Hi Arthur, You should be able to communicate between the client and the server on Android, using SECURED=1 library.
First, to set your "di" (client or server) - you need to specify the "di" value inside the DAT file (containing security information) - you can look at the samples. I never succeeded with setting the "di" using API, and I don't know if it's supported. Second, even using SECURED=1, in the server, you can allow any client (even not authenticated) to access any resource. The relevant ACL entry looks like: (you may need to change the "aceid"): { "aceid": 5, "subject": { "conntype": "anon-clear" }, "resources": [ { "href": "*" } ], "permission": 14 } This is definitely not the way to configure it in production, but it should allow you to keep developing, without caring about access permissions for a while. Max On Thu, Dec 14, 2017 at 8:54 PM, Arthur Barros Lapprand <a...@cin.ufpe.br> wrote: > Hi all, > > I have a few beginner-leveled questions about secure mode in Android. Let > me explain the situation: > > I have created two apps (one for Server/Controlee and the other for the > Client/Controller) and I'm able to FIND and GET/POST/OBSERVE them without > problems. As this is a simple example, I now want to do the same things but > with SECURED=1. I should note that I am usually running both apps in the > same device (not the emulator, but my cellphone). > > So I started looking everywhere and discovered I could do this with a > local ACL and supposedly everything would be ok. Turns out it didn't, which > is why I am here. So my questions are: > > - Do I need anything else to use the SECURED flag in Android apart from > registering resource as secure and passing the ACL to the PlatformConfig > and configure it? > > - I read that when configuring the Platform with an ACL the DeviceID > should be set with the ID inside it. So as it failed I tried debugging the > ID, which led me to confusion about PlatformID and DeviceID. When loading > the ACL the DeviceID comes as a random byte[]. However, I can set the > DeviceID in the code and retrieve it just fine. The thing is, the ID > recieved by the Client (ServerID) isn't the same I set in the code. I'm not > sure if it's something about the encoding tricking me or if it's something > else. Can someone please shed me some light? > > In short, the Client can find the resources (they are registered with > SECURE type) but can't make a correct GET/POST/OBSERVE request, returning > UNAUTHORIZED_REQ. Any tips about this flag and Android are welcome. > > Sorry for the long post, thank you in advance! > > _______________________________________________ > iotivity-dev mailing list > iotivity-dev@lists.iotivity.org > https://lists.iotivity.org/mailman/listinfo/iotivity-dev > >
_______________________________________________ iotivity-dev mailing list iotivity-dev@lists.iotivity.org https://lists.iotivity.org/mailman/listinfo/iotivity-dev