Securityexception: Caller Uid Xxxx Is Different Than the Authenticator's Uid

  • Home
  • Languages
  • Android
  • Securityexception: Caller Uid Xxxx Is Different Than the Authenticator's Uid

SecurityException: caller uid XXXX is different than the authenticator's uid

First, check the condition explained on this post:

[...] If you see an error from the AccountManagerService of the form caller uid XXXX is different than the authenticator's uid, it might be a bit misleading. The ‘authenticator’ in that message is not your authenticator class, it’s what Android understands to be the registered authenticator for the account’s type. The check that happens within the AccountManagerService looks like this:

 private void checkCallingUidAgainstAuthenticator(Account account) {
     final int uid = Binder.getCallingUid();
     if (account == null || !hasAuthenticatorUid(account.type, uid)) {
         String msg = "caller uid " + uid + " is different than the authenticator's uid";
         Log.w(TAG, msg);
         throw new SecurityException(msg);
     }
     if (Log.isLoggable(TAG, Log.VERBOSE)) {
         Log.v(TAG, "caller uid " + uid + " is the same as the authenticator's uid");
     }
 }

Note that hasAuthenticatorUid() takes the account.type. This is where I’d screwed up. I was creating my Account with a type specified by a constant:

 class LoginTask {
     Account account = new Account(userId, AuthenticatorService.ACCOUNT_TYPE);
     ...
 }

 class AuthenticatorService extends Service {
     public static final String ACCOUNT_TYPE = "com.joelapenna.foursquared";
     ...
 }

but this constant did not match the XML definition for my authenticator:

 <account-authenticator xmlns:android="/web/20150729061818/http://schemas.android.com/apk/res/android"
        android:accountType="com.joelapenna.foursquared.account" ... />

Second, if you are like me and want to embed the sample into your existing app for testing then, make sure you use Constants class that is part of this example and not under android.provider.SyncStateContract package. Because both classes use the same attribute name ACCOUNT_TYPE that is used when creating Account object.

getting caller uid 10066 is different than the authenticator's uid

The following stackoverflow question seems to deal with the issue:

SecurityException: caller uid XXXX is different than the authenticator's uid

The article it links to ( http://loganandandy.tumblr.com/post/613041897/caller-uid-is-different ) explains the whole thing, though it took me a minute to realise what part of my code the last xml snippet was referring to.

I ended up storing my account type and auth token type in my strings.xml and referencing them in the authenticator.xml and code as needed.

java.lang.SecurityException: caller uid XXXXX lacks any of android.permission.GET_ACCOUNTS

It turns out that there was a conflict with a library I was using. Specifically, the library's support team told me:

The layer SDK requests the GET_ACCOUNTS permission using a
maxSdkVersion of 18. It would appear that when the manifests get
merged this is overwriting the permission request in your manifest,
thus not requesting that permission for 19+.

The solution was to change my manifest from this:

<uses-permission android:name="android.permission.GET_ACCOUNTS" />

to this:

<uses-permission android:name="android.permission.GET_ACCOUNTS" tools:node="replace" />

Specifically, adding tools:node="replace".

For more details, please see this answer to my other question: https://stackoverflow.com/a/37013603/2423194

Android SecurityException: uid xxxxx cannot explicitly add accounts

General solution - how to debug this

In android studio's logcat view, the default filter setting is "Show only selected application". I did receive logs about my account service being unable to register, including the reason why. However, with the default filter setting, they were not shown!

So, in order to get an idea what is actually happening here, switch the filter setting to "No Filters". That will make the error message in question appear.

However, it shows all log messages, so you'll get you a ton of them. I had to scroll quite a bit to see that error message. My advice would be to turn the filter back to "Show only selected application" after you got what you need.

My concrete issue

The problem was with authenticator.xml. This file should not have a <resources> element. <account-authenticator> needs to be a top level element; the complete file needs to look like this:

<?xml version="1.0" encoding="utf-8"?>
<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
        android:accountType="@string/accounts__account_type"
        android:icon="@drawable/ic_add_black_24dp"
        android:label="@string/global__authenticator_account_label"
        android:smallIcon="@drawable/ic_add_black_24dp" />

Related Topics

Change the Locale at Runtime

Edittext Error Icon and Show Password Missplaced

How to Create Spinner-List Using Customadapter in Android

How to Transfer the Formatted Date String from My Datepickerfragment

Flinging with Recyclerview + Appbarlayout

How to Add an Android Studio Project to Github

How to Convert a Bitmap to Drawable in Android

Android: Disabling Highlight on Listview Click

How to Test Android Referral Tracking

How to Keep Fragment Alive When Using Bottomnavigationview with New Navcontroller

Draw Overlay in Android (System Wide)

Generate Bitmap from HTML in Android

Background-Size: Cover Not Working in Portrait on Android Tablet

What Does -Webkit-Text-Size-Adjust Do

Blurry Svg Images in Chrome for Android

HTML Email Looking Different in Gmail App

How to Use Image as Button in Ionic

Android - How to Download a File from a Webserver


Leave a reply



Submit