Hi Lakshman, With respect to EMM space, I think that this requirement should be handled from device policy level.
FYI, a device policy is a set of configurations that we set to be published for a number of devices based on Roles and Users. If we think about this requirement too in the same way, it is a application level configuration that we publish for a set of devices based on Roles and Users. Therefore, It seems that you can integrate this use case with the existing device policy UI [1] as two more feature additions to the "Configure Profile" section. i.e. One feature for White Listed Apps and the other for Black Listed Apps. Thanks, Dilan. *Dilan U. Ariyaratne* Software Engineer WSO2 Inc. <http://wso2.com/> Mobile: +94725197942 lean . enterprise . middleware On Tue, Feb 2, 2016 at 5:47 PM, Lakshman Udayakantha <lakshm...@wso2.com> wrote: > [adding Dakshika] > > On Tue, Feb 2, 2016 at 5:45 PM, Lakshman Udayakantha <lakshm...@wso2.com> > wrote: > >> Hi All, >> >> @KasunD/PrabathA: Thanks for your suggestions. I will check for methods >> to block application installations for lower api level than 23 also. >> I have created mockup UIs to create, edit , view lists which should be >> added to app publisher UI and attached mockup UIs to this mail. >> @UX team: Could you do a quick review and make suggestions to make them >> better. >> >> >> Thanks >> >> On Tue, Feb 2, 2016 at 9:54 AM, Harshan Liyanage <hars...@wso2.com> >> wrote: >> >>> Hi Inosh, >>> >>> There may be some cases where enterprises need to have application >>> policies for individual users. But I think that scenario is very unlikely. >>> If we take an organization, every user will map to one or more user-roles. >>> There might be situations where a role has only one user (i.e like CEO, >>> MD). But still we can achieve it via the application policies for >>> user-roles. >>> >>> Thanks, >>> >>> Harshan Liyanage >>> Software Engineer >>> Mobile: *+94724423048* >>> Email: hars...@wso2.com >>> Blog : http://harshanliyanage.blogspot.com/ >>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>> lean.enterprise.middleware. >>> >>> On Tue, Feb 2, 2016 at 9:37 AM, Inosh Perera <ino...@wso2.com> wrote: >>> >>>> Hi all, >>>> >>>> Role based application restriction will be provided. Administrator will >>>> define a list of applications as a black list and a set of roles which is >>>> to be restricted to the application, along with the applications. >>>> Is there any particular reason for not having application policies for >>>> individual users? >>>> >>>> Regards, >>>> Inosh >>>> >>>> On Mon, Feb 1, 2016 at 11:05 PM, Prabath Abeysekera <praba...@wso2.com> >>>> wrote: >>>> >>>>> >>>>> On Mon, Feb 1, 2016 at 6:14 PM, Kasun Dananjaya Delgolla < >>>>> kas...@wso2.com> wrote: >>>>> >>>>>> Hi Lakshman, >>>>>> >>>>>> In terms of Android you can use blocking APIs[1] in Marshmallow SDK >>>>>> (SDK 23) to achieve this. We already use DevicePolicyManager API so you >>>>>> can >>>>>> straightaway add these new stuff into the same android agent API layer. >>>>>> Also for older API levels ( < 23) earlier we used a mechanism just to >>>>>> warn >>>>>> the user if a blacklisted app is installed on the device since blocking >>>>>> of >>>>>> apps is not supported in those API levels. >>>>>> >>>>> >>>>> We might need to dig slightly deep into some of the APIs around and >>>>> see if we've already got anything to mimic what's done in >>>>> DevicePolicyManager, which is part of Marshmallow SDK; in previous >>>>> versions >>>>> of Android SDK. So, please check if there's any mechanism that'd >>>>> potentially allow us to go beyond merely warning the user when a >>>>> blacklisted application is installed and then block the installation >>>>> completely particularly targeting SDKs < 23. >>>>> >>>>> Cheers, >>>>> Prabath >>>>> >>>>> >>>>>> >>>>>> One more thing, we can add this to the system app which I'm in the >>>>>> process of building. Then we can enable COPE (rooted/system access >>>>>> granted) >>>>>> devices to blacklist/whitelist apps even though the API level is < 23. >>>>>> >>>>>> [1] - >>>>>> http://developer.android.com/reference/android/app/admin/DevicePolicyManager.html >>>>>> >>>>>> Thanks >>>>>> >>>>>> On Mon, Feb 1, 2016 at 5:50 PM, Lakshman Udayakantha < >>>>>> lakshm...@wso2.com> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> There is a requirement to implement application white listing and >>>>>>> application black listing support in Enterprise Mobility Manager. >>>>>>> Application white listing means creating a list of applications which >>>>>>> are >>>>>>> only allowed to run on mobile devices which are connected to EMM. >>>>>>> Application blacklisting is the opposite meaning in which there is a >>>>>>> list >>>>>>> of applications which are only not allowed to run on mobile devices >>>>>>> which >>>>>>> connected to EMM. >>>>>>> As a solution for this we thought to introduce a configuration to >>>>>>> identify black listing, white listing enabled or not and exactly which >>>>>>> listing is enabled and If each configuration enabled separately EMM will >>>>>>> behave in following manner. >>>>>>> >>>>>>> If ABL enabled, >>>>>>> >>>>>>> Role based application restriction will be provided. Administrator >>>>>>> will define a list of applications as a black list and a set of roles >>>>>>> which >>>>>>> is to be restricted to the application, along with the applications. >>>>>>> >>>>>>> If AWL enabled, >>>>>>> >>>>>>> Administrator will check specific list of applications from admin >>>>>>> UI. Only these applications will load on app store. Other means of >>>>>>> applications installing will be blocked. >>>>>>> 1. Blocking side-loading. >>>>>>> 2. Third party app store blocking except EMM app store. >>>>>>> 3. Google Play app blocking >>>>>>> >>>>>>> Any suggestions and thoughts are highly appreciated. >>>>>>> >>>>>>> Thanks >>>>>>> -- >>>>>>> Lakshman Udayakantha >>>>>>> WSO2 Inc. www.wso2.com >>>>>>> lean.enterprise.middleware >>>>>>> Mobile: *0714388124 <0714388124>* >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Kasun Dananjaya Delgolla >>>>>> >>>>>> Software Engineer >>>>>> WSO2 Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> Tel: +94 11 214 5345 >>>>>> Fax: +94 11 2145300 >>>>>> Mob: + 94 771 771 015 >>>>>> Blog: http://kddcodingparadise.blogspot.com >>>>>> Linkedin: *http://lk.linkedin.com/in/kasundananjaya >>>>>> <http://lk.linkedin.com/in/kasundananjaya>* >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> Architecture@wso2.org >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Prabath Abeysekara >>>>> Technical Lead >>>>> WSO2 Inc. >>>>> Email: praba...@wso2.com >>>>> Mobile: +94774171471 >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> Architecture@wso2.org >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Inosh Perera >>>> Software Engineer, WSO2 Inc. >>>> Tel: 077813 7285, 0785293686 >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> Architecture@wso2.org >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Lakshman Udayakantha >> WSO2 Inc. www.wso2.com >> lean.enterprise.middleware >> Mobile: *0714388124* >> >> > > > -- > Lakshman Udayakantha > WSO2 Inc. www.wso2.com > lean.enterprise.middleware > Mobile: *0714388124* > > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
