堆栈内存溢出
  简体   繁体   English

STS,SAML和Java SDK无法从链中的任何提供程序加载AWS凭据

[英]STS ,SAML and Java SDK Unable to load AWS credentials from any provider in the chain

 原文  2016-04-13 16:10:36       java/ amazon-web-services/ aws-sdk

问题描述

I am trying to get temp credentials for AWS from STS using a SAML requet(from ADFS). 我正在尝试使用SAML requet(来自ADFS)从STS获取AWS的临时凭证。 I have the SAML token, the role arn and principalARN. 我有SAML令牌,角色arn和principalARN。 If I use this to login using AWS CLI they work. 如果我使用它来使用AWS CLI登录它们就可以了。 But using the same 3 with the Java SDK gives the following error. 但是使用与Java SDK相同的3会产生以下错误。

Unable to load AWS credentials from any provider in the chain 无法从链中的任何提供程序加载AWS凭据

Here is the Java code I am using. 这是我正在使用的Java代码。 

AssumeRoleWithSAMLRequest samlreq =new AssumeRoleWithSAMLRequest().withPrincipalArn(principalARN).withRoleArn(roleARN).withSAMLAssertion(SAMLToken);

AWSSecurityTokenServiceClient stsclient = new AWSSecurityTokenServiceClient();

AssumeRoleWithSAMLResult tempcreds=stsclient.assumeRoleWithSAML(samlreq);

Any idea what I am doing wrong or missing? 知道我做错了什么或错过了吗?

Here is the Stack trace: 这是堆栈跟踪:

Exception in thread "main" com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:117) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1098) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRoleWithSAML(AWSSecurityTokenServiceClient.java:575) at App.main(App.java:83) 线程“main”中的异常com.amazonaws.AmazonClientException:无法从com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:117)链中的任何提供者加载AWS凭证,地址为com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient .invoke(AWSSecurityTokenServiceClient.java:1098)位于App.main的com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRoleWithSAML(AWSSecurityTokenServiceClient.java:575)(App.java:83)

2 个解决方案

解决方案1
 5 已采纳  2016-04-14 15:59:25

I got it working finally had to add : 我得到它的工作最后不得不添加: 

BasicAWSCredentials basicCreds=new BasicAWSCredentials("", "");
AWSSecurityTokenServiceClient stsclient = new AWSSecurityTokenServiceClient(basicCreds);

Basically give the sts client a blank set of credentials. 基本上给sts客户端一组空白的凭据。

解决方案2
 0  2018-07-10 18:41:40

The AWSSecurityTokenServiceClient is deprecated. 不推荐使用AWSSecurityTokenServiceClient。 The following code also works. 以下代码也有效。 

BasicAWSCredentials theAWSCredentials= new BasicAWSCredentials("","");
AWSCredentialsProvider theAWSCredentialsProvider = new AWSStaticCredentialsProvider(theAWSCredentials);
AWSSecurityTokenService theSecurityTokenService = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(theAWSCredentialsProvider).build();

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法从链中的任何提供商加载AWS凭证-kinesis-kafka-connector - Unable to load AWS credentials from any provider in the chain - kinesis-kafka-connector AmazonClientException:无法从链中的任何提供商加载凭证 - AmazonClientException: Unable To Load Credentials from any Provider in the Chain AWS Polly Java客户端提供错误:无法从链中的任何提供程序加载区域信息 - AWS Polly Java Client gives error: Unable to load region information from any provider in the chain AWS Java SDK - 无法通过区域提供商链找到区域 - AWS Java SDK - Unable to find a region via the region provider chain AWS SDK 无法通过区域提供商链从 docker 容器中找到区域 - AWS SDK Unable to find a region via the region provider chain from docker container 找不到AWS S3凭证提供程序(Java SDK) - AWS S3 Credentials Provider not found (Java SDK) AWS Java SDK凭证 - AWS Java SDK credentials 无法从aws.properties加载凭据 - unable to load credentials from aws.properties SparkApp 无法加载 Aws Java Sdk 定义 - SparkApp unable to load Aws Java Sdk definitions AWS Java SDK STS 在 Lambda 超时 - AWS Java SDK STS in Lambda timeout
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM