Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-1821

AWS S3 API -Get bucket by name - ACLs do not give user the required permission

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 4.0.0
    • 4.0.0
    • AWSAPI
    • Security Level: Public (Anyone can view this level - this is the default.)
    • None
    • Software platform

    Description

      Now the bucket gets created in mount point folder, but the owner of folder is nobody user.

      Now when I use: http://<server-ip>:7080/awsapi/rest/AmazonS3/test12323
      This should give me details abt the bucket.

      I get following error on IE browser: Access denied - com.cloud.bridge.service.exception.PermissionDeniedException: Access Denied - ACLs do not give user the required permission

      This is a bug.

      Logs show-
      com.cloud.bridge.service.exception.PermissionDeniedException: Access Denied - ACLs do not give user the required permission
      at com.cloud.bridge.service.core.s3.S3Engine.accessAllowed(S3Engine.java:1762)
      at com.cloud.bridge.service.core.s3.S3Engine.verifyAccess(S3Engine.java:1729)
      at com.cloud.bridge.service.core.s3.S3Engine.listBucketContents(S3Engine.java:362)
      at com.cloud.bridge.service.controller.s3.S3BucketAction.executeGetBucket(S3BucketAction.java:578)
      at com.cloud.bridge.service.controller.s3.S3BucketAction.execute(S3BucketAction.java:202)
      at com.cloud.bridge.service.S3RestServlet.processRequest(S3RestServlet.java:181)
      at com.cloud.bridge.service.S3RestServlet.doGet(S3RestServlet.java:84)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
      at org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:889)
      at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721)
      at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2268)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
      at java.lang.Thread.run(Thread.java:722)

      Attachments

        Activity

          People

            Unassigned Unassigned
            asmita.vagyani Asmita Vagyani
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: