| java.lang.Object | |
| ↳ | com.samsung.android.knox.container.BasePasswordPolicy |
Deprecated in API level 35
This class provides wrapper APIs for DevicePolicyManager APIs, recommended to use only for container password policies.
| API level 11 |
| MDM 5.0 |
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
Not supported since KNOX 3.0. Use
resetContainerPassword(String, int) for CL/COM Knox containers. | |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
Deprecated
in API level 35
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Deprecated in API level 35
API to revoke the current password reset token
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|
true if the operation is successful, false otherwise.| Called by an application that is administering the user to revoke the current token which was
set via #setResetPasswordToken(ComponentName, byte[], int).
The calling device administrator must have requested
USES_POLICY_RESET_PASSWORD to be able to call
this method; if it has not, a security exception will be thrown.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
BasePasswordPolicy passwordPolicy = edm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
// clear reset password token
passwordPolicy.clearResetPasswordToken(enterpriseDeviceAdmin);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
// clear reset password token
passwordPolicy.clearResetPasswordToken(enterpriseDeviceAdmin);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |
Deprecated in API level 35
API to get the current failed password attempts of the container
| Retrieves the number of times the user has failed at entering a
password for the container since that last successful password entry.
The calling device administrator must have requested USES_POLICY_WATCH_LOGIN to be able to call this method; if it has not, a security exception will be thrown. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the features that has been disabled for keyguard.
Determine whether or not features have been disabled in keyguard either by the current admin, if specified, or all admins.
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 15 |
| MDM 5.4 |
| User Scope |
Deprecated in API level 35
API to get the maximum failed passwords for wipe. Retrieves the current maximum number of login attempts that are allowed before the device wipes itself, for all administrators or for a particular one.
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the maximum time to lock
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| Retrieves the current maximum time to unlock for all administrators or a particular one. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the password expiration time of the container
| admin | The name of the administrator component to check, or null to aggregate all administrators. |
|---|
Get the current password expiration time of the container for the given administrator or an aggregate of
all administrators if administrator is null. If the password is expired, this will return the time since
the password expired as a negative number. If administrator is null, then a composite of all
expiration timeouts is returned - which will be the minimum of all timeouts. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the password expiration timeout of the container
| admin | The name of the administrator component to check, or null to aggregate all administrators. |
|---|
Get the password expiration timeout of the container for the given administrator. The expiration timeout is the
recurring expiration timeout provided in the call to
setPasswordExpirationTimeout(ComponentName, long) for the given administrator or the
aggregate of all policy administrators if administrator is null. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the password history length of the container
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| Retrieves the current password history length of the container for all administrators or a particular one. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the password maximum length of the container
| Return the maximum password length that the container supports for a particular password quality. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password length of the container
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| Retrieves the current minimum password length of the container for all administrators or a particular one. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password alphabetical characters of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of letters required in the password of the container for all
administrators or a particular one. This is the same value as
set by setPasswordMinimumLetters(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password lower case alphabetical characters of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of lower case alphabetical characters required in the
password of the container for all administrators or a particular one. This is the same value as
set by setPasswordMinimumLowerCase(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password non-alphabetical characters of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of non-alphabetical characters required in the
password of the container for all administrators or a particular one. This is the same value as
set by setPasswordMinimumNonLetter(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password numeric digits of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of numerical digits required in the password
of the container for all administrators or a particular one. This is the same value as
set by setPasswordMinimumNumeric(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password symbols of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of symbols required in the password of the container for all
administrators or a particular one. This is the same value as
set by setPasswordMinimumSymbols(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the minimum password upper case alphabetical characters of the container
| admin | The name of the administrator component to check, or null to
aggregate all administrators. |
|---|
Retrieves the current number of upper case alphabetical characters of the container required in the
password for all administrators or a particular one. This is the same value as
set by setPasswordMinimumUpperCase(ComponentName, int)
and only applies when the password quality is
PASSWORD_QUALITY_COMPLEX. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get the current password quality of the container
| admin | The name of the administrator component to check, or null to aggregate
all administrators. |
|---|
| Retrieves the current minimum password quality of the container for all administrators or a particular one. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to get trust agent configurations
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| agent | Which component to get enabled features for. This value must never be null. |
Called by an application that is administering the user to get configuration for the given trust agent based on aggregating all
calls to setTrustAgentConfiguration(ComponentName, ComponentName, PersistableBundle) for all device admins. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |
Deprecated in API level 35
API to check if active password is sufficient for the container
true if the password meets the current requirements,
else false.| Determine whether the current password of the container, the user has set is sufficient
to meet the policy requirements (quality, minimum length) that have been
requested.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to check if the current password token is active.
