jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Gaul (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (JCLOUDS-1261) AWS v4 auth excludes port numbers from host header
Date Wed, 05 Jul 2017 21:42:00 GMT

     [ https://issues.apache.org/jira/browse/JCLOUDS-1261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrew Gaul resolved JCLOUDS-1261.
----------------------------------
    Resolution: Fixed

> AWS v4 auth excludes port numbers from host header
> --------------------------------------------------
>
>                 Key: JCLOUDS-1261
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1261
>             Project: jclouds
>          Issue Type: Bug
>          Components: jclouds-blobstore
>    Affects Versions: 2.0.0, 2.0.1
>            Reporter: Stephen Tomkinson
>            Assignee: Andrew Gaul
>              Labels: aws-s3, s3
>             Fix For: 2.1.0, 2.0.2
>
>
> The JClouds library is unable to communicate with S3 compatible services running on non-standard
ports. This has been traced to the v4 authentication code.
> In HTTP, the host header can "optionally" include a port number. In practice, this is
included when the HTTP service is running on a non-standard port (i.e. not 80 or 443). The
AWSv4 auth code uses _only_ the hostname from the URI for the host header, as can be seen
at:
> https://github.com/jclouds/jclouds/blob/37101b7825edce7899c8a12e02f2153168ebc4df/apis/s3/src/main/java/org/jclouds/s3/filters/Aws4SignerForAuthorizationHeader.java#L76
> This is fine for AWS's official S3 endpoints which are only accessible via TCP ports
80 or 443, but is incorrect for communicating with "compatible" endpoints running on non-standard
ports. In the non-standard case, the host header should include a :port suffix.
> See HTTP RFC: https://tools.ietf.org/html/rfc7230#section-5.4



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message