QtMobility Reference Documentation

QAbstractSecuritySession Class Reference

The QAbstractSecuritySession class provides a generic mechanism to enable permission checks for services. More...

 #include <QAbstractSecuritySession>

Inherits: QObject.

This class was introduced in Qt Mobility 1.0.

Public Functions

QAbstractSecuritySession ( QObject * parent = 0 )
virtual ~QAbstractSecuritySession ()
virtual bool isAllowed ( const QStringList & capabilities ) = 0
  • 29 public functions inherited from QObject

Additional Inherited Members

  • 1 property inherited from QObject
  • 1 public slot inherited from QObject
  • 1 signal inherited from QObject
  • 1 public variable inherited from QObject
  • 4 static public members inherited from QObject
  • 7 protected functions inherited from QObject
  • 2 protected variables inherited from QObject

Detailed Description

The QAbstractSecuritySession class provides a generic mechanism to enable permission checks for services.

QAbstractSecuritySession describes the abstract interface that security/permission engines must implement in order to provide capability related functionality.

A QAbstractSecuritySession encapsulates the service client's capabilities. QServiceManager can match those capabilities with the capabilities required by a particular service. Service capabilities are declared via the services XML description.

The use of a security session is not mandated by the service manager. If the client is passing a security session object QServiceManager ensures that the permissions are checked before the requested service is loaded and forwards the session to the service in case the service intends to implement additional checks. If no security session is passed to QServiceManager capability checks are not performed. Note that the security session is no substitute for platform security such as control over a processes ability to load arbitrary plug-ins.

Since the service loader controls whether a security session is passed to the QServiceManager instance it is assumed that the calling context can be trusted. Possible use cases for a security session could be arbitrary Javascript applications which run within a trusted browser environment. The QAbstractSecuritySession interface would allow the browser to provide access to platform services while at the same time being able to ensure that certain Javascript application (depending on e.g their context, URL or signatures) can not access more sensitive system services.

Framework clients with purely native code bases are likely to never have any security sessions.

See also QServiceManager and QServicePluginInterface.

Member Function Documentation

QAbstractSecuritySession::QAbstractSecuritySession ( QObject * parent = 0 )

Constructs an abstract security session with the given parent.

QAbstractSecuritySession::~QAbstractSecuritySession () [virtual]

Destroys the abstract security session.

bool QAbstractSecuritySession::isAllowed ( const QStringList & capabilities ) [pure virtual]

Returns true if the security session has sufficient rights to access the required service capabilities.

This function was introduced in Qt Mobility 1.0.

X

Thank you for giving your feedback.

Make sure it is related to this specific page. For more general bugs and requests, please use the Qt Bug Tracker.