page 294 and 295:
Page 296 and 297:
Page 298 and 299:
Page 300 and 301:
Page 303 and 304:
Peer-to-Peer Communication In this
Page 305 and 306:
Chapter 9: Peer-to-Peer Communicati
Page 307 and 308:
} Chapter 9: Peer-to-Peer Communica
Page 309 and 310:
Handling Subscription Requests Chap
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Page 325 and 326:
Page 327 and 328: Figure 9-4 Chapter 9: Peer-to-Peer
Page 329 and 330: Chapter 9: Peer-to-Peer Communicati
Page 335 and 336: } Chapter 9: Peer-to-Peer Communica
Page 339 and 340: Accessing Android Hardware Android
Page 341 and 342: Chapter 10: Accessing Android Hardw
Page 343 and 344: content.put(Audio.AudioColumns.DATE
Page 345 and 346: public void onShutter() { // TODO D
Page 355 and 356: public void setPitch(float pitch) {
Page 357 and 358: } setContentView(R.layout.main); Ch
Page 375: Chapter 10: Accessing Android Hardw
Page 380 and 381: Chapter 11: Advanced Android Develo
Page 424 and 425: 400 Android, getting started Androi
Page 426 and 427: 402 databases databases creating ea
Page 428 and 429:
404 interapplication communication
Page 430 and 431:
406 passing custom class objects pa
Page 432 and 433:
408 synchronizing threads synchroni
Page 435 and 436:
Programmer to Programmer Get more
show all

Android™ Application Development - Bahar Ali Khan

Create successful ePaper yourself

Delete template?

Save as template?