public class

WifiAdminProfile

extends Object
implements Parcelable
java.lang.Object
   ↳ com.samsung.android.knox.net.wifi.WifiAdminProfile

Class Overview

This class contains information required to set up a Wi-Fi profile on the device. When creating a Wi-Fi profile of a particular type, leave fields associated with other types blank. The security type must be valid (see security description), otherwise setWifiProfile(WifiAdminProfile) operation will fail.

Since
API level 2
MDM 2.0

Summary

Constants
int ENGINE_ANDROID_KEYSTORE Engine id to use android keystore for client and CA certificates.
int ENGINE_SECPKCS11 Engine id to use CCM(ClientCertificateManager) keystore for client certificates.
String PHASE1_ALLOW_AUTHENTICATED Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
String PHASE1_ALLOW_BOTH Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
String PHASE1_ALLOW_UNAUTHENTICATED Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
String PHASE1_DISABLE Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
String PHASE1_NONE Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
String PHASE2_GTC Indicates GTC(Generic Token Card Authentication Protocol) inner authentication method will be used by EAP protocol.
String PHASE2_MSCHAP Indicates MSCHAP(Microsoft Challenge Handshake Authentication Protocol) inner authentication method will be used by EAP protocol.
String PHASE2_MSCHAPV2 Indicates MSCHAP-V2(Microsoft Challenge Handshake Authentication Protocol Version 2) inner authentication method will be used by EAP protocol.
String PHASE2_NONE Indicates no inner authentication method will be used by EAP protocol.
String PHASE2_PAP Indicates PAP(Password Authentication Protocol) inner authentication method will be used by EAP protocol.
int PROXY_STATE_AUTO_CONFIGURE Flag to indicate that a PAC based proxy is to be used for this Wi-Fi profile.
int PROXY_STATE_MANUAL Flag to indicate that a statically configured proxy is to be used for this Wi-Fi profile.
int PROXY_STATE_NONE Flag to indicate that no proxy is to be used for this Wi-Fi profile.
[Expand]
Inherited Constants
From interface android.os.Parcelable
Fields
public String anonymousIdentity Defines the anonymous identity for 802.1x EAP network type.
public String caCertificate Defines the Certificate Authority (CA) certificate alias for an enterprise EAP WLAN network.
public String clientCertification Defines the client certificate alias for an enterprise EAP WLAN network type.
public String password Defines the user password for enterprise WLAN EAP network type.
public String phase1 Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.
public String phase2 Defines the Phase 2 authentication method.
public List<AuthConfig> proxyAuthConfigList Defines the authentication configuration that shall be used to authenticate in the related proxy.
public List<String> proxyBypassList Defines a list of URLs that should be bypassed in the proxy configured for this Wi-Fi profile.
public String proxyHostname Defines the hostname to be used in a statically configured proxy.
public String proxyPacUrl Defines the URL that is to be used in a PAC based proxy configuration.
public int proxyPort Defines the port to be used in a statically configured proxy.
public int proxyState Defines which kind of proxy configuration is to be used for this Wi-Fi profile.
public String psk Defines the pre-shared key for an enterprise WLAN network that uses WPA/WPA2-PSK security level.
public String security Defines the security type that is to be used in this Wi-Fi profile.
public String ssid Defines the Wi-Fi network SSID to be created.
public String staticGateway Defines the gateway that is to be used in a statically configured IP settings.
public String staticIp Defines the IP address that is to be used in a statically configured IP settings.
public boolean staticIpEnabled Defines whether this Wi-Fi profile should use a statically configured IP settings or if it should be dynamically resolved via DHCP protocol.
public String staticPrimaryDns Defines the primary DNS that is to be used in a statically configured IP settings.
public String staticSecondaryDns Defines the secondary DNS that is to be used in a statically configured IP settings.
public String staticSubnetMask Defines the subnet mask that is to be used in a statically configured IP settings.
public String userIdentity Defines the user identity for 802.1x EAP network type.
public String wepKey1 Defines the WEP key 1.
public String wepKey2 Defines the WEP key 2.
public String wepKey3 Defines the WEP key 3.
public String wepKey4 Defines the WEP key 4.
public int wepKeyId Defines the default WEP key index, ranging from 1 to 4.
Public Constructors
WifiAdminProfile(int engineId)
New constructor added to support different keystore engines.
WifiAdminProfile(String storageName)
New constructor added to support different credential storages.
WifiAdminProfile()
Create a new empty instance.
Public Methods
int getEngineId()
API to retrieve the keystore engine set in the profile.
String getStorageName()
API to retrieve the credential storage name set in the profile.
[Expand]
Inherited Methods
From class java.lang.Object
From interface android.os.Parcelable

Constants

public static final int ENGINE_ANDROID_KEYSTORE

Since: API level 12

Engine id to use android keystore for client and CA certificates.

Since
API level 12
MDM 5.1
Constant Value: 0 (0x00000000)

public static final int ENGINE_SECPKCS11

Since: API level 12

Engine id to use CCM(ClientCertificateManager) keystore for client certificates.
NOTE: This is only available if CCM(ClientCertificateManager) keystore is enforced for the calling administrator.

Since
API level 12
MDM 5.1
Constant Value: 1 (0x00000001)

public static final String PHASE1_ALLOW_AUTHENTICATED

Since: API level 19

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Indicates Phase 1 tunnel establishment method allows authenticated provisioning in an EAP-FAST profile.

Since
API level 19
MDM 5.6
Constant Value: "2"

public static final String PHASE1_ALLOW_BOTH

Since: API level 19

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Indicates Phase 1 tunnel establishment method allows both authenticated and unauthenticated provisioning in an EAP-FAST profile.

Since
API level 19
MDM 5.6
Constant Value: "3"

public static final String PHASE1_ALLOW_UNAUTHENTICATED

Since: API level 19

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Indicates Phase 1 tunnel establishment method allows unauthenticated provisioning in an EAP-FAST profile.

Since
API level 19
MDM 5.6
Constant Value: "1"

public static final String PHASE1_DISABLE

Since: API level 19

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Indicates Phase 1 tunnel establishment method is disabled in an EAP-FAST profile.

Since
API level 19
MDM 5.6
Constant Value: "0"

public static final String PHASE1_NONE

Since: API level 19

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Indicates no Phase 1 tunnel establishment method is used in an EAP-FAST profile.

Since
API level 19
MDM 5.6
Constant Value: "-1"

public static final String PHASE2_GTC

Since: API level 19

Indicates GTC(Generic Token Card Authentication Protocol) inner authentication method will be used by EAP protocol.

Since
API level 19
MDM 5.6
Constant Value: "GTC"

public static final String PHASE2_MSCHAP

Since: API level 19

Indicates MSCHAP(Microsoft Challenge Handshake Authentication Protocol) inner authentication method will be used by EAP protocol.

Since
API level 19
MDM 5.6
Constant Value: "MSCHAP"

public static final String PHASE2_MSCHAPV2

Since: API level 19

Indicates MSCHAP-V2(Microsoft Challenge Handshake Authentication Protocol Version 2) inner authentication method will be used by EAP protocol.

Since
API level 19
MDM 5.6
Constant Value: "MSCHAPV2"

public static final String PHASE2_NONE

Since: API level 19

Indicates no inner authentication method will be used by EAP protocol.

Since
API level 19
MDM 5.6
Constant Value: "None"

public static final String PHASE2_PAP

Since: API level 19

Indicates PAP(Password Authentication Protocol) inner authentication method will be used by EAP protocol.

Since
API level 19
MDM 5.6
Constant Value: "PAP"

public static final int PROXY_STATE_AUTO_CONFIGURE

Since: API level 17

Flag to indicate that a PAC based proxy is to be used for this Wi-Fi profile.

Since
API level 17
MDM 5.5
Constant Value: 2 (0x00000002)

public static final int PROXY_STATE_MANUAL

Since: API level 17

Flag to indicate that a statically configured proxy is to be used for this Wi-Fi profile.

Since
API level 17
MDM 5.5
Constant Value: 1 (0x00000001)

public static final int PROXY_STATE_NONE

Since: API level 17

Flag to indicate that no proxy is to be used for this Wi-Fi profile.

Since
API level 17
MDM 5.5
Constant Value: 0 (0x00000000)

Fields

public String anonymousIdentity

Since: API level 2

Defines the anonymous identity for 802.1x EAP network type.

An anonymous identity allows the user to hide its true identity. The user's actual name appears only inside the encrypted tunnel. Examples of an anonymous identity include "anonymous", "anon", or "anon@mycompany.net".

Since
API level 2
MDM 2.0

public String caCertificate

Since: API level 2

Defines the Certificate Authority (CA) certificate alias for an enterprise EAP WLAN network.

This certificate is used on authentication process with the server. Applicable only to EAP security level.

Since
API level 2
MDM 2.0

public String clientCertification

Since: API level 2

Defines the client certificate alias for an enterprise EAP WLAN network type.

This certificate is used on authentication process with the server. Applicable only to EAP security level.

Since
API level 2
MDM 2.0

public String password

Since: API level 2

Defines the user password for enterprise WLAN EAP network type.

The password cannot exceed the maximum of 200 characters.

Since
API level 2
MDM 2.0

public String phase1

Since: API level 17

Deprecated in API level 33
NOTE: This setting is not supported on Android R and newer.