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|
true if the token is active, false otherwise.| Called by an application that is administering the user to check if the current password token is active |
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |
Deprecated
Not supported since KNOX 3.0. Use resetContainerPassword(String, int) for CL/COM Knox containers.
API to reset password of the container
| password | The new password for the user. |
|---|---|
| flags | May be 0 or RESET_PASSWORD_REQUIRE_ENTRY. |
true if the password was applied, or false if it is
not acceptable for the current constraints.Force a new container unlock password (the password needed to access the
container, not for individual accounts) on the user. This takes effect immediately.
The given password must be sufficient for the
current password quality and length constraints as returned by
getPasswordQuality(ComponentName) and
getPasswordMinimumLength(ComponentName); if it does not meet
these constraints, then it will be rejected and false returned. Note
that the password may be a stronger quality (containing alphanumeric
characters when the requested quality is only numeric), in which case
the currently active quality will be increased to match.
The calling device administrator must have requested
USES_POLICY_RESET_PASSWORD to be able to call
this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
String newPassword = "test123";
// set new password
passwordPolicy.resetPassword(newPassword, 0);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to reset password with token
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| password | The new password for the user. null or empty clears the password. |
| token | the password reset token previously provisioned by setResetPasswordToken(ComponentName, byte[]). |
| flags | May be 0 or combiation of RESET_PASSWORD_REQUIRE_ENTRY and RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT. |
true if the password was applied, or false if it is
not acceptable for the current constraints.| Force a new unlock password on the user.
Unlike resetPassword(String, int), this API can change the password even before the user or
decrypted. The supplied token must have been previously provisioned via setResetPasswordToken(ComponentName, byte[]),
and in active state isResetPasswordTokenActive(ComponentName).
The given password must be sufficient for the current password quality and length constraints as returned by getPasswordQuality(ComponentName) and
getPasswordMinimumLength(ComponentName); if it does not meet
these constraints, then it will be rejected and false returned. Note
that the password may be a stronger quality,
for example, a password containing alphanumeric characters when the requested quality is only numeric.
The calling device administrator must have requested
USES_POLICY_RESET_PASSWORD to be able to call
this method; if it has not, a security exception will be thrown.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
BasePasswordPolicy passwordPolicy = edm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
byte[] token = createToken();
String newPassword = "test123";
// set token before reset password
passwordPolicy.setResetPasswordToken(enterpriseDeviceAdmin, token);
// set new password
passwordPolicy.resetPasswordWithToken(enterpriseDeviceAdmin, newPassword, token, 0);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
byte[] token = createToken();
String newPassword = "test123";
// set token before reset password
passwordPolicy.setResetPasswordToken(enterpriseDeviceAdmin, token);
// set new password
passwordPolicy.resetPasswordWithToken(enterpriseDeviceAdmin, newPassword, token, 0);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |
Deprecated in API level 35
API to set the features need to be disabled for container keyguard.
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| which | KEYGUARD_DISABLE_FEATURES_NONE (default), KEYGUARD_DISABLE_TRUST_AGENTS |
| Called by an application that is administering the device to disable keyguard customizations, such as trust agents. After setting this, keyguard features will be disabled according to the provided feature list. The calling device admin must have requested USES_POLICY_DISABLE_KEYGUARD_FEATURES to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API..
