Apps for download should be protected with same privileges as rights to install. How was this done in EMM 1.0.0?
Write a Jaggery module control access to mobile apps folder. On Fri, Mar 13, 2015 at 11:08 AM, Chathura Dilan <[email protected]> wrote: > Hi Dilshan, > > AFAIK devices directly access the link in the AppM to download apps and we > do not expose that link directly to the users. Is it possible to send > authorized headers to the AppM through mobile devices and what about a > special case like iOS? if that is fine we can have a discussion about that. > > On Fri, Mar 13, 2015 at 10:46 AM, Dilshan Edirisuriya <[email protected]> > wrote: > >> Hi Dilan, >> >> By giving links to download binaries will allow any user to download it >> to their mobile phones. Why not introduce a server side endpoint and do the >> authorization before downloading and allow it to download the binary >> through the service endpoint with proper content type? Just like we do for >> JSP file downlands. >> >> Regards, >> >> Dilshan >> >> On Sat, Mar 7, 2015 at 5:08 PM, Chathura Dilan <[email protected]> >> wrote: >> >>> Hi Dilshan, >>> >>> Currently they are stored in repository/resources/mobileapps directory, >>> and they are served through a jaggery page as binary files. As a security >>> measurement for AppM 1.0.0 we are storing those images and binaries with >>> random names which are impossible to guess. >>> >>> For images, that is the only way to protect them because they are >>> accessible through web and there is no way to stop distributing images once >>> you grant access of them to users. Only what we can do is disabling >>> hotlinking of images. >>> >>> Mobile binary files are only downloadable through mobile devices so we >>> can somehow hide those links from users, but there is no way to protect >>> them from eavesdropping IMO. From next version of AppM, we thought of >>> having an extra security measurement by introducing single use download >>> links for mobile binaries. >>> >>> >>> On Sat, Mar 7, 2015 at 1:03 AM, Dilshan Edirisuriya <[email protected]> >>> wrote: >>> >>>> Hi Dilan, >>>> >>>> Where do you store images and application binaries? When it comes to >>>> application binaries it seems anyone can download it when they have the >>>> above url. How do we prevent that? >>>> >>>> Regards, >>>> >>>> Dilshan >>>> >>>> On Thu, Mar 5, 2015 at 7:52 AM, Chathura Dilan <[email protected]> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> To provide app information to CDM, we decided to developed a Jax-RS >>>>> web service. This web service will be connected to CDM through mutual >>>>> auth. >>>>> >>>>> The information about web service as follows >>>>> >>>>> *Path* >>>>> >>>>> GET mobileapp-services/v1/apps >>>>> >>>>> *Parameters* >>>>> >>>>> >>>>> >>>>> *Name* >>>>> >>>>> *Located in* >>>>> >>>>> *Description* >>>>> >>>>> *Required* >>>>> >>>>> *Type* >>>>> >>>>> q >>>>> >>>>> query >>>>> >>>>> Search the app by name >>>>> >>>>> false >>>>> >>>>> string >>>>> >>>>> limit >>>>> >>>>> query >>>>> >>>>> Number of records to be displayed >>>>> >>>>> false >>>>> >>>>> number >>>>> >>>>> offset >>>>> >>>>> query >>>>> >>>>> Offset of the app list >>>>> >>>>> false >>>>> >>>>> number >>>>> >>>>> >>>>> >>>>> *Responses* >>>>> >>>>> *Status 200* >>>>> >>>>> Sample Response >>>>> >>>>> { >>>>> "apps": [ >>>>> { >>>>> "id": "Szqw45623", >>>>> "name": "WSO2 Con", >>>>> "type": "entrpirse", >>>>> "platform": "android", >>>>> "version": 1, >>>>> "location": "https://192.168.1.1:9443/apps/app.apk";, >>>>> "iconImage": "https://192.168.1.1:9443/images/app.png";, >>>>> "packageName": "com.wso2.conapp", >>>>> "identifier": "com.wso2.conapp" >>>>> }, >>>>> { >>>>> "id": "R456xxEr", >>>>> "name": "Antivirus", >>>>> "type": "public", >>>>> "platform": "android", >>>>> "version": 1, >>>>> "iconImage": "https://192.168.1.1:9443/images/app1.png";, >>>>> "packageName": "com.wso2.antiv", >>>>> "identifier": "com.wso2.antiv" >>>>> }, >>>>> { >>>>> "id": "DD4567we", >>>>> "name": "WSO2 Dinner on Demand", >>>>> "type": "public", >>>>> "platform": "ios", >>>>> "version": 2, >>>>> "iconImage": "https://192.168.1.1:9443/images/app.png";, >>>>> "appIdentifier": "com.wso2.dod", >>>>> "identifier": "com.wso2.dod" >>>>> }, >>>>> { >>>>> "id": "Tyere34343", >>>>> "name": "WSO2 Sports", >>>>> "type": "webapp", >>>>> "platform": "all", >>>>> "version": 2, >>>>> "location": "https://192.168.1.1:9443/apps/webapp";, >>>>> "iconImage": "https://192.168.1.1:9443/images/app.png";, >>>>> "identifier": "https://192.168.1.1:9443/apps/webapp"; >>>>> } >>>>> ], >>>>> "query": { >>>>> "status": "ok", >>>>> "found": 4, >>>>> "length": 10, >>>>> "offset": 110, >>>>> "total": 114 >>>>> } >>>>> } >>>>> >>>>> >>>>> Also Please mention if you need any search queries for this version of >>>>> the API >>>>> >>>>> -- >>>>> Regards, >>>>> >>>>> Chatura Dilan Perera >>>>> *(Senior Software Engineer** - WSO2 Inc.**)* >>>>> www.dilan.me >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Dilshan Edirisuriya >>>> Senior Software Engineer - WSO2 >>>> Mob: + 94 777878905 >>>> http://wso2.com/ >>>> https://www.linkedin.com/profile/view?id=50486426 >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> Regards, >>> >>> Chatura Dilan Perera >>> *(Senior Software Engineer** - WSO2 Inc.**)* >>> www.dilan.me >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Dilshan Edirisuriya >> Senior Software Engineer - WSO2 >> Mob: + 94 777878905 >> http://wso2.com/ >> https://www.linkedin.com/profile/view?id=50486426 >> > > > > -- > Regards, > > Chatura Dilan Perera > *(Senior Software Engineer** - WSO2 Inc.**)* > www.dilan.me > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- /sumedha m: +94 773017743 b : bit.ly/sumedha
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
![https://192.168.1.1:9443/images/app.png"](https://192.168.1.1:9443/images/app.png"){kind=link}
![https://192.168.1.1:9443/images/app1.png"](https://192.168.1.1:9443/images/app1.png"){kind=link}