...
Via the signature - A permission that the system grants only if the requesting application is signed with the same certificate as the application that is declared in the permission.
Info For more information on securing the communication, see <permissions> on the Android Developer documents.
- Check the package name of the agent who makes the call to verify that it’s a request from the EMM Agent application.
Follow the steps given below below to configure the system service Android application with WSO2 EMM:
- Build the system service.
- Download the source code.
- The system service app can not be built via the usual android developer SDK, as it requires access to developer restricted APIs. Therefore, you need to replace the existing android.jar file that is under the
<SDK_LOCATION>/platforms/android-<COMPILE_SDK_VERSION>
directory with the explicitly built android.jar with granted access to restricted APIs. You can do this by following any of the methods given below:- Download the Android Open Source Project (AOSP) and build the source code to get the jar file in the required format.
- Download the already built JAR files from GitHub.
- Open the system service app source code via Android Studio and run it as a usual android application.
Sign the system service.
Sign the application via the device firmware signing key. If you don’t have access to the firmware signing key, you have to sign your system app via a device vendor.Info For more information of singing the system service, see Signing Your Applications.
Install the system service application by following any of the methods given below:
The system service application will be available out of the box with your firmware distribution, if you have your own firmware.
Copy the signed system service APK file inside
/system/priv-apps
directory of the device.When the device boots or restarts for the first time, it will automatically install the app as a system application.
Install the system service application externally via an Android Debug Bridge command.
Info For more information on how this takes place on WSO2 EMM, see Configuring the WSO2 EMM service application
- Enable system service invocations through the EMM Agent application
Navigate to the
Constants.java
class, which is in theorg.wso2.emm.agent.utils
package and configure theSYSTEM_APP_ENABLED
field as follows:Code Block
4. Enabling system service invocations through the EMM Agent application
To enable system service invocations via the EMM Agent app, you should make the following configuration changes to the EMM Agent application.
Set the SYSTEM_APP_ENABLED parameter to “true” in the Constants.java class, which is in the org.wso2.emm.agent.utils package.
Rebuild the agent application.
5. Operations supported by the system service
Device Reboot
Firmware upgrade
Silent app installation/removal
- Enforcing security policies - user restrictions