You can grab the PID of the remote process, and from there, you can grab the package on the other end, and from that you can grab the public key that was used to sign it, and check against what you expected.
-Yuliy On Tue, Jul 6, 2010 at 3:10 AM, Raj <[email protected]> wrote: > Hi, > > I'm new to android and currently trying to write two simple > applications: a client and a server. > The client sends a hello in an intent (startactivity_for_result) to > which the server responds with a message. > Is there a way for the server to reliably check from the received > intent that the intent was indeed sent by my client and not by some > other application on the phone? I tried different methods, for > instance, to get the package name of the client sending the intent > (since the package name is known to me), but couldn't get this info > from the intent. > > From the android documentation i see that you check only if a > particular intent was granted the necessary permission by Android. > There is nothing about the "identity" of the intent sending app. > > Is there way to authenticate the apps sending intents at the handling > side? > > Cheers, > Raj > >
