App Tunneling > App Wrapping (Native Android)
The steps in this tutorial are done with the assumption that you have gone through the steps in General Setup tutorial including the wrapping subsection.
- Access to AirWatch Console v7.3+
- Android v2.3+ devices
The app developer must follow a specific regimen about what networking APIs are used in the app in order for traffic to be tunneled via wrapping. Application networking calls must be made using one of the following APIs, based on the proxy type.
Proxy Type: F5 – Supported Components
- Covers all app level http/https communications
Proxy Type: MAG – Supported Components
- org/apache/http/impl/client/ HttpClientAndroidLib
- java/net/URL l android/webkit/WebView
Note: The MAG supports only HTTP and HTTPS traffic, so you cannot use classes such as Socket().
The app wrapping process consists of 3 main steps:
- Policy configuration – Define the security policies you want to apply to your app. This is where the tunneling policy will be defined.
- Wrapping the app – Provide the code signing assets required to wrap the app.
- Assignment and Deployment – Configure the deployment rules for when the app wrapping is complete.
At this point in the tutorial, we assume you have already gone through the steps of uploading your app and assigning the wrapping profile mentioned in General Setup.
Log into the AirWatch Console and identify if the wrapping profile you assigned to your application is the default profile or a custom profile. If there is no profile assigned, you can choose from one of two ways to configure the policy: group-wide default settings or an ad-hoc custom profile.
Using the Default Profile (Recommended)
- If the profile assigned is the default profile, then the policy settings can be edited by navigating to Apps & Books > All Apps & Books Settings > Apps > Settings And Policies > Security Policies.
- Enable the AirWatch App Tunnel option.
- Set your App Tunnel Mode to the proxy you plan on using. (If there is no proxy configured, follow the configure proxy settings link on the UI to walk through setting up your proxy)
- Click the Save button to persist any changes you have made.
Note: These changes will reflect via the Default Profile during profile assignment which will be done in a later step in the tutorial.
Using an Ad-hoc Custom Profile
- Navigate to Apps & Books > All Apps & Books Settings > Apps > Settings And Policies > Profiles.
- Select your assigned profile, or click on Add Profile and select the App Wrapping Profile.
- In the General section, assign a name to your profile.
- Select the Proxy payload and Enable App Tunnel and set your App Tunnel Mode to the proxy you plan on using.
- Click Save to create or update your app wrapping profile.
Wrapping the app
Once you have set up the appropriate configuration policies. The next step is to actually wrap the application.
- Navigate to the Apps & Books section back on the AirWatch Console and select the list view.
- Select the internal tab in the list view and add an application.
- Upload the .ipa file you intend to wrap.
- Click the “More” tab and select App Wrapping.
- Enable app wrapping. Choose the app wrapping profile to assign to your wrapped application. (This is what you created in the Policy Configuration section above)
- Upload your mobile provisioning profile along with its corresponding code signing certificate.
- Once complete, click “Save and assign” to move to the next portion for deploying your app to the appropriate device smart groups.
Assignment and Deployment
The last step is to assign who should get the app and when.
- Click add assignment.
- Select or create a smart group with your desired set of device assignments.
- Configure the push mode and deployment time if applicable.
- Add the assignment.
- Once ready, click Save and Publish to start the wrapping and deployment process.