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int which = DevicePolicyManager.KEYGUARD_DISABLE_TRUST_AGENTS;
passwordPolicy.setKeyguardDisabledFeatures(enterpriseDeviceAdmin, which);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 15 |
| MDM 5.4 |
| User Scope |
Deprecated in API level 35
API to set the maximum failed passwords for wipe
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| num | The number of failed password attempts at which point the device will wipe its data. |
| Setting this to a value greater than zero enables a built-in policy
that will perform a device wipe after too many incorrect
device-unlock passwords have been entered. This built-in policy combines
watching for failed passwords and wiping the device, and requires
that you request both USES_POLICY_WATCH_LOGIN and
USES_POLICY_WIPE_DATA.
To implement any other policy (e.g. wiping data for a particular application only, erasing or revoking credentials, or reporting the failure to a server), you should implement onPasswordFailed(Context, android.content.Intent) instead. Do not use this API, because if the maximum count is reached, the device will be wiped immediately, and your callback will not be invoked. Since Knox 2.7.1 the device will not be wiped if com.samsung.android.knox.restriction.RestrictionPolicy#allowFactoryReset(Boolean) is set to false. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int num = 5;
// set failed password attempts before wipe
passwordPolicy.setMaximumFailedPasswordsForWipe(enterpriseDeviceAdmin, num);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the maximum time to lock
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| timeMs | The new desired maximum time to lock in milliseconds. A value of 0 means there is no restriction. |
| Called by an application that is administering the container to set the
maximum time for user activity until the device will lock. This limits
the length that the user can set. It takes effect immediately.
The calling device administrator must have requested USES_POLICY_FORCE_LOCK to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API..
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int timeMs = 500;
// set maximum time to lock
passwordPolicy.setMaximumTimeToLock(enterpriseDeviceAdmin, timeMs);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the password expiration timeout of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| timeout | The limit (in ms) that a password can remain in effect. A value of 0 means there is no restriction (unlimited). |
| Called by a device administrator to set the password expiration timeout of the container. Calling this method
will restart the countdown for password expiration for the given administrator, as will changing
the container password (for all administrators).
The provided timeout is the time delta in ms and will be added to the current time. For example, to have the password expire 5 days from now, timeout would be 5 * 86400 * 1000 = 432000000 ms for timeout. To disable password expiration, a value of 0 may be used for timeout. The calling device administrator must have requested USES_POLICY_EXPIRE_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
long timeout = 432000000;
// set Password expiration timeout
passwordPolicy.setPasswordExpirationTimeout(enterpriseDeviceAdmin, timeout);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the password history length of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired length of password history. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the length
of the password history. After setting this, the user will not be able to
enter a new password that is the same as any password in the history. Note
that the current password will remain until the user has set a new one, so
the change does not take place immediately. To prompt the user for a new
password, use ACTION_SET_NEW_PASSWORD after setting this value.
This constraint is only imposed if the administrator has also requested
either PASSWORD_QUALITY_NUMERIC,
PASSWORD_QUALITY_ALPHABETIC, or
PASSWORD_QUALITY_ALPHANUMERIC with setPasswordQuality(ComponentName, int).
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password history length
passwordPolicy.setPasswordHistoryLength(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password length of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum password length. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum allowed password length. After setting this, the user
will not be able to enter a new password that is not at least as
restrictive as what has been set. Note that the current password
will remain until the user has set a new one, so the change does not
take place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested either
PASSWORD_QUALITY_NUMERIC, PASSWORD_QUALITY_ALPHABETIC
PASSWORD_QUALITY_ALPHANUMERIC, or PASSWORD_QUALITY_COMPLEX
with setPasswordQuality(ComponentName, int).
