You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by "Andrew Gaul (JIRA)" <ji...@apache.org> on 2017/07/05 21:42:00 UTC
[jira] [Resolved] (JCLOUDS-1261) AWS v4 auth excludes port numbers
from host header
[ https://issues.apache.org/jira/browse/JCLOUDS-1261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Gaul resolved JCLOUDS-1261.
----------------------------------
Resolution: Fixed
> AWS v4 auth excludes port numbers from host header
> --------------------------------------------------
>
> Key: JCLOUDS-1261
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1261
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-blobstore
> Affects Versions: 2.0.0, 2.0.1
> Reporter: Stephen Tomkinson
> Assignee: Andrew Gaul
> Labels: aws-s3, s3
> Fix For: 2.1.0, 2.0.2
>
>
> The JClouds library is unable to communicate with S3 compatible services running on non-standard ports. This has been traced to the v4 authentication code.
> In HTTP, the host header can "optionally" include a port number. In practice, this is included when the HTTP service is running on a non-standard port (i.e. not 80 or 443). The AWSv4 auth code uses _only_ the hostname from the URI for the host header, as can be seen at:
> https://github.com/jclouds/jclouds/blob/37101b7825edce7899c8a12e02f2153168ebc4df/apis/s3/src/main/java/org/jclouds/s3/filters/Aws4SignerForAuthorizationHeader.java#L76
> This is fine for AWS's official S3 endpoints which are only accessible via TCP ports 80 or 443, but is incorrect for communicating with "compatible" endpoints running on non-standard ports. In the non-standard case, the host header should include a :port suffix.
> See HTTP RFC: https://tools.ietf.org/html/rfc7230#section-5.4
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)