Hi Inosh, There may be some cases where enterprises need to have application policies for individual users. But I think that scenario is very unlikely. If we take an organization, every user will map to one or more user-roles. There might be situations where a role has only one user (i.e like CEO, MD). But still we can achieve it via the application policies for user-roles.
Thanks, Harshan Liyanage Software Engineer Mobile: *+94724423048* Email: hars...@wso2.com Blog : http://harshanliyanage.blogspot.com/ *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. On Tue, Feb 2, 2016 at 9:37 AM, Inosh Perera <ino...@wso2.com> wrote: > Hi all, > > Role based application restriction will be provided. Administrator will > define a list of applications as a black list and a set of roles which is > to be restricted to the application, along with the applications. > Is there any particular reason for not having application policies for > individual users? > > Regards, > Inosh > > On Mon, Feb 1, 2016 at 11:05 PM, Prabath Abeysekera <praba...@wso2.com> > wrote: > >> >> On Mon, Feb 1, 2016 at 6:14 PM, Kasun Dananjaya Delgolla <kas...@wso2.com >> > wrote: >> >>> Hi Lakshman, >>> >>> In terms of Android you can use blocking APIs[1] in Marshmallow SDK (SDK >>> 23) to achieve this. We already use DevicePolicyManager API so you can >>> straightaway add these new stuff into the same android agent API layer. >>> Also for older API levels ( < 23) earlier we used a mechanism just to warn >>> the user if a blacklisted app is installed on the device since blocking of >>> apps is not supported in those API levels. >>> >> >> We might need to dig slightly deep into some of the APIs around and see >> if we've already got anything to mimic what's done in DevicePolicyManager, >> which is part of Marshmallow SDK; in previous versions of Android SDK. So, >> please check if there's any mechanism that'd potentially allow us to go >> beyond merely warning the user when a blacklisted application is installed >> and then block the installation completely particularly targeting SDKs < 23. >> >> Cheers, >> Prabath >> >> >>> >>> One more thing, we can add this to the system app which I'm in the >>> process of building. Then we can enable COPE (rooted/system access granted) >>> devices to blacklist/whitelist apps even though the API level is < 23. >>> >>> [1] - >>> http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html >>> >>> Thanks >>> >>> On Mon, Feb 1, 2016 at 5:50 PM, Lakshman Udayakantha <lakshm...@wso2.com >>> > wrote: >>> >>>> Hi, >>>> >>>> There is a requirement to implement application white listing and >>>> application black listing support in Enterprise Mobility Manager. >>>> Application white listing means creating a list of applications which are >>>> only allowed to run on mobile devices which are connected to EMM. >>>> Application blacklisting is the opposite meaning in which there is a list >>>> of applications which are only not allowed to run on mobile devices which >>>> connected to EMM. >>>> As a solution for this we thought to introduce a configuration to >>>> identify black listing, white listing enabled or not and exactly which >>>> listing is enabled and If each configuration enabled separately EMM will >>>> behave in following manner. >>>> >>>> If ABL enabled, >>>> >>>> Role based application restriction will be provided. Administrator will >>>> define a list of applications as a black list and a set of roles which is >>>> to be restricted to the application, along with the applications. >>>> >>>> If AWL enabled, >>>> >>>> Administrator will check specific list of applications from admin UI. >>>> Only these applications will load on app store. Other means of applications >>>> installing will be blocked. >>>> 1. Blocking side-loading. >>>> 2. Third party app store blocking except EMM app store. >>>> 3. Google Play app blocking >>>> >>>> Any suggestions and thoughts are highly appreciated. >>>> >>>> Thanks >>>> -- >>>> Lakshman Udayakantha >>>> WSO2 Inc. www.wso2.com >>>> lean.enterprise.middleware >>>> Mobile: *0714388124 <0714388124>* >>>> >>>> >>> >>> >>> -- >>> Kasun Dananjaya Delgolla >>> >>> Software Engineer >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> Tel: +94 11 214 5345 >>> Fax: +94 11 2145300 >>> Mob: + 94 771 771 015 >>> Blog: http://kddcodingparadise.blogspot.com >>> Linkedin: *http://lk.linkedin.com/in/kasundananjaya >>> <http://lk.linkedin.com/in/kasundananjaya>* >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Prabath Abeysekara >> Technical Lead >> WSO2 Inc. >> Email: praba...@wso2.com >> Mobile: +94774171471 >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Inosh Perera > Software Engineer, WSO2 Inc. > Tel: 077813 7285, 0785293686 > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
