Runtime Security Manager access policy
The Runtime Security Manager access policy defines:
A set of capabilities (read user data, writer user data, and so on) that are allowed automatically (user is not prompted) or granted to the mobile device user via prompts. See below for a list of capabilities supported for WRT 1.1.
The duration of access. The durations supported for WRT 1.1 are one time (oneshot) or while the widget is launched (session).
The following capabilities are supported for WRT 1.1:
ReadUserData—Grants read access to data confidential to the mobile device user. For example, contacts, messages, appointments, and notes.
WriteUserData—Grants write access to data confidential to the mobile device user.
Location—Grants access to mobile device user location information.
NetworkServices—Grants access to remote services without regard to the mobile device location. For example, voice calls and SMS.
The following table lists the capabilities defined for each SAPI by the default WRT 1.1 access policy. All capabilities are granted for the session.
Javascript Service API |
Capability |
|---|---|
Application Manager |
ReadUserData |
Calendar |
ReadUserData |
WriteUserData |
|
Location |
Location |
Logging |
ReadUserData |
WriteUserData |
|
SystemInfo |
ReadUserData |
Location |
|
Contacts |
ReadUserData |
WriteUserData |
|
Landmarks |
ReadUserData |
WriteUserData |
|
Media Management |
None |
Messaging |
ReadUserData |
WriteUserData |
|
NetworkServices |
For example, the security manager may prompt the mobile device user to allow a widget that was created using the Location Service API to access location information. Access persists while the widget is launched. The security manager prompts the user again the next time the widget is launched.
Figure: Accessing location information prompt