Yes, I saw (and I am using) the support for the S3 services and it is working great.
I couldn't completely understand from reading the code how it is working, and I couldn't make it work for the other services as SQS and Alexa Thumbnails. What I don't really understand is how to use the different mechanism to build the signature: In the code we are passing the keys: request.setChallengeResponse(new ChallengeResponse( ChallengeScheme.HTTP_AWS, PUBLIC_KEY, PRIVATE_KEY)); But each service is requesting a different data to build the signature: For example in *SQS (Simple Queue Service):* *To calculate the value for <Signature>: 1. Create a string with the format: HTTP-METHOD>\n<content-MD5>\n<ContentType>\n<date>\n<path> For example: PUT\n\ntext/plain\nThu, 01 Jun 2006 12:12:23 PDT\n/ 2. Use your AWS Secret Access Key to create an HMAC-SHA1 hash of the string and use that as the value of <Signature>.* (From: http://s3.amazonaws.com/awsdocs/SQS/20070501/sqs-dg-20070501.pdf page 79) In *S3 (Simple Storage Service) *: *The Signature element is the RFC 2104 HMAC-SHA1 of selected elements from the request, and so the Signature part of the Authorization header will vary from request to request. If the request signature calculated by the system matches the Signature included with the request, then the requester will have demonstrated possession to the AWS Secret Access Key. The request will then be processed under the identity, and with the authority, of the developer to whom the key was issued. The following pseudo-grammar illustrates the construction of the Authorization request header. (\n means the Unicode code point U+000A) Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature; Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( StringToSign ) ) ); StringToSign = HTTP-Verb + "\n" + Content-MD5 + "\n" + Content-Type + "\n" + Date + "\n" + CanonicalizedAmzHeaders + CanonicalizedResource; CanonicalizedResource = [ "/" + Bucket ] + <HTTP-Request-URI, from the protocol name up to the query string> + [ sub-resource, if present. For example "?acl", "?location", "?logging", or "?torrent"]; CanonicalizedAmzHeaders = <described below>* (from http://s3.amazonaws.com/awsdocs/S3/20060301/s3-dg-20060301.pdf page 54) And for *Alexa Thumbnails*: *Signature=[UrlEncoded HMAC-SHA1digest of "Thumbnail2005-01-31T23:59:183Z"] * (From http://docs.amazonwebservices.com/AlexaSiteThumbnail/2007-01-01/) Am I missing some basic understanding about the ResponseChallenge process? Or can someone direct me to the right class to set the exact mechanism for each service. Have fun, Guy. On Dec 18, 2007 11:05 PM, Larry Zappaterrini <[EMAIL PROTECTED]> wrote: > > > > > Restlet already supports AWS authentication from the client perspective. > Check out org.restlet.data.ChallengeResponse and > org.restlet.data.Request.setChallengeResponse to see the mechanisms for > accomplishing this. As for actually manipulating a Request's headers, they > are set by adding calling Request.getAttributes().put() with the key equal > to com.noelios.restlet.http.HttpConstants. ATTRIBUTE_HEADERS with the value > as an instance org.restlet.data.Form containing all of the headers and their > values. > > > > ________________________________ > > > From: Guy Ernest [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 18, 2007 11:44 AM > To: [email protected] > Subject: Using Restlet to interact with Amazon SQS > > > > > > I noticed that you have excellent examples about using Amazon S3 with > Restlet, I was wondering if SQS can have the same treatment. I would prefer > to use it with the REST interface and not the heavy SOAP/WSDL. > > The following instruction are from the REST section of the SQS > documentation of Amazon AWS: > > About the Authorization Header > The authorization header is a string that follows this format: > AWS <AWSAccessKeyId>:<Signature> > Note that there is a space after "AWS". > To calculate the value for <Signature>: > 1. Create a string with the format: > HTTP-METHOD>\n<content-MD5>\n<ContentType>\n<date>\n<path> > For example: > PUT\n\ntext/plain\nThu, 01 Jun 2006 12:12:23 PDT\n/ > 2. Use your AWS Secret Access Key to create an HMAC-SHA1 hash of the string > and use that as the > value of <Signature>. > > Since I'm newbie in using Restlet, I will appreciate if someone can help in > explaining: > 1. how to create such a header > 2. how to add this header along side other headers (AWS-Version, for > example)
