From 83b67e61989b5ca61be4754272618bc51b42cb47 Mon Sep 17 00:00:00 2001 From: Marc Blank Date: Tue, 10 Nov 2009 12:11:00 -0800 Subject: [PATCH] Fix #2251837; better response w/ security req'd. DO NOT MERGE * Currently, we validate EAS accounts using a command that will succeed even if we do not support required security policies. * This causes a confusing "invalid username or password" error when trying to sync with a validated account in the case that there are, in fact, required policies * The fix is to send a sync command after validating the user name and password; a 403 error indicates the requirement for security policies. * When we see the 403 error, we put up a message that is appropriate to the situation. Change-Id: I74e132cb81f021cbb697cc9ee146405bf3ebc0ba --- res/values/strings.xml | 2 ++ .../activity/setup/AccountSetupCheckSettings.java | 3 +++ src/com/android/email/mail/MessagingException.java | 2 ++ src/com/android/exchange/EasSyncService.java | 11 +++++++++++ 4 files changed, 18 insertions(+) diff --git a/res/values/strings.xml b/res/values/strings.xml index fc811b901..991bd95b2 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -483,6 +483,8 @@ Unable to open connection to server due to security error. Unable to open connection to server. + + This Exchange ActiveSync server requires security features your phone does not support. Edit details diff --git a/src/com/android/email/activity/setup/AccountSetupCheckSettings.java b/src/com/android/email/activity/setup/AccountSetupCheckSettings.java index 9b237730a..21c17d91c 100644 --- a/src/com/android/email/activity/setup/AccountSetupCheckSettings.java +++ b/src/com/android/email/activity/setup/AccountSetupCheckSettings.java @@ -166,6 +166,9 @@ public class AccountSetupCheckSettings extends Activity implements OnClickListen case MessagingException.AUTH_REQUIRED: id = R.string.account_setup_failed_auth_required; break; + case MessagingException.SECURITY_POLICIES_REQUIRED: + id = R.string.account_setup_failed_security_policies_required; + break; case MessagingException.GENERAL_SECURITY: id = R.string.account_setup_failed_security; break; diff --git a/src/com/android/email/mail/MessagingException.java b/src/com/android/email/mail/MessagingException.java index 25d108805..bc27520dd 100644 --- a/src/com/android/email/mail/MessagingException.java +++ b/src/com/android/email/mail/MessagingException.java @@ -43,6 +43,8 @@ public class MessagingException extends Exception { public static final int AUTHENTICATION_FAILED = 5; /** Attempt to create duplicate account */ public static final int DUPLICATE_ACCOUNT = 6; + /** Required security policies not supported */ + public static final int SECURITY_POLICIES_REQUIRED = 7; protected int mExceptionType; diff --git a/src/com/android/exchange/EasSyncService.java b/src/com/android/exchange/EasSyncService.java index 390602468..a18cf8b11 100644 --- a/src/com/android/exchange/EasSyncService.java +++ b/src/com/android/exchange/EasSyncService.java @@ -214,6 +214,17 @@ public class EasSyncService extends AbstractSyncService { userLog("OPTIONS response without commands or versions; reporting I/O error"); throw new MessagingException(MessagingException.IOERROR); } + + // Run second test here for provisioning failures... + Serializer s = new Serializer(); + userLog("Try folder sync"); + s.start(Tags.FOLDER_FOLDER_SYNC).start(Tags.FOLDER_SYNC_KEY).text("0") + .end().end().done(); + resp = svc.sendHttpClientPost("FolderSync", s.toByteArray()); + code = resp.getStatusLine().getStatusCode(); + if (code == HttpStatus.SC_FORBIDDEN) { + throw new MessagingException(MessagingException.SECURITY_POLICIES_REQUIRED); + } userLog("Validation successful"); return; }