Defines the Phase 1 tunnel establishment method in an EAP-FAST profile.

The default value is PHASE1_NONE representing that no option has been set. Other supported options are PHASE1_DISABLE to disable phase 1, PHASE1_ALLOW_UNAUTHENTICATED to allow unauthenticated provisioning, PHASE1_ALLOW_AUTHENTICATED to allow authenticated provisioning or PHASE1_ALLOW_BOTH to allow both unauthenticated and authenticated provisioning. Any other value different from these will fail the profile creation. This field will be ignored if used with a network security that does not support the provided Phase 1 method.

Since
API level 17
MDM 5.5

public String phase2

Since: API level 2

Defines the Phase 2 authentication method.

Sets the inner authentication used by the EAP protocol. The default value is PHASE2_NONE. Other supported methods are PHASE2_PAP, PHASE2_MSCHAP , PHASE2_MSCHAPV2, and PHASE2_GTC. This field will be ignored if used with a network security that does not support the provided Phase 2 method.

Since
API level 2
MDM 2.0

public List<AuthConfig> proxyAuthConfigList

Since: API level 20

Defines the authentication configuration that shall be used to authenticate in the related proxy.

This value will be used if either PROXY_STATE_MANUAL or PROXY_STATE_AUTO_CONFIGURE values are set in proxyState field. However, this field is not mandatory when setting up a proxy and it will only be used if the configured proxy supports authentication.

Since
API level 20
MDM 5.7

public List<String> proxyBypassList

Since: API level 17

Defines a list of URLs that should be bypassed in the proxy configured for this Wi-Fi profile.

This value will only be used if PROXY_STATE_MANUAL is set in proxyState field.

Since
API level 17
MDM 5.5

public String proxyHostname

Since: API level 17

Defines the hostname to be used in a statically configured proxy.

This value will only be used if PROXY_STATE_MANUAL is set in proxyState field. Such value could be either a regular hostname or an IP address. The hostname must be in a valid format supported by Android platform, otherwise the profile creation/edition will fail.

Since
API level 17
MDM 5.5

public String proxyPacUrl

Since: API level 17

Defines the URL that is to be used in a PAC based proxy configuration.

This value will only be used if PROXY_STATE_AUTO_CONFIGURE is set in proxyState field.

Since
API level 17
MDM 5.5

public int proxyPort

Since: API level 17

Defines the port to be used in a statically configured proxy.

This value will only be used if PROXY_STATE_MANUAL is set in proxyState field.

Since
API level 17
MDM 5.5

public int proxyState

Since: API level 17

Defines which kind of proxy configuration is to be used for this Wi-Fi profile.

Possible values are PROXY_STATE_NONE, PROXY_STATE_MANUAL or PROXY_STATE_AUTO_CONFIGURE.

NOTE: This proxy may not be considered by some applications (e.g. applications that directly open a socket with the final server), although it is used by most of them. Applications might retry connections without using the global proxy whenever the proxy is unreachable or the authentication fails.

Since
API level 17
MDM 5.5

public String psk

Since: API level 2

Defines the pre-shared key for an enterprise WLAN network that uses WPA/WPA2-PSK security level.

The pre-shared key (PSK) can be a 256-bit hex value or a string value with a minimum of 8 and a maximum of 64 characters. It is a secret that was previously shared between the two parties using some secure channel.

Since
API level 2
MDM 2.0

public String security

Since: API level 2

Defines the security type that is to be used in this Wi-Fi profile.

This field must be a non null value and the accepted values are "NONE", "WEP", "PSK", "EAP-x", where x can be any of the following EAP methods: PEAP, TLS, TTLS, PWD, SIM, AKA, AKA', FAST, LEAP. In order to enable key management options (FT or CCKM), the desired value should be concatenated with the security level (e.g. EAP-TTLS-FT, EAP-FAST-CCKM). If a malformed security type is passed or if the device does not support a provided security type, the Wi-Fi profile creation will fail.

NOTE: From Android P onwards, key management options (FT or CCKM) must no longer be used in the security level. They are enabled by default if device supports it.

Since
API level 2
MDM 2.0

public String ssid

Since: API level 2

Defines the Wi-Fi network SSID to be created.

An SSID is a name that identifies a particular 802.11 wireless LAN. The SSID is case-sensitive and cannot exceed 32 characters.

Since
API level 2
MDM 2.0

public String staticGateway

Since: API level 17

Defines the gateway that is to be used in a statically configured IP settings.

This value is mandatory if staticIpEnabled is set to true. In this case, if no value is provided, a default gateway (192.168.1.1) will be set.

Since
API level 17
MDM 5.5

public String staticIp

Since: API level 17

Defines the IP address that is to be used in a statically configured IP settings.

