Best IT Recipes

SecurityException: caller uid XXXX is different from uid authenticator

I got the above exception when trying to apply the Sample Sync Adapter application. I have seen numerous posts related to this problem, but not a satisfactory answer.

So, I will write my solution here if someone else gets into the same problem.

+82
android
Sep 22 '10 at 23:10
source share
17 answers

First check the condition described in this post :

[...] If you see an error in the AccountManagerService form caller uid XXXX is different than the authenticator uid , this can be a little misleading. “The authenticator in this message is not your authentication class, its Android understands that it is a registered authenticator for the type of accounts. The verification that occurs in the AccountManagerService looks like this:

  private void checkCallingUidAgainstAuthenticator(Account account) { final int uid = Binder.getCallingUid(); if (account == null || !hasAuthenticatorUid(account.type, uid)) { String msg = "caller uid " + uid + " is different than the authenticator uid"; Log.w(TAG, msg); throw new SecurityException(msg); } if (Log.isLoggable(TAG, Log.VERBOSE)) { Log.v(TAG, "caller uid " + uid + " is the same as the authenticator uid"); } }

Note that hasAuthenticatorUid() takes the value account.type . Here Eden is screwed. I created my Account with the type given by the constant:

  class LoginTask { Account account = new Account(userId, AuthenticatorService.ACCOUNT_TYPE); ... } class AuthenticatorService extends Service { public static final String ACCOUNT_TYPE = "com.joelapenna.foursquared"; ... }

but this constant did not match the XML definition for my authenticator:

  <account-authenticator xmlns:android="/web/20150729061818/http://schemas.android.com/apk/res/android" android:accountType="com.joelapenna.foursquared.account" ... />

Secondly, if you are like me and want to embed the sample in an existing testing application, make sure you use the Constants class, which is part of this example, and not in the android.provider.SyncStateContract package. Because both classes use the same ACCOUNT_TYPE attribute name, which is used when creating the Account object.

+41
Mar 16 2018-11-17T00:
source share

Some other helpful tips for debugging such issues.

First enable verbose logging for some tags:

 $ adb shell setprop log.tag.AccountManagerService VERBOSE $ adb shell setprop log.tag.Accounts VERBOSE $ adb shell setprop log.tag.Account VERBOSE $ adb shell setprop log.tag.PackageManager VERBOSE

You will see the registration as follows:

 V/AccountManagerService: initiating bind to authenticator type com.example.account V/Accounts: there is no service connection for com.example.account V/Accounts: there is no authenticator for com.example.account, bailing out D/AccountManagerService: bind attempt failed for Session: expectLaunch true, connected false, stats (0/0/0), lifetime 0.002, addAccount, accountType com.example.account, requiredFeatures null

This means that there is no authenticator for this type of account. To find out which registrars are registered, view the log when installing the package:

 D/PackageManager: encountered new type: ServiceInfo: AuthenticatorDescription {type=com.example.account}, ComponentInfo{com.example/com.example.android.AuthenticatorService}, uid 10028 D/PackageManager: notifyListener: AuthenticatorDescription {type=com.example.account} is added

I had a problem that the authenticator xml descriptor was referencing a string resource that was not correctly resolved during installation:

 android:accountType="@string/account_type"

Magazines showed

 encountered new type: ServiceInfo: AuthenticatorDescription {type=@2131231194}, ...

Replacing it with a normal string (not a resource) solved the problem. This is similar to Android 2.1.

 android:accountType="com.example.account"
+53
May 20 '11 at 13:09
source share

In my case, the problem was simply a mismatch in the type accountType declared in res/xml/authenticator.xml as android:accountType="com.foo" , but incorrectly specified as "foo.com" when creating the account:

 Account newAccount = new Account("dummyaccount", "foo.com");

Doh!

+24
Apr 03 '14 at 16:44
source share

There are several parts to creating a user account ...

To call AccountManager in your activity, you already implemented something similar ...

 Account account = new Account(username, ACCESS_TYPE); AccountManager am = AccountManager.get(this); Bundle userdata = new Bundle(); userdata.putString("SERVER", "extra"); if (am.addAccountExplicitly(account, password, userdata)) { Bundle result = new Bundle(); result.putString(AccountManager.KEY_ACCOUNT_NAME, username); result.putString(AccountManager.KEY_ACCOUNT_TYPE, ACCESS_TYPE); setAccountAuthenticatorResult(result); }

In res / xml / authenticator.xml you need to define the AccountAuthenticator data (responsible for your authenticator identifier). ACCESS_TYPE must be the same string as the type of accountType you specified in this xml!

 <account-authenticator xmlns:android="http://schemas.android.com/apk/res/android" android:accountType="de.buecherkiste" android:icon="@drawable/buecher" android:label="@string/app_name" android:smallIcon="@drawable/buecher" > </account-authenticator>

Finally, you must define your service in your manifest. Be sure to specify the appropriate permissions to manage your accounts (AUTHENTICATE_ACCOUNTS / USE_CREDENTIALS / GET_ACCOUNTS / MANAGE_ACCOUNTS)

 <service android:name=".AuthenticationService"> <intent-filter> <action android:name="android.accounts.AccountAuthenticator" /> </intent-filter> <meta-data android:name="android.accounts.AccountAuthenticator" android:resource="@xml/authenticator" /> </service>
+9
Jun 18 '13 at 15:06
source share

My mistake assumed that the AccountManager getAccounts () method returned accounts that were associated only with my application context. I have changed since

 AccountManager accountManager = AccountManager.get(context); Account[] accounts = accountManager.getAccounts();

to

 AccountManager accountManager = AccountManager.get(context); Account[] accounts = accountManager.getAccountsByType(Constants.ACCOUNT_TYPE);
+5
Jun 24 '12 at 12:30
source share

The same error will appear if you put the wrong values ​​in your intent filters in the manifest. I went through the android-dev tutorial on sync adapters and ended up setting a dummy value for "aim-filter / action android: name" as well as "meta-data / android: name" for syncadapter / accountauthenticator. This error led to the appearance of the same errors in the logs.

Valid values ​​for writing: {android.content.SyncAdapter, android.accounts.AccountAuthenticator}

+4
Apr 15 '14 at
source share

Make sure your XML service points to the correct location.

For example, if you are a module name

com.example.module.auth

you are working with android: the name must be

 <service android:name=".module.auth.name-of-authenticator-service-class"...

in AndriodManifest.xml

+2
Jun 27 2018-12-12T00:
source share

First of all, take a look at Jan Berkel, a great debugging tip.

Finally, another thing to check is that your content provider and authentication, as well as synchronization services, are declared as children of the application tag.

  <application ...> <activity ...(Activity)... </activity> <provider ...(CP service declaration)/> <service ...(Authentication service declaration)... </service> <service ...(Sync service declaration)... </service> </application>
+2
May 15 '14 at 1:24
source share

It was a very stupid mistake for me, and it was very difficult to find.

In authenticator.xml I wrote

 <account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"> xmlns:android="http://schemas.android.com/apk/res/android" android:accountType="com.myapp" android:icon="@drawable/ic_launcher" android:smallIcon="@drawable/ic_launcher" android:label="@string/app_name" />

instead

 <account-authenticator xmlns:android="http://schemas.android.com/apk/res/android" android:accountType="com.myapp" android:icon="@drawable/ic_launcher" android:smallIcon="@drawable/ic_launcher" android:label="@string/app_name" />

which caused this error. Hope this helps someone!

+2
Sep 10 '14 at 20:22
source share

In my case, these were permissions in the manifest file I had

 <uses-permission android:name="ANDROID.PERMISSION.GET_ACCOUNTS"/>

everything was closed when I changed it to

 <uses-permission android:name="ANDROID.PERMISSION.GET_ACCOUNTS"/>

the problem is gone

+2
Apr 15 '15 at 11:41
source share

Besides,

Check if you are treating the AccountType type as a plain-old-String file.

I have most of my code packaged in com.mycompany.android

I have successfully used the following AccountType type: com.mycompany.android.ACCOUNT .

Now I have a desire to use multiple accounts, and when I try to sign ".subType" at the end of my account, it fails with

caller uid xxxxx differs from uid authenticator

However, if I use "_subType" (underscore instead of period), it works fine.

I assume that somewhere under the hood, Android is trying to process com.mycompany.android.ACCOUNT as the legal name of a package, which is definitely not there.

So again:

BAD com.mycompany.android.ACCOUNT.subType

GOOD com.mycompany.android.ACCOUNT_subType

+1
Sep 13 '11 at 17:15
source share

If you get this error and all of the above solutions do not work for you. In addition, you assume that you have followed all procedures. It is possible that the authentication service will be developed by another developer that you want to use to add accounts.

What you can try, try signing your application with a keystore. You are now starting the application. I suppose this should work for you.

+1
Jun 30 '14 at 4:12
source share

Here is another possible solution.

I had this error when my user was registered in my application with the same email address as his Google Android account.

So, when I tried accountManager.getAccounts() and looked for this email, I found an account with the same email address, but with a different type of account. Therefore, trying to use this (google.com) account, I get this error.

So the correct way to find an account:

 public Account findAccount(String accountName) { for (Account account : accountManager.getAccounts()) if (TextUtils.equals(account.name, accountName) && TextUtils.equals(account.type, "myservice.com")) return account; return null; }
+1
Apr 28 '15 at 13:45
source share

Also make sure your AccountAuthenticatorService has filters for verification;

t

 <service android:name=".service.AccountAuthenticatorService"> <intent-filter> <action android:name="android.accounts.AccountAuthenticator" /> </intent-filter> <meta-data android:name="android.accounts.AccountAuthenticator" android:resource="@xml/authenticator" /> </service>
0
Sep 04
source share

If you received this exception on Samsung devices, make sure that you are not using safe mode .

0
Oct. 15 '15 at 11:47
source share

If the same applications are from different stores, for example, in the amazon app store and in the google play store, a security exception will ultimately be selected, since the signature of the applications will be different in this case. If you planned to use the same authenticator for the purpose of a single login, any of the applications will crash. I once ran into this problem. Especially, the amazon app store will sign its own applications with its own signature for security purposes.

Note. If there is no typo or other answers mentioned here, check the application signature for single sign-on.

0
Mar 15 '16 at 18:07
source share

For those who are still checking the problem: https://stackoverflow.com/a/166268/

In my case, I accidentally defined an AuthenticatorService in a manifest outside of the <application> tags. Moving declaration inside <application> fixed problem. Hope will help someone.

0
May 08 '16 at 16:52
source share


More articles:


All Articles