You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jclouds.apache.org by Ranjith R <ra...@gmail.com> on 2018/06/18 13:51:21 UTC
Signature v4 support for non amazon S3
Hi All - I know signature v4 signing is implemented for Amazon S3 (aws-s3).
Just wanted to know if I can use v4 signing for a non amazon cloud which
supports S3 API and sigV4 (s3). If it does, what changes should be done
from the client side?
Thanks,
Ranjith
Re: Signature v4 support for non amazon S3
Posted by Andrew Gaul <ga...@apache.org>.
Sorry for the late reply, but I believe this needs some jclouds work to
use. We would welcome patches for this and to enable v4 signing more
easily!
On Thu, Jun 21, 2018 at 09:52:36PM +0530, Ranjith R wrote:
> With sigv4, we see that we are doing single chunk upload with signed
> payload. We also noticed that the data is read twice (once for calculating
> the hash and once for actual transfer). While reading the sig v4
> documentation at
> https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
> I saw that there is a unsigned payload option. Is there a way to use
> unsigned payload from jclouds to avoid this double read?
>
> Thanks,
> Ranjith
>
> On Thu, Jun 21, 2018 at 8:33 PM Ignasi Barrera <na...@apache.org> wrote:
>
> > Yeah! :)
> >
> >
> > On 21 June 2018 at 16:41, Ranjith R <ra...@gmail.com> wrote:
> >
> >> Thanks Ignasi. That worked.
> >>
> >> Thanks,
> >> Ranjith
> >>
> >> On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera <na...@apache.org> wrote:
> >>
> >>> I haven't tried it, but you should be able to define a Guice module that
> >>> extends the default S3 module and overrides the request signer
> >>> configuration. Then you can pass that one to the list of modules you pass
> >>> when creating the context:
> >>>
> >>> @ConfiguresHttpApipublic static class S3V4SignerModule extends S3HttpApiModule<S3Client> {
> >>> @Override
> >>> protected void bindRequestSigner() {
> >>> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
> >>> }
> >>> }
> >>> public static void main(String[] args) {
> >>> ContextBuilder.newBuilder("s3")
> >>> ...
> >>> .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
> >>> ...
> >>> }
> >>>
> >>>
> >>>
> >>> Make sure you annotate the custom module with "@ConfiguresHttpApi".
> >>> Can you try this?
> >>>
> >>>
> >>>
> >>> I.
> >>>
> >>>
> >>> On 21 June 2018 at 11:58, Ranjith R <ra...@gmail.com> wrote:
> >>>
> >>>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
> >>>> it talks about the default signing for AWS being v4 and other s3 clones
> >>>> being v2. I just want to know if I can use v4 for a s3 clone? Is there
> >>>> any example that I can look at?
> >>>>
> >>>> Thanks,
> >>>> Ranjith
> >>>>
> >>>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
> >>>>
> >>>>> Hi All - I know signature v4 signing is implemented for Amazon S3
> >>>>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
> >>>>> cloud which supports S3 API and sigV4 (s3). If it does, what changes
> >>>>> should be done from the client side?
> >>>>>
> >>>>> Thanks,
> >>>>> Ranjith
> >>>>>
> >>>>
> >>>
> >
--
Andrew Gaul
http://gaul.org/
Re: Signature v4 support for non amazon S3
Posted by Ranjith R <ra...@gmail.com>.
With sigv4, we see that we are doing single chunk upload with signed
payload. We also noticed that the data is read twice (once for calculating
the hash and once for actual transfer). While reading the sig v4
documentation at
https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
I saw that there is a unsigned payload option. Is there a way to use
unsigned payload from jclouds to avoid this double read?
Thanks,
Ranjith
On Thu, Jun 21, 2018 at 8:33 PM Ignasi Barrera <na...@apache.org> wrote:
> Yeah! :)
>
>
> On 21 June 2018 at 16:41, Ranjith R <ra...@gmail.com> wrote:
>
>> Thanks Ignasi. That worked.
>>
>> Thanks,
>> Ranjith
>>
>> On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera <na...@apache.org> wrote:
>>
>>> I haven't tried it, but you should be able to define a Guice module that
>>> extends the default S3 module and overrides the request signer
>>> configuration. Then you can pass that one to the list of modules you pass
>>> when creating the context:
>>>
>>> @ConfiguresHttpApipublic static class S3V4SignerModule extends S3HttpApiModule<S3Client> {
>>> @Override
>>> protected void bindRequestSigner() {
>>> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
>>> }
>>> }
>>> public static void main(String[] args) {
>>> ContextBuilder.newBuilder("s3")
>>> ...
>>> .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
>>> ...
>>> }
>>>
>>>
>>>
>>> Make sure you annotate the custom module with "@ConfiguresHttpApi".
>>> Can you try this?
>>>
>>>
>>>
>>> I.
>>>
>>>
>>> On 21 June 2018 at 11:58, Ranjith R <ra...@gmail.com> wrote:
>>>
>>>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
>>>> it talks about the default signing for AWS being v4 and other s3 clones
>>>> being v2. I just want to know if I can use v4 for a s3 clone? Is there
>>>> any example that I can look at?
>>>>
>>>> Thanks,
>>>> Ranjith
>>>>
>>>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
>>>>
>>>>> Hi All - I know signature v4 signing is implemented for Amazon S3
>>>>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>>>>> cloud which supports S3 API and sigV4 (s3). If it does, what changes
>>>>> should be done from the client side?
>>>>>
>>>>> Thanks,
>>>>> Ranjith
>>>>>
>>>>
>>>
>
Re: Signature v4 support for non amazon S3
Posted by Ignasi Barrera <na...@apache.org>.
Yeah! :)
On 21 June 2018 at 16:41, Ranjith R <ra...@gmail.com> wrote:
> Thanks Ignasi. That worked.
>
> Thanks,
> Ranjith
>
> On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera <na...@apache.org> wrote:
>
>> I haven't tried it, but you should be able to define a Guice module that
>> extends the default S3 module and overrides the request signer
>> configuration. Then you can pass that one to the list of modules you pass
>> when creating the context:
>>
>> @ConfiguresHttpApipublic static class S3V4SignerModule extends S3HttpApiModule<S3Client> {
>> @Override
>> protected void bindRequestSigner() {
>> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
>> }
>> }
>> public static void main(String[] args) {
>> ContextBuilder.newBuilder("s3")
>> ...
>> .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
>> ...
>> }
>>
>>
>>
>> Make sure you annotate the custom module with "@ConfiguresHttpApi".
>> Can you try this?
>>
>>
>>
>> I.
>>
>>
>> On 21 June 2018 at 11:58, Ranjith R <ra...@gmail.com> wrote:
>>
>>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
>>> it talks about the default signing for AWS being v4 and other s3 clones
>>> being v2. I just want to know if I can use v4 for a s3 clone? Is there
>>> any example that I can look at?
>>>
>>> Thanks,
>>> Ranjith
>>>
>>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
>>>
>>>> Hi All - I know signature v4 signing is implemented for Amazon S3
>>>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>>>> cloud which supports S3 API and sigV4 (s3). If it does, what changes
>>>> should be done from the client side?
>>>>
>>>> Thanks,
>>>> Ranjith
>>>>
>>>
>>
Re: Signature v4 support for non amazon S3
Posted by Ranjith R <ra...@gmail.com>.
Thanks Ignasi. That worked.
Thanks,
Ranjith
On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera <na...@apache.org> wrote:
> I haven't tried it, but you should be able to define a Guice module that
> extends the default S3 module and overrides the request signer
> configuration. Then you can pass that one to the list of modules you pass
> when creating the context:
>
> @ConfiguresHttpApipublic static class S3V4SignerModule extends S3HttpApiModule<S3Client> {
> @Override
> protected void bindRequestSigner() {
> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
> }
> }
> public static void main(String[] args) {
> ContextBuilder.newBuilder("s3")
> ...
> .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
> ...
> }
>
>
>
> Make sure you annotate the custom module with "@ConfiguresHttpApi".
> Can you try this?
>
>
>
> I.
>
>
> On 21 June 2018 at 11:58, Ranjith R <ra...@gmail.com> wrote:
>
>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
>> it talks about the default signing for AWS being v4 and other s3 clones
>> being v2. I just want to know if I can use v4 for a s3 clone? Is there
>> any example that I can look at?
>>
>> Thanks,
>> Ranjith
>>
>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
>>
>>> Hi All - I know signature v4 signing is implemented for Amazon S3
>>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>>> cloud which supports S3 API and sigV4 (s3). If it does, what changes
>>> should be done from the client side?
>>>
>>> Thanks,
>>> Ranjith
>>>
>>
>
Re: Signature v4 support for non amazon S3
Posted by Ignasi Barrera <na...@apache.org>.
I haven't tried it, but you should be able to define a Guice module that
extends the default S3 module and overrides the request signer
configuration. Then you can pass that one to the list of modules you pass
when creating the context:
@ConfiguresHttpApipublic static class S3V4SignerModule extends
S3HttpApiModule<S3Client> {
@Override
protected void bindRequestSigner() {
bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
}
}
public static void main(String[] args) {
ContextBuilder.newBuilder("s3")
...
.modules(ImmutableSet.of(new S3V4SignerModule(), ...))
...
}
Make sure you annotate the custom module with "@ConfiguresHttpApi".
Can you try this?
I.
On 21 June 2018 at 11:58, Ranjith R <ra...@gmail.com> wrote:
> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and it
> talks about the default signing for AWS being v4 and other s3 clones being
> v2. I just want to know if I can use v4 for a s3 clone? Is there any
> example that I can look at?
>
> Thanks,
> Ranjith
>
> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
>
>> Hi All - I know signature v4 signing is implemented for Amazon S3
>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>> cloud which supports S3 API and sigV4 (s3). If it does, what changes
>> should be done from the client side?
>>
>> Thanks,
>> Ranjith
>>
>
Re: Signature v4 support for non amazon S3
Posted by Ranjith R <ra...@gmail.com>.
I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and it
talks about the default signing for AWS being v4 and other s3 clones being
v2. I just want to know if I can use v4 for a s3 clone? Is there any
example that I can look at?
Thanks,
Ranjith
On Mon, Jun 18, 2018 at 7:21 PM Ranjith R <ra...@gmail.com> wrote:
> Hi All - I know signature v4 signing is implemented for Amazon S3
> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
> cloud which supports S3 API and sigV4 (s3). If it does, what changes
> should be done from the client side?
>
> Thanks,
> Ranjith
>