MeeGo 1.2 Harmattan Developer Documentation Develop for the Nokia N9

Security quick guide

This section helps you to quickly assess your security needs.

In MeeGo 1.2 Harmattan, resources belong in protected and unprotected categories. While a basic MeeGo 1.2 Harmattan application can be run without any additional security requirements, more advanced actions such as location detection or interacting with the device Tracker require accessing protected resources, which in turn require additional security credentials.

To use the protected resources, your application needs to get permission from the Harmattan security framework by announcing beforehand the protected resources it uses. These permissions are set in the Aegis manifest XML file, which is one of the project files that are generated when starting a new project in the Qt SDK. The Aegis manifest file manages this by reserving tokens for actions that access the protected resources.

For example, the GRP::metadata-users token is required to access the Organizer (calendar, personal data) and Contacts (contacts info) resources. For a list of protected resources that require tokens, see section Harmattan APIs that require credentials.

Security permissions checklist

The following list tells you the different levels of preparation different types of application may require from in terms of security permissions:

  • With simple applications, which do not provide any protected resources or require any protected Harmattan platform resources. You can use the standard tools to build the application, install it and run it on the Harmattan device. In this case, the Aegis manifest file is not needed.
  • When developing with the Qt SDK, the SDK generates the Aegis manifest file with the required security credentials automatically if the file is needed. This automation usually covers your basic security needs.
  • You only need to create or edit the Aegis manifest file manually with the the Qt SDK or Harmattan Platform SDK in the following cases:
    • Your application needs to access certain Harmattan APIs, but it stops working and you get Access denied errors. In this case, you need to request additional credentials by editing the Aegis manifest file manually.
    • Your application provides secure services to other applications and you want to protect these resources.
    • You have problems with the automatic Aegis manifest file creation.

For descriptions of the contents and syntax of the manifest file, see Aegis manifest syntax and Security guide.

If you need to address your application’s specific security needs, use the additional Harmattan platform security features. For more information, see Addressing specific security needs in the Harmattan security guide.