The Jailbreak Detection Policy consists of one or more statements that instruct a client application (built using the Mobile and Social SDK for iOS) to search for files that may indicate the device is jailbroken. The Mobile and Social server sends the Policy statements to the iOS client application. The client device then returns a true (jailbreaking is detected) or false value back to the Mobile and Social server. This value is forwarded to the Security Handler Plug-in and, depending on the security policies of the Security Handler Plug-in in use, Mobile and Social can allow access, deny access, or wipeout any Mobile and Social specific data from the application.
If the Default Security Handler Plug-in is active and the policy logic says the device is jail broken, the Plug-in can ALLOW or DENY access to the client device depending on how the allowJailBrokenDevices
Plug-in attribute is set.
If the Oaam Security Handler Plug-in is active and the policy logic says the device is jail broken, the Plug-in can ALLOW or BLOCK access to the client device depending on how the OAAM policy rules are configured.
Additionally, if a device is blacklisted, lost or stolen, this Plug-in can send a WIPEOUT command that will delete any Mobile and Social specific data from the device and block the device from future requests. If the user recovers the missing device, the device can be reset in OAAM.
See Defining Security Handler Plug-ins.
Note:
OAAM's BLOCK and Mobile and Social's DENY mean the same thing.
The following topics include additional information.
You can create a new Jailbreak Detection Policy with the Oracle Access Management Console from the Mobile and Social Services configuration page.
If you choose to create a new Jailbreak Detection Policy using XML, click the Load button to overwrite the default Policy completely. A schema file is available from customer support.
To create a new Jailbreak Detection Policy: