我正在尝试使用客户提供的密钥将文件上传到Amazon S3。我在这里遵循了这个教程: http://java.awsblog.com/post/TxDQ18N7AAB31J/Generating-Amazon-S3-Pre-signed-URLs-with-SSE-C-Part-5-Finale
我的代码:
AWSCredentials credentials = new BasicAWSCredentials("myKey", "mySecretKey");
AmazonS3 s3 = new AmazonS3Client();
try (CloseableHttpClient httpClient = HttpClientFactory.createUploadClient()) {
GeneratePresignedUrlRequest genreq = new GeneratePresignedUrlRequest("bucketName", "test7.pdf", HttpMethod.PUT);
SecretKey secretKey = generateSecretKey();
SSECustomerKey sseKey = new SSECustomerKey(secretKey);
genreq.setSSECustomerKey(sseKey);
URL puturl = s3.generatePresignedUrl(genreq);
HttpPut putreq = new HttpPut(URI.create(puturl.toExternalForm()));
putreq.addHeader(Headers.SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY, sseKey.getKey());
putreq.addHeader(Headers.SERVER_SIDE_ENCRYPTION_CUSTOMER_ALGORITHM, SSEAlgorithm.AES256.getAlgorithm());
putreq.addHeader(Headers.SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY_MD5, sseKey.getMd5());
putreq.setEntity(new FileEntity(new File("filePath")));
HttpResponse resp = httpClient.execute(putreq);
Assert.assertTrue(resp.getStatusLine().getStatusCode() == 200);
} catch (IOException e) {
Assert.fail();
}
生成了URL,然后当我尝试使用时,我提供了所需的标头,但问题是响应是403 Forbidden。
我错过了什么?
答案 0 :(得分:2)
为了使用预先签名的URL上传SSE-Client Specific加密,您需要启用SigV4(默认情况下,我启用了SigV2)有几种方法可以启用此功能 - 系统属性,存储桶策略等但对我来说这很有用:
AWSCredentials credentials = new BasicAWSCredentials("accessKey", "secretKey");
s3 = new AmazonS3Client(credentials, new ClientConfiguration().withSignerOverride("AWSS3V4SignerType"));