WP7: New Capabilities Security Model

Jamie Rodriguez has a post on the new capabilities security model in Windows Phone 7 which is introduced in the latest CTP release:-


It is interesting to read how this will be handled at runtime, here are the key facts:-

  • If you try to use a feature and you didn’t specify the capability you’ll get an UnauthorizedAccessException when you first call that feature
  • There is no API to check if you have been granted a specific capability
  • The disclosure to the user will vary depending on the capability and marketplace – Either listed on the Marketplace page, a user prompt at purchase or a user prompt when the capability is about to be accessed.
  • A new project created in the latest CTP will request all of the currently documented capabilities (you can remove those you don’t need later)
  • There are other capabilities specific to OEMs and operators which are not documented
  • The table of example features lists a few items yet to be shipped in the developer tools giving an interesting insight into what is still to come – Microsoft.Devices.Radio and Microsoft.Devices.MediaHistory