On Mar 10, 2014, at 8:30 PM, Yehuda Sadeh <yeh...@inktank.com> wrote:
>> 2014-03-10 22:59:12.551012 7fec017fa700 10 auth_hdr:
>> GET
>>
>>
>> Mon, 10 Mar 2014 22:59:42 GMT
>> /user
>
> This is related to the issue. I assume it was signed as /admin/user,
> but here we just use /user because that what's passed in the URI. Are
> you accessing the gateway through virtual dns bucket name (e.g.,
> admin.your-domain.com)?
>
> Yehuda
>
>> 2014-03-10 22:59:12.551103 7fec017fa700 15 calculated
>> digest=R+4z9J6PyXugdHAYJDKJiLPKpWo=
>> 2014-03-10 22:59:12.551113 7fec017fa700 15
>> auth_sign=OHAxWvf8U8t4CVWq0pKKwxZ2Xko=
>> 2014-03-10 22:59:12.551114 7fec017fa700 15 compare=-3
>> 2014-03-10 22:59:12.551118 7fec017fa700 10 failed to authorize request
>> 2014-03-10 22:59:12.551295 7fec017fa700 2 req 1:0.020363:s3:GET
>> /user:list_bucket:http status=403
>> 2014-03-10 22:59:12.551496 7fec017fa700 1 ====== req done req=0x19497c0
>> http_status=403 ======
This what our request header looks like. ‘admin’ is the admin bucket. The
request doesn’t appear to be signed as /admin/user. I wonder if the ordering
of our header fields are incorrect insofar as they don’t match the canonical
ordering expected by radosgw/S3 resulting in the digests not matching?
Request: GET http://admin.XXXX.liquidweb.com/user
Date: Tue, 11 Mar 2014 22:52:20 GMT
Authorization: AWS 08V6K45V9KPVK7MIWWMG:VPPhzMiF9bFywTxLbr1peLEwZK4=
User-Agent: libwww-perl/5.805
display-name: Hello World
uid: atc
Format: json HTTP/1.1
*** /home/etank/lwlibs/perl/Amazon/S3.pm [298]: Response: HTTP/1.1 403 Forbidden
Connection: Keep-Alive
Date: Tue, 11 Mar 2014 22:51:47 GMT
Accept-Ranges: bytes
Server: Apache/2.2.22 (Ubuntu)
Content-Length: 78
Content-Type: application/xml
Client-Date: Tue, 11 Mar 2014 22:52:20 GMT
Client-Peer: 10.30.77.227:80
Client-Response-Num: 1
Keep-Alive: timeout=5, max=100
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
