[
https://issues.apache.org/jira/browse/JCLOUDS-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15032579#comment-15032579
]
Igor Alekseev commented on JCLOUDS-1042:
----------------------------------------
Here's the full stack...
! at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:75)
~[sts-1.9.1.jar:1.9.1]
! ... 33 common frames omitted
! