[one-users] AUTHENTICATION PROBLEM when using EC2 Tools
Olivier Sallou
olivier.sallou at irisa.fr
Tue Mar 1 08:22:19 PST 2011
I made some tests with logs and in authenticate method it appears than
params['Signature'] and signature are differents
I have signature version 2
Olivier
Le 3/1/11 4:44 PM, Daniel Molina Aranda a écrit :
> Have you tried without the changes you made? Try reinstalling because
> maybe the problem only was in the endpoint you were using and there is
> no need to change the source. If you are still having the problem with
> the original source, let us know.
>
> On 1 March 2011 16:02, Olivier Sallou<olivier.sallou at irisa.fr> wrote:
>> no, it is the same
>>
>> Le 3/1/11 3:45 PM, Daniel Molina Aranda a écrit :
>>> In your request you are issuing the following command
>>> "I tried with econe-describe-instances -K osallou -S XXXX -U
>>> http://localhost:4567, still fails"
>>>
>>> You have to use the same endpoint as shown in the econe configuration
>>> file:
>>> econe-describe-instances -K osallou -S XXXX -U
>>> http://onemaster.genouest.org:4567
>>>
>>> And now it should work.
>>>
>>>
>>> On 1 March 2011 15:25, Olivier Sallou<olivier.sallou at irisa.fr> wrote:
>>>> oneadmin at onemaster:/var/log/one$ ruby -v
>>>> ruby 1.8.7 (2010-01-10 patchlevel 249) [x86_64-linux]
>>>>
>>>> API_VERSION = '2010-08-31'
>>>>
>>>> econe.conf:
>>>>
>>>> # OpenNebula sever contact information
>>>> ONE_XMLRPC=http://localhost:2633/RPC2
>>>>
>>>> # Host and port where econe server will run
>>>> SERVER=onemaster.genouest.org
>>>> PORT=4567
>>>>
>>>> # SSL proxy that serves the API (set if is being used)
>>>> #SSL_SERVER=fqdm.of.the.server
>>>>
>>>> # VM types allowed and its template file (inside templates directory)
>>>> VM_TYPE=[NAME=m1.small, TEMPLATE=m1.small.erb]
>>>>
>>>>
>>>> Olivier
>>>>
>>>> Le 3/1/11 3:22 PM, Daniel Molina Aranda a écrit :
>>>>> Hi Olivier,
>>>>>
>>>>> Would you mind to send us your $ONE_LOCATION/etc/econe.conf file and
>>>>> the ruby and amazon-ec2 versions that you are working with?
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>> On 1 March 2011 14:56, Olivier Sallou<olivier.sallou at irisa.fr> wrote:
>>>>>> Hi,
>>>>>> I face an issue with econe-describe-images and EC2 tools access. I have
>>>>>> an
>>>>>> authentication error.
>>>>>>
>>>>>> Following a previous mail I 've seen (see below), I updated encoding to
>>>>>> HmacSHA256 and EC2QueryServer.rb not to include port for version
>>>>>> 2010-08-31
>>>>>>
>>>>>> However I still have the issue.
>>>>>>
>>>>>> I tried with econe-describe-instances -K osallou -S XXXX -U
>>>>>> http://localhost:4567, still fails
>>>>>>
>>>>>> As a client I use ruby gem amazon-ec2.
>>>>>>
>>>>>>
>>>>>> I check EC2Query ruby codes in repository to see if changes were made
>>>>>> but
>>>>>> I
>>>>>> see no difference.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Olivier
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi! I discovered an AUTHENTICATION PROBLEM when using EC2 Tools
>>>>>> provided by OpenNebula.
>>>>>>
>>>>>> On client-side, the HMAC algorithm used is "HmacSHA256" while the
>>>>>> passed parameter is "HmacSHA1" in
>>>>>>
>>>>>> $ONE_LOCATION/lib/ruby/cloud/econe/EC2QueryClient.rb:144
>>>>>>
>>>>>> this causes an authentication failure.
>>>>>>
>>>>>>
>>>>>> I found another problem in the file
>>>>>>
>>>>>> $ONE_LOCATION/lib/ruby/cloud/econe/EC2QueryServer.rb
>>>>>>
>>>>>> While the issue disappeared executing the tool
>>>>>>
>>>>>> econe-upload
>>>>>>
>>>>>> it is still present in the tools
>>>>>>
>>>>>> econe-register
>>>>>> econe-describe-images
>>>>>>
>>>>>> This may be caused by the file
>>>>>>
>>>>>> $ONE_LOCATION/lib/ruby/cloud/econe/EC2QueryServer.rb
>>>>>>
>>>>>> where, in the function "signature_version_2()" definition, the
>>>>>> variable "server_str" depends on the tool executed.
>>>>>>
>>>>>> 1. econe-upload
>>>>>>
>>>>>> server_str = FQDN
>>>>>>
>>>>>> 2. econe-register
>>>>>>
>>>>>> server_str = FQDN:PORT
>>>>>>
>>>>>> I think the issue is caused by the missing parameter "Version" which
>>>>>> is not passed in last two utilities.
>>>>>>
>>>>>> Best,
>>>>>>
>>>>>> PAOLO
>>>>>>
>>>>>>
>>>>>> --
>>>>>> PAOLO SMIRAGLIA
>>>>>> http://portale.isf.polito.it/paolo-smiraglia
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at lists.opennebula.org
>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>>>
>>>>>> --
>>>>>> gpg key id: 4096R/326D8438 (pgp.mit.edu)
>>>>>> Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at lists.opennebula.org
>>>>>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>>>>>
>>>>>>
>>>> --
>>>> gpg key id: 4096R/326D8438 (pgp.mit.edu)
>>>> Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438
>>>>
>>>>
>>>>
>>>
>> --
>> gpg key id: 4096R/326D8438 (pgp.mit.edu)
>> Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
>
--
gpg key id: 4096R/326D8438 (pgp.mit.edu)
Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438
More information about the Users
mailing list