AWS Identity TVM返回带有``客户端签名不匹配''错误的Http 401响应
[英]AWS Identity TVM returns Http 401 response with 'client signature doesnt match' error
问题描述
I am using; 
我在用;
- Eclipse Juno Eclipse朱诺
- ADT-22.3.0 ADT-22.3.0
- aws-android-sdk-1.7.0 aws-android-sdk-1.7.0
For using AWS Token Vending machine code I used sample code for android from below link; 为了使用AWS Token自动售货机代码,我使用了以下链接中的android示例代码; http://aws.amazon.com/code/4598681430241367 http://aws.amazon.com/code/4598681430241367
My Identity TVM module is deployed on Glassfish server 4.0 我的Identity TVM模块部署在Glassfish服务器4.0上
My AmazonS3PersonalFileStore sample for android when tries to communicate with Identity TVM sample; 尝试与Identity TVM示例进行通信时,我的Android的AmazonS3PersonalFileStore示例; its giving error 其给予错误
11-24 15:16:54.886: W/AmazonTVMClient(2262): Request to Token Vending Machine failed with Code: [404] Message: [Unable to reach resource at [http://ip.ip.ip.ip:8080/tvm/login?uid=59434cd89b7ff4b72695fbe55dc06e10&username=useruser×tamp=2013-11-24T15%3A16%3A54.149Z&signature=fca134941ac0f1432568b1590057a64c1a537934d0f7c94b380c9fb23758bbd8]]
and server side shows error; 服务器端显示错误;
[2013-11-24T15:17:00.095+0000] [glassfish 4.0] [WARNING] [] [TokenVendingMachineLogger] [tid: _ThreadID=19 _ThreadName=http-listener-1(2)] [timeMillis: 1385306220095] [levelValue: 900] [[
Client signature : fca134941ac0f1432568b1590057a64c1a537934d0f7c94b380c9fb23758bbd8 doesnot match with server generated signature .Setting Http status code 401]]
[2013-11-24T15:17:00.097+0000] [glassfish 4.0] [SEVERE] [] [TokenVendingMachineLogger] [tid: _ThreadID=19 _ThreadName=http-listener-1(2)] [timeMillis: 1385306220097] [levelValue: 1000] [[Error validating login request for username : useruser]]`
if someone can help give points to resolve it; 是否有人可以帮忙解决问题; also I hope there is nothing special needs to be done to suit Identity TVM code to run on glassfish? 我也希望不需要做任何特殊的事情来使Identity TVM代码适合在glassfish上运行?
EDIT 编辑
When I deploy IdentityTVM.war (out of the box that comes with download) on ElasticBeanstalk - it works perfectly. 当我在ElasticBeanstalk上部署IdentityTVM.war(开箱即用)时,它可以完美运行。 I think problem is with the way I am modifying code to work on glassfish. 我认为问题在于我修改代码以在glassfish上工作的方式。 I am doing following changes in TVM Code; 我正在按照TVM代码进行以下更改;
- com.amazonaws.tvm.Configuration: hardcoded three items with my TVMUser (created in IAM) credentials (AWS_ACCESS_KEY_ID,AWS_SECRET_KEY,APP_NAME) com.amazonaws.tvm.Configuration:使用我的TVMUser(在IAM中创建)凭据(AWS_ACCESS_KEY_ID,AWS_SECRET_KEY,APP_NAME)对三个项目进行硬编码
TokenVendingMachinePolicy.json: changed my policy as below;
TokenVendingMachinePolicy.json:如下更改了我的策略; {"Statement": [ {"Effect":"Allow","Action":["s3:PutObject","s3:GetObject","s3:DeleteObject"],"Resource":"arn:aws:s3:::MyBUCKET/__USERNAME__/*"}, {"Effect":"Allow","Action":"s3:ListBucket","Resource":"arn:aws:s3:::MyBUCKET","Condition":{"StringLike":{"s3:prefix":"__USERNAME__/"}}}, {"Effect":"Deny","Action":["iam:*", "sts:*", "sdb:*"],"Resource":"*"}]}
Am I following right steps to modify IdentityTVM for deployment of glassfish? 我是否正在按照正确的步骤修改IdentityTVM以部署玻璃鱼? I have to use glassfish since our architecture have a cluster environment based on it. 我必须使用glassfish,因为我们的体系结构具有基于它的集群环境。
1 个解决方案
解决方案1
0 2014-01-18 15:58:01
I think this will be a problem with your endpoints not matching up, ie: 我认为这将是您的端点不匹配的问题,即:
Client: 客户:
AwsCredential.properties AwsCredential.properties
tokenVendingMachineURL=tvm.mydomain.com
TVM TVM
endpoint derived from 端点来自
HttpServletRequest.getServerName()
I was having the same 401 problem and this was the cause of it. 我遇到了相同的401问题,这就是它的原因。 See my post on the Amazon Mobile Forums: https://forums.aws.amazon.com/thread.jspa?threadID=143949 请参阅我在Amazon移动论坛上的帖子: https : //forums.aws.amazon.com/thread.jspa? threadID =143949
The TVM was using localhost as the endpoint. TVM使用本地主机作为端点。 I needed to update my vhosts file for the project to contain ProxyPreserveHost On 我需要更新我的vhosts文件,以使项目包含ProxyPreserveHost On
Hope this helps. 希望这可以帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.