This value is mandatory if staticIpEnabled is set to true. In this case, if no value is provided, a default IP address (192.168.1.100) will be set.

Since
API level 17
MDM 5.5

public boolean staticIpEnabled

Since: API level 17

Defines whether this Wi-Fi profile should use a statically configured IP settings or if it should be dynamically resolved via DHCP protocol.

Since
API level 17
MDM 5.5

public String staticPrimaryDns

Since: API level 17

Defines the primary DNS that is to be used in a statically configured IP settings.

This value is mandatory if staticIpEnabled is set to true. In this case, if no value is provided, a default primary DNS (8.8.8.8) will be set.

Since
API level 17
MDM 5.5

public String staticSecondaryDns

Since: API level 17

Defines the secondary DNS that is to be used in a statically configured IP settings.

Since
API level 17
MDM 5.5

public String staticSubnetMask

Since: API level 17

Defines the subnet mask that is to be used in a statically configured IP settings.

This value is mandatory if staticIpEnabled is set to true. In this case, if no value is provided, a default subnet mask (255.255.255.0) will be set.

Since
API level 17
MDM 5.5

public String userIdentity

Since: API level 2

Defines the user identity for 802.1x EAP network type. The identity provided cannot exceed the maximum of 200 characters.

Since
API level 2
MDM 2.0

public String wepKey1

Since: API level 2

Defines the WEP key 1.

This value will only be used when wepKeyId is 1. The values accepted are either an ASCII string enclosed in double quotation marks (e.g., "abcdef") or a string of hex digits (e.g., 0102030405). This field is only applicable to WEP security level.

Since
API level 2
MDM 2.0

public String wepKey2

Since: API level 2

Defines the WEP key 2.

This value will only be used when wepKeyId is 2. The values accepted are either an ASCII string enclosed in double quotation marks (e.g., "abcdef") or a string of hex digits (e.g., 0102030405). This field is only applicable to WEP security level.

Since
API level 2
MDM 2.0

public String wepKey3

Since: API level 2

Defines the WEP key 3.

This value will only be used when wepKeyId is 3. The values accepted are either an ASCII string enclosed in double quotation marks (e.g., "abcdef") or a string of hex digits (e.g., 0102030405). This field is only applicable to WEP security level.

Since
API level 2
MDM 2.0

public String wepKey4

Since: API level 2

Defines the WEP key 4.

This value will only be used when wepKeyId is 4. The values accepted are either an ASCII string enclosed in double quotation marks (e.g., "abcdef") or a string of hex digits (e.g., 0102030405). This field is only applicable to WEP security level.

Since
API level 2
MDM 2.0

public int wepKeyId

Since: API level 2

Defines the default WEP key index, ranging from 1 to 4.

When connecting to a WEP security-level network, the default WEP key Id must match the WEP access point Id and the corresponding WEP key. A WEP key is a security code used on some Wi-Fi networks. WEP keys allow a group of devices on a local network to exchange encoded messages with each other while hiding the contents of the messages from easy viewing by outsiders. Applicable only to the WEP security level.

Since
API level 2
MDM 2.0

Public Constructors

public WifiAdminProfile (int engineId)

Since: API level 2

New constructor added to support different keystore engines. Administrator can use this when the profile must use a different keystore for the specified client certificate.
NOTE: The ENGINE_SECPKCS11 is only available if CCM(ClientCertificateManager) keystore is enforced for the calling administrator.
NOTE: In devices supporting Android UKS (Unified Keystore) the engine ID will default to ENGINE_ANDROID_KEYSTORE when ENGINE_SECPKCS11 is selected.

Since
API level 12
MDM 5.1

public WifiAdminProfile (String storageName)

Since: API level 2

New constructor added to support different credential storages. Administrator can use this when the profile must use a credential storage for client certificates. Passing null or empty to storageName will behave the same as calling WifiAdminProfile(int) with ENGINE_ANDROID_KEYSTORE engine.

Please refer to UCM DEV guide to see how to retrieve storageName parameter.

Parameters
storageName Credential storage name.
Since
API level 19
MDM 5.6

public WifiAdminProfile ()

Since: API level 2

Create a new empty instance.

Since
API level 2
MDM 2.0

Public Methods

public int getEngineId ()

Since: API level 12

API to retrieve the keystore engine set in the profile.

NOTE: The ENGINE_SECPKCS11 is only available if CCM(ClientCertificateManager) keystore is enforced for the calling administrator.

Returns
Since
API level 12
MDM 5.1

public String getStorageName ()

Since: API level 19

API to retrieve the credential storage name set in the profile.

Returns
  • Credential storage name.
Since
API level 19
MDM 5.6