-
Notifications
You must be signed in to change notification settings - Fork 2.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why does AmazonWebServiceClient.setRegion computes Signer with isRegionIdAsSignerParam=false? #842
Comments
Wow this code is confusing. We'll actually try and set the region in the signer provider which might recompute the region if there's a redirect (https://github.com/aws/aws-sdk-java/blob/master/aws-java-sdk-s3/src/main/java/com/amazonaws/services/s3/internal/auth/S3SignerProvider.java#L53). The region on the signer itself is apparently more of an override, similar to the signerRegionOverride on the client (https://github.com/aws/aws-sdk-java/blob/master/aws-java-sdk-core/src/main/java/com/amazonaws/auth/AWS4Signer.java#L79). When not set it too will attempt to parse the region from the hostname (https://github.com/aws/aws-sdk-java/blob/master/aws-java-sdk-core/src/main/java/com/amazonaws/auth/internal/AWS4SignerRequestParams.java#L88) What's your custom endpoints file look like? Would you mind sharing or is it sensitive? |
@shorea Thanks for your reply. <XML>
<Regions>
<Region>
<Name>beta</Name>
<Domain>beta.storage.testdomain.com</Domain>
<Endpoint>
<ServiceName>s3</ServiceName>
<Http>true</Http>
<Https>true</Https>
<Hostname>beta.storage.testdomain.com</Hostname>
</Endpoint>
</Region>
<Region>
<Name>region01</Name>
<Domain>region01.storage.storage-testdomain.com</Domain>
<Endpoint>
<ServiceName>s3</ServiceName>
<Http>true</Http>
<Https>true</Https>
<Hostname>region01.storage.storage-testdomain.com</Hostname>
</Endpoint>
</Region>
<Region>
<Name>region02</Name>
<Domain>region02.storage.storage-testdomain.com</Domain>
<Endpoint>
<ServiceName>s3</ServiceName>
<Http>true</Http>
<Https>true</Https>
<Hostname>region02.storage.storage-testdomain.com</Hostname>
</Endpoint>
</Region>
</Regions>
<Services>
<Service>
<Name>s3</Name>
<FullName>testdomain Simple Storage Service</FullName>
<RegionName>beta</RegionName>
<RegionName>region01</RegionName>
<RegionName>region02</RegionName>
</Service>
</Services>
</XML> Because there is no "s3" hint in the Hostname (eg. beta.storage.testdomain.com), maybe we will have to make some change to the AwsHostNameUtils to compute our internal region name. |
I believe you can add a mapping in an overridden config file like so. The override file is expected to be at the root of the classpath with the name 'awssdk_config_override.json' aws-sdk-java/aws-java-sdk-core/src/main/java/com/amazonaws/internal/config/InternalConfig.java Line 55 in a51792e
|
Thanks a lot, I will have a try |
Thanks! With my edited Thanks a lot, it helped me. |
Good to hear! |
Dear team:
I have a question,
https://github.com/aws/aws-sdk-java/blob/master/aws-java-sdk-core/src/main/java/com/amazonaws/AmazonWebServiceClient.java#L342
Why does AmazonWebServiceClient.setRegion computes Signer with isRegionIdAsSignerParam=false?
I am trying to use this library to connect an S3-Compatible storage service.
I use the override region file and set region to the internal one.
However, It fails when authration and got 400 Bad request.
In the request header, SDK library sent
I traced the source code,
AmazonS3Client.setRegion(Region region)
-->super.setRegion(region)
-->'computeSignerByServiceRegion(serviceNameForSigner, region.getName(), signerRegionOverride, false)'
Because AWSS3V4Signer use Region in header, regionId should be used.
So the isRegionIdAsSignerParam parameter here should be true, am I right?
The text was updated successfully, but these errors were encountered: