Uploaded image for project: 'jclouds'
  1. jclouds
  2. JCLOUDS-1261

AWS v4 auth excludes port numbers from host header

    Details

      Description

      The JClouds library is unable to communicate with S3 compatible services running on non-standard ports. This has been traced to the v4 authentication code.

      In HTTP, the host header can "optionally" include a port number. In practice, this is included when the HTTP service is running on a non-standard port (i.e. not 80 or 443). The AWSv4 auth code uses only the hostname from the URI for the host header, as can be seen at:
      https://github.com/jclouds/jclouds/blob/37101b7825edce7899c8a12e02f2153168ebc4df/apis/s3/src/main/java/org/jclouds/s3/filters/Aws4SignerForAuthorizationHeader.java#L76
      This is fine for AWS's official S3 endpoints which are only accessible via TCP ports 80 or 443, but is incorrect for communicating with "compatible" endpoints running on non-standard ports. In the non-standard case, the host header should include a :port suffix.

      See HTTP RFC: https://tools.ietf.org/html/rfc7230#section-5.4

        Attachments

          Activity

            People

            • Assignee:
              gaul Andrew Gaul
              Reporter:
              neonbunny Stephen Tomkinson
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: