SignatureDoesNotMatch error on certain save calls
82 views
Skip to first unread message
Karl
Jan 18, 2010, 5:07:39 PM1/18/10
to SimpleRecord
For some reason, specific objects are givning a SignatureDoesNotMatch
error when inserting into simpledb. Pretty sure this does not have
anything to do with my access key as a call to save for a different
object will work.
error when inserting into simpledb. Pretty sure this does not have
anything to do with my access key as a call to save for a different
object will work.
Aws::AwsError: SignatureDoesNotMatch: The request signature we
calculated does not match the signature you provided. Check your AWS
Secret Access Key and signing method. Consult the service
documentation for details.
REQUEST(sdb.amazonaws.com:443/)
from /usr/lib64/ruby/gems/1.8/gems/aws-2.1.12/lib/awsbase/
right_awsbase.rb:389:in `request_info_impl'
from /usr/lib64/ruby/gems/1.8/gems/aws-2.1.12/lib/sdb/
right_sdb_interface.rb:144:in `request_info'
from /usr/lib64/ruby/gems/1.8/gems/aws-2.1.12/lib/sdb/
right_sdb_interface.rb:415:in `put_attributes'
from /usr/lib64/ruby/gems/1.8/gems/aws-2.1.12/lib/sdb/active_sdb.rb:
816:in `save'
from /usr/lib64/ruby/gems/1.8/gems/simple_record-1.1.65/lib/
simple_record.rb:343:in `save'
from /data/weshop/releases/20100118163255/app/models/
simpledb_message.rb:13:in `create_from_email_message!'
from /data/weshop/releases/20100118163255/app/models/email/message.rb:
112:in `store_on_s3'
from (irb):28
from :0
Has anyone come across this?
thx.
-karl
Karl Baum
Jan 18, 2010, 6:05:51 PM1/18/10
to SimpleRecord
Ok. I've drilled down a bit and it seems to be related to storing this value:
"other/2009-11-10/04/84.eml"
Can simpledb handle the '/'?
thx
-karl
Travis Reeder
Jan 18, 2010, 9:07:47 PM1/18/10
to simple-record
I just created a test saving this value and it seems to work fine. Can you write a test case to reproduce this?
Travis
--
You received this message because you are subscribed to the Google Groups "SimpleRecord" group.
To post to this group, send email to simple...@googlegroups.com.
To unsubscribe from this group, send email to simple-recor...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/simple-record?hl=en.
Karl Baum
Jan 18, 2010, 9:13:56 PM1/18/10
to simple...@googlegroups.com
Hi Travis. I was off with what i thought the problem was. The issue seems to happen whenever we do a post because the service_params are greater than 2000 params. Within the right_sdb_interface, the following logic is within the generate_request method:
if service_params.size > 2000
if signature_version == '2'
# resign the request because HTTP verb is included into signature
service_params = signed_service_params(@aws_secret_access_key, service_hash, :post, @params[:server], service)
end
request = Net::HTTP::Post.new(service)
request.body = service_params
request['Content-Type'] = 'application/x-www-form-urlencoded'
else
request = Net::HTTP::Get.new("#{service}?#{service_params}")
end
Whenever the service_params size is greater than 2000 characters, I get the AwsError. I will try and reproduce with a test case.
Thanks for your help.
-karl
Travis Reeder
Jan 18, 2010, 9:19:42 PM1/18/10
to simple-record
So you're saying the signature is invalid when it's using that Net::HTTP::Post and it is valid when it uses the Net::HTTP::Get? Interesting.
If you could throw a quick test together, that would be great, then I'll get it fixed up.
Karl Baum
Jan 18, 2010, 9:20:28 PM1/18/10
to simple...@googlegroups.com
Great. Working on an rspec test as we speak.
Karl Baum
Jan 18, 2010, 9:53:17 PM1/18/10
to simple...@googlegroups.com
Hi Travis. I reproduced the problem here:
I think the problem is the combination of 2000 or more characters and the funny character after Karen Smith in the subject. When I replaced it with a normal "apostrophe s" instead of the wierd character, the test passes. I don't pretend to understand the ins and outs of character encodings, but is this something that I should be scrubbing on my end?
Thanks for your help.
-karl
Karl Baum
Jan 19, 2010, 1:52:10 PM1/19/10
to simple...@googlegroups.com
It looks like this fix addresses the problem i am having:
Only issue is that for these objects, the text within simpledb is url encoded. In my tests I have been just calling CGI::unescape on the value when i pull it back from simpledb, but I don't see why we wouldn't do that for all strings within simple_record or aws.
I tried to fork aws and apply the change, but github seems to be having issues.
thx.
-karl
Travis Reeder
Jan 20, 2010, 5:45:42 PM1/20/10
to simple-record
This sounds eerily similar to this issue that someone else just posted here for the ec2 library: http://github.com/appoxy/aws/issues#issue/3
Travis Reeder
Jan 20, 2010, 6:03:55 PM1/20/10
to simple-record
SDB should be able to support unicode, so there is some double escaping if also escape it which probably isn't what you want.
I think I might know the issue, after scanning the code, perhaps when doing a POST, we do not need to URL escape the values as we're doing when it's a GET. See line 82 in right_awsbase.rb. So when it switches to POST (because the request is greater than 2000), it might need to handle the values differently.
Any chance you could turn your test into a regular unit test so it fits with the rest of our test cases?
Travis
Karl Baum
Jan 20, 2010, 6:07:43 PM1/20/10
to simple...@googlegroups.com
Sure. I'll have a stab at it. Do you want the unit test in simple_record or aws?
Travis Reeder
Jan 22, 2010, 1:36:35 AM1/22/10
to simple-record
Hmmm, probably would make more sense in aws. Thanks!
Travis
Reply all
Reply to author
Forward
0 new messages