Developers
Local Navigation
Mike Kirkup, Research In Motion
With the introduction of Application Control in BlackBerry® Handheld Software version 3.8 and version 4.0, it is important for developers to be aware of what Application Control does and its impact on an application.
Topics within this section include:
- Application Control
- Interprocess Communication
- Internal Connections
- External Connections
- Local Connections (USB or Serial Port)
- Handheld KeyStore
- Bluetooth® Serial Port Profile
- Email API Access
- PIM API Access
- Phone API Access
- Event Injector API
- Browser Filters API
Application Control
Application Control is designed to provide an IT Administrator with the ability to establish what capabilities an application should have when executing on a specific BlackBerry device. It is important to note that Application Control can only be effective when the BlackBerry device is connected to the BlackBerry Enterprise Server within an enterprise setting.
For example, Application Control would allow the IT Administrator to ensure that a game loaded onto a device is not allowed to access the Phone API. This article will list the different areas that are currently covered by Application Control, what method call in that API will invoke the Application Control check and how application developers should modify their code to properly handle these checks.
In the case where the IT Administrator or BlackBerry device user have denied the application access to one of the protected areas, the associated method will throw a ControlledAccessException. In the case of class level checks, it will throw a ClassDefNotFoundError. The ClassDefNotFoundError occurs in JavaTM when an exception is thrown from a static constructor. Your application will need to handle both of these types of errors depending on what APIs you attempt to use.
Application Control currently covers the following areas:
Interprocess Communication
Definition:
- Interprocess communication refers to allowing an application to access methods or APIs that would provide an application with the ability to share information with another process application on the BlackBerry device.
Default:
- Allowed
Methods and APIs:
- Application.addGlobalEventListener
- RuntimeStore
- StringPatternRepository
Internal Connections
Definition:
- An internal connection is defined as one that would be able to retrieve information inside the firewall. The most notable example of an internal connection would be a connection via the BlackBerry Mobile Data Service, which is typically located behind the firewall.
Default:
- Prompt
Methods and APIs:
- Connector.open
External Connections
Definition:
- An external connection is defined as one that would not be able to retrieve information from inside the firewall. Common examples of an external connection would be Direct TCP and WAP.
Default:
- Prompt
Methods and APIs:
- Connector.open
Local Connections (USB or Serial Port)
Definition:
- A local connection is defined as one that involves one of the local ports on the device such as the USB or Serial port.
Default:
- Allow
Methods and APIs:
- SerialPort
- USBPort
Handheld KeyStore
Definition:
- The Handheld KeyStore is defined as part of the net.rim.device.api.crypto.keystore API. This policy is designed to determine whether applications are allowed to access the keystore. The keystore contains certificates, public keys and private keys for the user.
Default:
- Allow
Methods and APIs:
- DeviceKeyStore
Bluetooth® Serial Port Profile
Definition:
- On BlackBerry devices that support Bluetooth there is an API which provides the Serial Port Profile (SPP) for Bluetooth.
Default:
- Allow
Methods and APIs:
- BluetoothSerialPort
Email API Access
Definition:
- The email API net.rim.blackberry.api.mail allows applications to access mail stored on the device.
Default:
- Allowed
Methods and APIs:
- Session
- ApplicationMenuItem
PIM API Access
Definition:
- The PIM APIs provide applications with the ability to access PIM information (Contacts, Tasks, and Events) on the device:
- net.rim.blackberry.api.pdap
- net.rim.blackberry.api.pim
- javax. microedition.pim
Default:
- Allowed
Methods and APIs:
- ApplicationMenuItem
Phone API Access
Definition:
- The Phone API net.rim.blackberry.api.phone and the Invoke API net.rim.blackberry.api.invoke provides the application developer with unique capabilities such as invoking the phone application or retrieving the phone logs on the device.
Default:
- Prompt
Methods and APIs:
- Invoke.invokeApplication
- PhoneLogs
Event Injector API
Definition:
- The Event Injector API net.rim.device.api.system.Event Injector allows applications to inject events such as key events and trackwheel events into the system in order to simulate a BlackBerry device user initiating these events.
Default:
- Disallow
Methods and APIs:
- EventInjector
Browser Filters API
Definition:
- The Browser Filters API net.rim.device.api.io.http allows application developers to register fully qualified domain names to have their application invoke when the browser requests content from that domain name. The application can then add, remove or otherwise modify content before passing it up to the browser.
Default:
- Disallow
Methods and APIs:
- HttpFilterRegistry.registerFilter
- HttpFilterRegistry.deregisterFilter
Please email your comments, suggestions and editorial submissions to