Fix #2251837; better response when provisioning is required.

* Currently, we validate EAS accounts using a command that will
  succeed even if we do not support required security policies.
* This causes a confusing "invalid username or password" error
  when trying to sync with a validated account in the case that
  there are, in fact, required policies
* The fix is to send a sync command after validating the user name
  and password; a 403 error indicates the requirement for
  security policies.
* When we see the 403 error, we put up a message that is appropriate
  to the situation.

Change-Id: Ic40820253dca1f357297b2355ad987bc39d0775f
This commit is contained in:
Marc Blank 2009-11-10 12:11:00 -08:00
parent 93517e94ae
commit 29935abb1c
4 changed files with 18 additions and 0 deletions

View File

@ -483,6 +483,8 @@
<string name="account_setup_failed_security">Unable to open connection to server due to security error.</string>
<!-- Additional diagnostic text when server connection failed due to io error (connection) -->
<string name="account_setup_failed_ioerror">Unable to open connection to server.</string>
<!-- Additional diagnostic text when validation vailed due to required provisioning not being supported -->
<string name="account_setup_failed_security_policies_required">Security policies not supported. Please contact your IT department.</string>
<!-- "Setup could not finish" dialog action button -->
<string name="account_setup_failed_dlg_edit_details_action">Edit details</string>

View File

@ -166,6 +166,9 @@ public class AccountSetupCheckSettings extends Activity implements OnClickListen
case MessagingException.AUTH_REQUIRED:
id = R.string.account_setup_failed_auth_required;
break;
case MessagingException.SECURITY_POLICIES_REQUIRED:
id = R.string.account_setup_failed_security_policies_required;
break;
case MessagingException.GENERAL_SECURITY:
id = R.string.account_setup_failed_security;
break;

View File

@ -43,6 +43,8 @@ public class MessagingException extends Exception {
public static final int AUTHENTICATION_FAILED = 5;
/** Attempt to create duplicate account */
public static final int DUPLICATE_ACCOUNT = 6;
/** Required security policies not supported */
public static final int SECURITY_POLICIES_REQUIRED = 7;
protected int mExceptionType;

View File

@ -214,6 +214,17 @@ public class EasSyncService extends AbstractSyncService {
userLog("OPTIONS response without commands or versions; reporting I/O error");
throw new MessagingException(MessagingException.IOERROR);
}
// Run second test here for provisioning failures...
Serializer s = new Serializer();
userLog("Try folder sync");
s.start(Tags.FOLDER_FOLDER_SYNC).start(Tags.FOLDER_SYNC_KEY).text("0")
.end().end().done();
resp = svc.sendHttpClientPost("FolderSync", s.toByteArray());
code = resp.getStatusLine().getStatusCode();
if (code == HttpStatus.SC_FORBIDDEN) {
throw new MessagingException(MessagingException.SECURITY_POLICIES_REQUIRED);
}
userLog("Validation successful");
return;
}