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum length
passwordPolicy.setPasswordMinimumLength(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password alphabetical characters of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of alphabetical characters required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of alphabetical characters required in the password. After setting this,
the user will not be able to enter a new password that is not at least as
restrictive as what has been set. Note that the current password will
remain until the user has set a new one, so the change does not take
place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested
PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int). The
default value is 1.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum letters
passwordPolicy.setPasswordMinimumLetters(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password lower case alphabetical characters of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of lower case alphabetical characters required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of lower case alphabetical characters required in the password. After
setting this, the user will not be able to enter a new password that is
not at least as restrictive as what has been set. Note that the current
password will remain until the user has set a new one, so the change does
not take place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested
PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int). The
default value is 0.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum lower case
passwordPolicy.setPasswordMinimumLowerCase(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password non-letters of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of letters required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of non-letter characters (numerical digits or symbols)
required in the password. After setting this, the user will not be able
to enter a new password that is not at least as restrictive as what has
been set. Note that the current password will remain until the user has
set a new one, so the change does not take place immediately. To prompt
the user for a new password, use ACTION_SET_NEW_PASSWORD after
setting this value. This constraint is only imposed if the administrator
has also requested PASSWORD_QUALITY_COMPLEX with
setPasswordQuality(ComponentName, int). The default value is 0.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum letter
passwordPolicy.setPasswordMinimumNonLetter(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password numeric of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of numerical digits required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of numerical digits required in the password. After
setting this, the user will not be able to enter a new password that is
not at least as restrictive as what has been set. Note that the current
password will remain until the user has set a new one, so the change does
not take place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested
PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int). The
default value is 1.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum numeric
passwordPolicy.setPasswordMinimumNumeric(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password symbols of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of symbols required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of symbols required in the password. After setting this,
the user will not be able to enter a new password that is not at least as
restrictive as what has been set. Note that the current password will
remain until the user has set a new one, so the change does not take
place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested
PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int). The
default value is 1.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum symbols
passwordPolicy.setPasswordMinimumSymbols(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the minimum password upper case alphabetical characters of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| length | The new desired minimum number of upper case alphabetical characters required in the password. A value of 0 means there is no restriction. |
Called by an application that is administering the container to set the
minimum number of upper case alphabetical characters required in the password. After
setting this, the user will not be able to enter a new password that is
not at least as restrictive as what has been set. Note that the current
password will remain until the user has set a new one, so the change does
not take place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value. This
constraint is only imposed if the administrator has also requested
PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int). The
default value is 0.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int length = 5;
// set Password minimum upper case
passwordPolicy.setPasswordMinimumUpperCase(enterpriseDeviceAdmin, length);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission which has a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set the password quality of the container
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| quality | The new desired quality. One of PASSWORD_QUALITY_UNSPECIFIED, PASSWORD_QUALITY_SOMETHING, PASSWORD_QUALITY_NUMERIC, PASSWORD_QUALITY_ALPHABETIC, PASSWORD_QUALITY_ALPHANUMERIC, PASSWORD_QUALITY_COMPLEX, PASSWORD_QUALITY_NUMERIC_COMPLEX |
| Called by an application that is administering the container to set the
password restrictions it is imposing. After setting this, the user
will not be able to enter a new password that is not at least as
restrictive as what has been set. Note that the current password
will remain until the user has set a new one, so the change does not
take place immediately. To prompt the user for a new password, use
ACTION_SET_NEW_PASSWORD after setting this value.
Quality constants are ordered so that higher values are more restrictive;
thus the highest requested quality constant (between the policy set here,
the user's preference, and any other considerations) is the one that
is in effect.
