Friday, April 1, 2016

Remote Service deny permission onBind

By Hường Hana 12:00 AM , , , Leave a Comment

I have a remote service, which external applications can bind to. There are situations where I may wish to decline the binding. According to the documentation,

Return the communication channel to the service. May return null if clients can not bind to the service.

@Override public IBinder onBind(final Intent intent) {     return null; }

Returning null does indeed not return an IBinder object and therefore prevents the connection, however the calling application does not correctly receive this 'information'.

boolean bound = context.bindService(intent, serviceConnection, flagsHere);

Whether returning null or not from the Service, this always returns true?

According to the documentation,

Returns - If you have successfully bound to the service, true is returned; false is returned if the connection is not made so you will not receive the service object

I had assumed that returning null from onBind would have caused bindService to return false. Assumptions are never a good idea...

Returning null does however prevent the ServiceConnection from being instantiated invoked, but a consequence of this would be no option to check if the binder is in fact null in onServiceConnected.

So, my question - How does an application 'know' if the binding request has been denied?

Additionally, if I decide on the fly that a request to onRebind (having previously returned true from onUnbind) should be declined, I seem to be unable to override the behaviour to prevent this:

@Override public void onRebind(final Intent intent) {      if (shouldAllowRebind(intent)) {         super.onRebind(intent);     } else {         // ?     } }

I hope someone can shed some light for me. Thanks in advance.

1 Answers

Answers 1

You probably have to create a workaround. I see two options here:

  • Return a Binder without any functionality if the request should be denied. The client then has to check if the wanted functionality is there. (probably with instanceof).
  • Always return the same Binder, but let every method throw an Exception (e.g. SecurityException) if the call is not permitted. (This was also suggested by @CommonsWare in the comments)

I would personnaly prefer the second approach as it is more flexible. (e.g. allows per-call permit/deny, solves the problem of denying stuff after a rebind, etc.)

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment