[Android] Make your application a device administrator
Since Android 2.2, new device policy management APIs allow developers to write “device administrator” applications that can control security features of the device, such as the minimum password strength, data wipe, and so on. Users can select the administrators that are enabled on their devices. For more information, see the
android.app.admin
classes or the example application code in DeviceAdminSample.java.
Below is the steps to make an application to be a device administrator:
1: Import android.app.admin.DeviceAdminReceiver and android.app.admin.DevicePolicyManager packages.
2: Add an inner class, which extends DeviceAdminReceiver, to your application.
public static class MyAdmin extends DeviceAdminReceiver {
// implement onEnabled(), onDisabled(), …
}
// implement onEnabled(), onDisabled(), …
}
3: Add below two fields to your application.
DevicePolicyManager mDPM;
ComponentName mAdminName;
ComponentName mAdminName;
4: Initalize above two field variables in the OnCreate() method.
mDPM = (DevicePolicyManager)getSystemService(Context.DEVICE_POLICY_SERVICE);
mAdminName = new ComponentName(this, MyAdmin.class);
mAdminName = new ComponentName(this, MyAdmin.class);
5: Enable the administration somewhere:
if (!mDPM.isAdminActive(mAdminName)) {
// try to become active – must happen here in this activity, to get result
Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,
mAdminName);
intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,
“Additional text explaining why this needs to be added.”);
startActivityForResult(intent, REQUEST_ENABLE);
} else {
// Already is a device administrator, can do security operations now.
mDPM.lockNow();
}
// try to become active – must happen here in this activity, to get result
Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN);
intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN,
mAdminName);
intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION,
“Additional text explaining why this needs to be added.”);
startActivityForResult(intent, REQUEST_ENABLE);
} else {
// Already is a device administrator, can do security operations now.
mDPM.lockNow();
}
Note: The application should check the result of the ACTION_ADD_DEVICE_ADMIN. Add below code lines in the onActivityResult() method:
if (REQUEST_ENABLE == requestCode)
{
if (resultCode == Activity.RESULT_OK) {
// Has become the device administrator.
…
} else {
//Canceled or failed.
…
}
}
{
if (resultCode == Activity.RESULT_OK) {
// Has become the device administrator.
…
} else {
//Canceled or failed.
…
}
}
6. Add a receiver into the AndoidManifest.xml of your application.
<receiver
android:name=”app_class_name$MyAdmin”
android:label=”@string/xxx”
android:description=”@string/xxx”
android:permission=”android.permission.BIND_DEVICE_ADMIN” >
<meta-data
android:name=”android.app.device_admin”
android:resource=”@xml/my_admin” />
<intent-filter>
<action android:name=”android.app.action.DEVICE_ADMIN_ENABLED” />
</intent-filter>
</receiver>
android:name=”app_class_name$MyAdmin”
android:label=”@string/xxx”
android:description=”@string/xxx”
android:permission=”android.permission.BIND_DEVICE_ADMIN” >
<meta-data
android:name=”android.app.device_admin”
android:resource=”@xml/my_admin” />
<intent-filter>
<action android:name=”android.app.action.DEVICE_ADMIN_ENABLED” />
</intent-filter>
</receiver>
Note: The label and description strings should be added in the res/values/strings.xml. The meta-data file should be added to the res/xml/. The my_admin.xml in our example are as follows:
<device-admin xmlns:android="http://schemas.android.com/apk/res/android"> <uses-policies> <limit-password /> <watch-login /> <reset-password /> <force-lock /> <wipe-data /> </uses-policies> </device-admin>