The calling device administrator must have requested USES_POLICY_LIMIT_PASSWORD to be able to call this method; if it has not, a security exception will be thrown. |
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
int quality = 5;
// set Password Quality
passwordPolicy.setPasswordQuality(enterpriseDeviceAdmin, quality);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 11 |
| MDM 5.0 |
| User Scope |
Deprecated in API level 35
API to set a token before reset password
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| token | a secure token a least 32-byte long, which must be generated by a cryptographically strong random number generator. |
true if the operation is successful, false otherwise.Called by an application that is administering the user to provision a token which can
later be used to reset the lockscreen password via resetPasswordWithToken(ComponentName, String, byte[], int).
If the user currently has a lockscreen password, the provisioned token will not be immediately usable; it only becomes active after the user performs a confirm credential operation, which can be triggered by KeyguardManager.createConfirmDeviceCredentialIntent(CharSequence, CharSequence). If the user has no lockscreen password, the token is activated immediately. In all cases, the active state of the current token can be checked by isResetPasswordTokenActive(ComponentName). For security reasons, un-activated
tokens are only stored in memory and will be lost once the device reboots. In this case a new token needs to be provisioned again.
Once provisioned and activated, the token will remain effective even if the user changes or clears the lockscreen password. The calling device administrator must have requested
USES_POLICY_RESET_PASSWORD to be able to call
this method; if it has not, a security exception will be thrown.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
BasePasswordPolicy passwordPolicy = edm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
byte[] token = createToken();
// set token before reset password
passwordPolicy.setResetPasswordToken(enterpriseDeviceAdmin, token);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
byte[] token = createToken();
// set token before reset password
passwordPolicy.setResetPasswordToken(enterpriseDeviceAdmin, token);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |
Deprecated in API level 35
API to set a list of configuration features to enable for a trust agent component.
| admin | Which DeviceAdminReceiver this request is associated with. |
|---|---|
| target | Component name of the agent to be configured. This value must never be null. |
| configuration | Trust-agent-specific feature configuration bundle. Please consult documentation of the specific trust agent to determine the interpretation of this bundle. |
| Called by an application that is administering the user to Set a list of configuration features
to enable for a trust agent component. This is meant to be used in conjunction with
KEYGUARD_DISABLE_TRUST_AGENTS,
which disables all trust agents but those enabled by this function call. If flag
KEYGUARD_DISABLE_TRUST_AGENTS
is not set, then this call has no effect.
For any specific trust agent, whether it is disabled or not depends on the aggregated state of each admin's KEYGUARD_DISABLE_TRUST_AGENTS setting and its trust agent configuration as set by this function call. In particular: if any admin sets KEYGUARD_DISABLE_TRUST_AGENTS and does not additionally set any trust agent configuration, the trust agent is disabled completely. Otherwise, the trust agent will receive the list of configurations from all admins who set KEYGUARD_DISABLE_TRUST_AGENTS and aggregate the configurations to determine its behavior. The exact meaning of aggregation is trust-agent-specific. The calling device administrator must have requested
USES_POLICY_DISABLE_KEYGUARD_FEATURES to be able to call
this method; if it has not, a security exception will be thrown.
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
BasePasswordPolicy passwordPolicy = edm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
ComponentName targetPkg = new ComponentName(pkg, class);
PersistableBundle configuration = new PersistableBundle(); // need to set details
passwordPolicy.setTrustAgentConfiguration(enterpriseDeviceAdmin, targetPkg, configuration);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
// When you create container successfully, containerID will be returned via intent.
// Use this containerID in below API.
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
BasePasswordPolicy passwordPolicy = kcm.getBasePasswordPolicy();
try {
ComponentName enterpriseDeviceAdmin = new ComponentName(context, EDMTestsAdmin.class);
ComponentName targetPkg = new ComponentName(pkg, class);
PersistableBundle configuration = new PersistableBundle(); // need to set details
passwordPolicy.setTrustAgentConfiguration(enterpriseDeviceAdmin, targetPkg, configuration);
} catch (SecurityException e) {
Log.w(TAG, "SecurityException: " + e);
}
|
| The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_SECURITY" permission with a protection level of signature. |
| API level 27 |
| KNOX 3.2.1 |
| User Scope |