[ https://issues.apache.org/jira/browse/HADOOP-14114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15881485#comment-15881485 ]
Sean Mackrory commented on HADOOP-14114: ---------------------------------------- By the way, this is what you get if you hit this issue with a + in the secret access key: {code} WARN s3native.S3xLoginHelper: The Filesystem URI contains login details. This is insecure and may be unsupported in future. ls: : getFileStatus on : com.amazonaws.services.s3.model.AmazonS3Exception: The request signature we calculated does not match the signature you provided. Check your key and signing method. (Service: Amazon S3; Status Code: 403; Error Code: SignatureDoesNotMatch; Request ID: ...), S3 Extended Request ID: ... {code} > S3A can no longer handle unencoded + in URIs > --------------------------------------------- > > Key: HADOOP-14114 > URL: https://issues.apache.org/jira/browse/HADOOP-14114 > Project: Hadoop Common > Issue Type: Bug > Affects Versions: 2.8.0 > Reporter: Sean Mackrory > Assignee: Sean Mackrory > Attachments: HADOOP-14114.001.patch > > > Amazon secret access keys can include alphanumeric characters, but also / and > + (I wish there was an official source that was really specific on what they > can contain, but I'll have to rely on a few blog posts and my own experience). > Keys containing slashes used to be impossible to embed in the URL (e.g. > s3a://access_key:secret_key@bucket/) but it is now possible to do it via URL > encoding. Pluses used to work, but that is now *only* possible via URL > encoding. > In the case of pluses, they don't appear to cause any other problems for > parsing. So IMO the best all-around solution here is for people to URL-encode > these keys always, but so that keys that used to work just fine can continue > to work fine, all we need to do is detect that, log a warning, and we can > re-encode it for the user. -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org