Keychain Group Access-程序员宅基地

技术标签: iOS  

Since iPhone OS 3.0 it has been possible to share data between a family of applications. This can provide a better user experience if you follow the common path of free/premium applications or if you have a set of related applications that need to share some common account settings.

The main pre-requisite for shared keychain access is that all of the applications have a common bundle seed ID. To be clear what this means remember that an App ID consists of two parts:

<Bundle Seed ID> . <Bundle  Identifier>

The bundle seed ID is a unique (within the App Store) ten character string that is generated by Apple when you first create an App ID. The bundle identifier is generally set to be a reverse domain name string identifying your app (e.g. com.yourcompany.appName) and is what you specify in the application Info.plist file in Xcode.

So when you want to create an app that can share keychain access with an existing app you need to make sure that you use the bundle seed ID of the existing app. You do this when you create the new App ID in the iPhone Provisioning Portal. Instead of generating a new value you select the existing value from the list of all your previous bundle seed IDs.

One caveat, whilst you can create a provisioning profile with a wildcard for the bundle identifier I have never been able to get shared keychain access working between apps using it. It works fine with fully specified (no wildcard) identifiers. Since a number of other Apple services such as push notifications and in-app purchase also have this restriction maybe it should not be a surprise but I am yet to find this documented for keychain access.

Once you have your provisioning profiles setup with a common bundle seed ID the rest is pretty easy. The first thing you need to do is register the keychain access group you want to use. The keychain access group can be named pretty much anything you want as long as it starts with the bundle seed ID. So for example if I have two applications as follows:

  • ABC1234DEF.com.useyourloaf.amazingApp1
  • ABC1234DEF.com.useyourloaf.amazingApp2

I could define a common keychain access group as follows:

  • ABC1234DEF.amazingAppFamily

To enable the application to access this group you need to add an entitlements plist file to the project using xCode. Use Add -> New File and select the Entitlements template from the iPhone OS Code Signing section. You can name the file anything you like (e.g. KeychainAccessGroups.plist). In the file add a new array item named keychain-access-groups and create an item in the array with the value of our chosen keychain access group:

Note: Do not change the get-task-allow item that is created by default in the entitlements file unless you are creating an Ad-Hoc distribution of your app (in which case you should uncheck this option).

This same process should be repeated for all apps that share the bundle seed ID to enable them to access the keychain group. To actually store and retrieve values from this group requires adding an additional value to the dictionary passed as an argument to the keychain services. Using the example from the previous post on simple iPhone keychain access the search dictionary gets the following additional item:

[searchDictionary setObject:@"ABC1234DEF.amazingAppFamily" 
                     forKey:(id)kSecAttrAccessGroup];

One final comment, using a shared keychain access group does not stop you from storing values in an applications private keychain as well. The Apple GenericKeychain example application builds two applications which both store data in a private and group keychain.

 Apr 3rd2010 4:07 pm  keychain

« Simple iPhone Keychain Accessthe iPad NDA is finally lifted »

版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/a351945755/article/details/46787061

智能推荐

Python_代码风格_合理分解代码,提高代码可读性_python 合理分解代码-程序员宅基地

文章浏览阅读164次。一.什么是PEP8PEP 是 Python Enhancement Proposal 的缩写,翻译过来叫“Python 增强规范”。正如我们写文章,会有句式、标点、段落格式、开头缩进等标准的规范一样,Python 书写自然也有一套较为官方的规范。PEP 8 就是这样一种规范,它存在的意义,就是让 Python 更易阅读,换句话,增强代码可读性。二.日常的代码规范缩进规范Python 的缩进其实可以写成很多种,Tab、双空格、四空格、空格和 Tab 混合等。而 PEP 8 规范告诉我们,请选择四个空_python 合理分解代码

“零拷贝”是什么_零拷贝收包-程序员宅基地

文章浏览阅读410次。前言List itemI/O概念 1.缓冲区 2.虚拟内存 3.mmap+write方式 4.sendfile方式Java零拷贝1.MappedByteBuffer2.DirectByteBuffer3.Channel-to-Channel传输Netty零拷贝其他零拷贝总结前言从字面意思理解就是数据不需要来回的拷贝,大大提升了系统的性能;这个词我们也经常在java nio,netty,kafka,RocketMQ等框架中听到,经常作为其提升性能的一_零拷贝收包

MicroERP开发技术分享:vsFlexGrid、scriptControl实现工资表自定义列与表间关系计算_vsflexgris 报表-程序员宅基地

文章浏览阅读961次。开发大型的MIS系统,肯定是离不开第三方控件的,同时也要根据项目需要自己写几个。MicroERP共用了以下几个控件:第三方商业控件:vsFlexGrid:大名鼎鼎的表格控件,不用多说,配合vsPrinter使用开源的基础上修改和自己写的:cash会计凭证用的金额线MDITabs MDI窗体LeftMenu手风琴导航菜单这里着重说一下vsFlexGrid、scriptControl实现工资表自定义列与表间关系计算_vsflexgris 报表

