本文是小编为大家收集整理的关于在APK文件中嵌入登录信息,对每个用户都不同(或其他选项?)的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。
问题描述
我们已被要求在Android上为具有现有网站,现有用户的公司创建一个薄的Web客户端.
他们想向他们的用户发送彩信,给每个用户自己的下载URL.此URL将指向已为该用户创建的Android APK文件 - 它将包括该用户的登录名和密码到网站.
i.e. APK文件将嵌入登录详细信息.
这将通过在jdk文件中存储信息来完成J2ME.
我可以在如何在APK中更新资源文件中的simlar/a> - 但没有完全回答.
SO:
-
是否有一种方法可以在APK文件中存储"资产",该文件将是文本文件,并且通过解压缩,编辑,重新提交APK文件来轻松地编辑? (看起来答案是否)
-
您是否知道任何类似的问题,或者在类似的应用程序上工作?
-
是否有关于如何最好地完成此应用程序的建议?在自动级别嵌入客户信息的任何嵌入都会感兴趣...
-
将是最佳选择是使用ANT脚本设置应用程序以构建,并让客户端实际自定义源代码并每个用户构建新的应用程序? (这具有客户端获取源代码的配置,我们宁愿没有)
我已经扫描了APK标记的问题,似乎无法找到解决方案.
非常感谢, 理查德
推荐答案
我猜你可以将它放入apk(或替换虚拟文件)如果使用资产文件夹.
您可以通过filename获取数据,而是资源-id非常简单: getResources().getAssets().open(fileName)
问候, oliver
其他推荐答案
如果它绝对是,请考虑将两个apks分发,其中一个apks,另一个包含具有手机特定信息的文件.使用相同的密钥签名,将它们安排到
其余的这可能属于评论而不是这个答案,但我看到你被要求做的事情很多:
- 在需要的情况下,关于其他应用程序的标准行为有需要在需要时询问登录和密码,然后记住它.
- 如果用户在客户的网站上更改密码,他必须为他的设备获得新的APK,而不是只需要重新认证.
- 应用程序的任何更改都需要生成和安装每个用户的新APK.
- 所有这一切都需要一些不知不觉的用户与其他人共享他的独特APK,并且您的整个安全模型朝向管道.
- 较少相关,但仍然很重要:如果您的客户能够从他们存储的内容重建明文密码,我质疑他们的安全方案.
问题描述
We've been asked to create a thin web client on Android for a company with an existing web site, existing users.
They want to send an mms to their users, giving each user their own download URL. This URL will point to an Android apk file that has been created specifically for that user - it will include that user's login, and password, to the website.
i.e. the APK file would have embedded login details.
This would be done in J2ME by storing info in the JDK file.
I can see a simlar question on How to update resources file in apk - but not fully answered.
So:
is there a way to store an "asset" in the apk file that will be a text file, and easily editable by unzipping, editing, rezipping the apk file? (looks like answer is no)
do you know of any similar problems, or have worked on similar apps?
is there advice on how best to accomplish this application? Any sort of embedding of customer info on an automated level would be of interest...
would the best option be to set the app to build with an Ant script, and have the client actually customize the source code and build a new app per user? (this has the con that the client gets the source code, which we'd rather not have)
I have scanned apk tagged questions and can't seem to find a solution to this.
Many thanks, Richard
推荐答案
I guess you could put it into the apk (or replace a dummy file there) if you use the assets folder for it.
You can obtain the data by filename instead resource-id quite easy: getResources().getAssets().open(fileName)
Regards, Oliver
其他推荐答案
If it absolutely has to be that way, consider distributing two APKs, one with the application and the other containing a file with the handset-specific information. Sign them both with the same key, arrange for them to share a UID and the application will be able to read the file as if it were its own.
The rest of this probably belongs in a comment and not this answer, but I see lots of problems with what you're being asked to do:
- The standard behavior for just about every other application out there is to ask for a login and password once when needed and then remember it.
- If the user changes his password on your customer's web site, he has to get a new APK for his device instead of just having to reauthenticate.
- Any changes to the application will require generation and installation of a new APK for each user.
- All it would take is some unwitting user sharing his unique APK with someone else and your whole security model goes right down the tubes.
- Less relevant, but still important: If your customer is able to reconstitute a plaintext password from what they have stored, I question their security scheme.
更多相关问答
联系站长