I'm beginning with Eucalyptus, with some S3 and EC2 background. I have an app for which I use a personal library to interface with S3 and store/retrieve files from there. Now I want to make my app compatible with Walrus too.
This is my setup:
Ubuntu 10.04 server UEC:
- Just installed it on a fresh VM, selecting all components but the NC, as I only need Walrus
- After boot I verified that walrus was running at
10.211.55.18:8773/services/Walrus
- Go to
10.211.55.18:8443
web portal and changed the admin password - From the same place I retrieved the query interface credentials (id+secret)
I was able to interact with Walrus through Cyberduck and Cloudberry without problems, I've created then a bucket 'mybucket' and an object 'myobject', but cant make a plain request with a programming HTTP library, neither using curl with generated authorization.
If I go to the browser and insert: http://10.211.55.18:8773/services/Walrus/mybucket/myfile
I get a pretty XML message with an authorization error (as expected).
But when trying to get that object, I've done the following signing process (pseudo code):
digest = new_openssl_sha1_digest
date = "Sat, 03 Mar 2012 18:13:54 GMT" (now UTC datetime)
description = "GET\n\n\nSat, 03 Mar 2012 18:13:54 GMT\n/mybucket/myfile"
signature = new_base_64_HMAC(digest, secret_key, description)
headers = {
Date: date,
Authorization: "AWS <access_key_id>:<signature>"
}
So then I end up with these request URL and headers:
Path: http://10.211.55.18:8773/services/Walrus/mybucket/myfile
Headers: {"date"=>"Sat, 03 Mar 2012 18:13:54 GMT", "Authorization"=>"AWS WKy3rMzOWPouVOxK1p3Ar1C2uRBwa2XXXXXX:U/fpoVUCbN64h8iRICp9JZzKWgE="}
But when I issue a GET request as above I only get a tiny response saying:
<headers>
Status: 400 Unauthorized
Content-Type: text/plain; charset=UTF-8
<body>
Failure: 400 Bad Request
I cannot find what I'm I doing wrong, I'm following the S3 signing process. I need to understand this as I need to implement a plugin to Walrus for my app, so I cannot use third party tools.
Hope that someone can help, thanks.
Well I found what was happening... Actually, walrus includes the /services/Walrus path on the signature too, I was only signing the /mybucket/myfile. So one can solve this by signing the string '/services/Walrus/bucket/file', thats it!