矩阵分析——QR分解-程序员宅基地

文章浏览阅读7.3w次,点赞56次,收藏200次。Gram-Schmidt正交化 在提到矩阵的QR分解前,必须要提到Gram–Schmidt方法,理论上QR分解是由Gram–Schmidt正交化推出来的。那么Gram–Schmidt正交化究竟是什么呢? 在三维空间存在直角坐标系,其中任意一点都可以由(x,y,z)坐标唯一确定,在这个坐标系中,X、Y、Z三轴都是相互正交(垂直)的。那么在n维欧式空间也应该_qr分解

Android 通过反射让SQlite建表如此简单_android 利用反射生成sqlite里的表-程序员宅基地

文章浏览阅读8.9k次,点赞7次,收藏18次。我们通常使用SQlite的时候,如果我们有10张表,我们要写10个建表语句,而建表语句中只有一些字段的名字需要改而已,这样既费时又费力,还容易出错,我们知道写sql语句的时候经常会写错,如果写错程序就会崩掉,而且检查10个建表语句还可以,如果有100条我么就要疯了。这篇文章告诉大家如何通过反射来快速建表。_android 利用反射生成sqlite里的表

python3全栈开发-面向对象的三大特性(继承,多态,封装)之继承-程序员宅基地

文章浏览阅读102次。一 、初识继承1、什么是继承  继承是一种创建新类的方式,新建的类可以继承一个或多个父类(python支持多继承),父类又可称为基类或超类,新建的类称为派生类或子类。  特点:  子类会“”遗传”父类的属性,从而解决代码冗余问题2、python中类的继承分为:单继承和多继承,如何查看继承class ParentClass1: #定义父类passcl..._在python3程序中,如果一个子类c

随便推点

解决QT+VS中无法打开ui_xxx.h文件_qt中ui_widget.h找不到-程序员宅基地

文章浏览阅读1.1w次,点赞3次,收藏14次。在VS中添加插件Qt VS Tools,就可以在VS中写QT项目了,但是VS中写QT项目和在QT Creater中并不完全一样,VS中的项目文件结构是:但是如图中的widget.h文件中包含了ui_widget.h文件,但提示无法打开ui_widget.h文件,双击ui_widget.h也无法打开此文件。解决办法如图依次点击,然后等待几秒就可以打开该文件。选中ui_widget.h文件..._qt中ui_widget.h找不到

python day14 文件操作_将文本写到mydata.txt文件中-程序员宅基地

文章浏览阅读256次。目录:文件操作文件:什么是文件文件的缺点文件的操作步骤:文件的打开函数 open文件操作分为两种类型的操作:文本文件模式:各操作系统默认的换行符:练习:练习:答案见:二进制文件操作文件操作文件:什么是文件文件是用于数据存储的单位文件通常用来长期存储设置文件中的数据是以字节为单位进行顺序存储的文件的缺点内..._将文本写到mydata.txt文件中

k8s学习笔记_hostname "node01" could not be reached-程序员宅基地

文章浏览阅读1.1k次。kubernetes学习_hostname "node01" could not be reached

RTTI symbol not found for class ‘QObject‘ + double free or corruption_rtti symbol not found for class 'qobject-程序员宅基地

文章浏览阅读4.4k次,点赞2次,收藏6次。记录一个崩溃crash的问题。在方法中使用一个栈类对象时,程序出现崩溃。原因是:QT中 如果一个子级对象是new生成的(堆对象),当父级对象销毁时,会自动调用operator delete删除他的所有子级对象。这样有三种情况:如果一个子级对象是new生成的,他无需自己销毁;如果一个子级对象不是new生成的(栈对象),他在父级对象销毁前自己主动销毁自己,没问题。如果一个子级对象不是new生成的(栈对象),他不在父级对象销毁前自己主动销毁自己,父级对象调用operator delete他时就会出_rtti symbol not found for class 'qobject

软件架构-Spring boot快速开始及核心功能介绍(中)_project.build.sourceencoding-程序员宅基地

文章浏览阅读494次。上次通过Spring boot认知,核心功能。springBoot的搭建【官方向导搭建boot应用】和 【maven的方式搭建boot】。统一父POM管理(一)① 建立boot-parent工程首先我们建立一个 boot-parent的maven工程删除src目录然后修改pom.xml。packaging改为为pom格式。<packaging>pom</packaging>加入dependencyManagement, 同时去掉vers._project.build.sourceencoding

java技术专家【Java学习+面试指南】Java基础入门80问-程序员宅基地

文章浏览阅读701次,点赞11次,收藏22次。java技术专家【Java学习+面试指南】Java基础入门80问

推荐文章

热门文章

相关标签