Amazon S3 Storage Error

mark.butler · November 2, 2017, 12:14am

Hi,

I’m trying to use the bean change to save to S3 but am getting the following error:

com.haulmont.cuba.core.global.FileStorageException: I/O error: Could not save file 27917644-11f8-147f-3eeb-ebcbad7b5599.pdf. <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>XXXXX</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256
20171102T001012Z
20171102/eu-west-2/s3/aws4_request
a5f9e41f21173a735522b7695b7b3369ff3c54ee064254b7cf2d06cba592727e</StringToSign><SignatureProvided>cac9470fe6893068772583c2eab1fe6d8c21a496a459e4c86e2fd54e868388af</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 37 31 31 30 32 54 30 30 31 30 31 32 5a 0a 32 30 31 37 31 31 30 32 2f 65 75 2d 77 65 73 74 2d 32 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 61 35 66 39 65 34 31 66 32 31 31 37 33 61 37 33 35 35 32 32 62 37 36 39 35 62 37 62 33 33 36 39 66 66 33 63 35 34 65 65 30 36 34 32 35 34 62 37 63 66 32 64 30 36 63 62 61 35 39 32 37 32 37 65</StringToSignBytes><CanonicalRequest>PUT
/2017/11/02/27917644-11f8-147f-3eeb-ebcbad7b5599.pdf

content-encoding:aws-chunked
content-length:84215
host:XXXX
x-amz-content-sha256:STREAMING-AWS4-HMAC-SHA256-PAYLOAD
x-amz-date:20171102T001012Z
x-amz-decoded-content-length:83151
x-amz-storage-class:REDUCED_REDUNDANCY

content-encoding;content-length;host;x-amz-content-sha256;x-amz-date;x-amz-decoded-content-length;x-amz-storage-class
STREAMING-AWS4-HMAC-SHA256-PAYLOAD</CanonicalRequest><CanonicalRequestBytes>50 55 54 0a 2f 32 30 31 37 2f 31 31 2f 30 32 2f 32 37 39 31 37 36 34 34 2d 31 31 66 38 2d 31 34 37 66 2d 33 65 65 62 2d 65 62 63 62 61 64 37 62 35 35 39 39 2e 70 64 66 0a 0a 63 6f 6e 74 65 6e 74 2d 65 6e 63 6f 64 69 6e 67 3a 61 77 73 2d 63 68 75 6e 6b 65 64 0a 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 3a 38 34 32 31 35 0a 68 6f 73 74 3a 66 69 6c 65 2d 70 72 6f 64 2d 74 72 2e 73 33 2e 65 75 2d 77 65 73 74 2d 32 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 53 54 52 45 41 4d 49 4e 47 2d 41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 2d 50 41 59 4c 4f 41 44 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 31 37 31 31 30 32 54 30 30 31 30 31 32 5a 0a 78 2d 61 6d 7a 2d 64 65 63 6f 64 65 64 2d 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 3a 38 33 31 35 31 0a 78 2d 61 6d 7a 2d 73 74 6f 72 61 67 65 2d 63 6c 61 73 73 3a 52 45 44 55 43 45 44 5f 52 45 44 55 4e 44 41 4e 43 59 0a 0a 63 6f 6e 74 65 6e 74 2d 65 6e 63 6f 64 69 6e 67 3b 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 3b 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 3b 78 2d 61 6d 7a 2d 64 65 63 6f 64 65 64 2d 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 3b 78 2d 61 6d 7a 2d 73 74 6f 72 61 67 65 2d 63 6c 61 73 73 0a 53 54 52 45 41 4d 49 4e 47 2d 41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 2d 50 41 59 4c 4f 41 44</CanonicalRequestBytes><RequestId>B9A12929B20C14BB</RequestId><HostId>XXXXX</HostId></Error>

It looks similar to the error on this thread CUBA File Storage - Amazon S3 upload error - region setting - CUBA.Platform but I am using v6.6 so the fix should be there?

Any help appreciated, thanks!

mark.butler · November 2, 2017, 7:09am

Sorry I’ve fixed my own issue here - it was a permissions problem, I had used another AWS user I had created but I had only allowed them permissions on one specific bucket which wasn’t the one I was using in Cuba.

I wish AWS had better error messages!

Once the access had been granted, works like a dream

mark.butler · November 2, 2017, 11:11am

Actually it is working nicely locally, but deployed on my Docker instance in production, the put works fine, but the get does not find the object?

mark.butler · November 4, 2017, 9:24am

Having a nice conversation with myself here lol…

So yes once again resolved it - not sure why but I’ll explain what I did to fix, but to my mind it shouldn’t have worked locally.

I hadn’t done a dataSupplier.commit(fileDescriptor) after the putFileIntoStorage() command. Therefore when I tried to use the FileDescriptor reference which hadn’t been committed, it wasn’t pointing at the right thing.

However locally running on tomcat using Studio, it was working. On Docker though it didn’t find the file. I suspect it has something to do with the temporary file removal acting differently in the two scenarios? And that the FileDescriptor points to the temporary file until it is committed? (Might be wrong on both cases but strange it worked in one environment and not another).

krivopustov · November 7, 2017, 8:02am

Hi Mark,

I’m not aware of your code working with files, so I’ll just explain something about FileDescriptor, maybe it will help.

Until you commit a FileDescriptor, it doesn’t exist in the database, but you can use when you request FileStorage. It’s actually just a reference to the file in the storage, you could create it and use at any time, the only important thing is its ID and createDate must be the same as ID and createDate of the FileDescriptor used when the file was being saved. FileStorage doesn’t go to the database, it gets the information from the FileDescriptor you are passing to it.