Pas*_*itz 5 java scala amazon-s3 amazon-web-services
我有一个属于另一个帐户的存储桶。使用 AWS CLI,我可以访问(列出和读取对象)此存储桶。例如:
aws s3 ls s3://somebucket/foo/bar
列出对象。
尝试使用 Java SDK(在 Scala 中)重新创建相同的内容,我收到上述异常 (SignatureDoesNotMatch)。
这是代码:
package com.myco.sample
class TestCase() {
val credentials = new com.amazonaws.auth.BasicAWSCredentials(
"ACCESS_KEY_ID",
"SECRET_ACCESS_KEY"
)
val s3 = new com.amazonaws.services.s3.AmazonS3Client(credentials)
val endpoint = "somebucket.s3-us-west-2.amazonaws.com"
s3.setEndpoint(endpoint)
try {
val objs = s3.listObjects("foo/bar")
} catch {
case ace: com.amazonaws.services.s3.model.AmazonS3Exception => {
println(ace.getAdditionalDetails)
}
}
}
对 listObjects 的调用引发异常。输出是:
com.amazonaws.services.s3.model.AmazonS3Exception: The request signature we calculated does not match the signature you provided. Check your key and signing method. (Service: Amazon S3; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: XXXXXXXXX), S3 Extended Request ID: XXXXXXXXXXXXXXXXXXX=
{SignatureProvided=XXXXXXXXXXXXX=, StringToSign=Wed, 06 Jan 2016 04:32:38 GMT
/somebucket/foo/bar/, AWSAccessKeyId=XXXXXX, Error=XXXXXXXXXXXX=, StringToSignBytes=XXXXXXXXX}
当不提供上述端点时,我收到不同的错误:
The bucket you are attempting to access must be addressed using the specified endpoint
设置端点后,我尝试了多种将“bucket”参数传递给listObjects的方法,但都不起作用。
不确定为什么幕后生成的签名不正确。有任何想法吗?
该错误通常意味着凭据不正确。
val credentials = new com.amazonaws.auth.BasicAWSCredentials(
"ACCESS_KEY_ID",
"SECRET_ACCESS_KEY"
)
您在代码中使用实际的访问密钥和秘密密钥吗?~/.aws/credentials它们与您文件中的值匹配吗?
您可以尝试创建AmazonS3Client使用默认构造函数在不显式提供凭据的情况下创建 。~/.aws/credentials默认行为是像 CLI 一样使用这些值。
要排除凭据问题,您可以在 CLI 中打开日志记录并将其与 SDK 日志进行比较。尝试:
aws --debug s3 ls s3://somebucket/foo/bar
你应该看到这样的东西:
...
2016-01-06 13:29:01,306 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2016-01-06 13:29:01,306 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2016-01-06 13:29:01,306 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2016-01-06 13:29:01,306 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
...
接下来,启用 SDK 日志记录,如下所示:http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-logging.html。您应该只需要提供 log4j jar 和示例log4j.properties文件。
在这里你应该看到这个:
...
2016-01-06 13:26:47,621 [main] DEBUG com.amazonaws.auth.AWSCredentialsProviderChain - Unable to load credentials from EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY))
2016-01-06 13:26:47,621 [main] DEBUG com.amazonaws.auth.AWSCredentialsProviderChain - Unable to load credentials from SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey)
2016-01-06 13:26:47,636 [main] DEBUG com.amazonaws.auth.AWSCredentialsProviderChain - Loading credentials from com.amazonaws.auth.profile.ProfileCredentialsProvider@42561fba
...
如果这不是问题,您可以详细检查日志以进一步诊断问题。
| 归档时间: |
|
| 查看次数: |
9153 次 |
| 最近记录: |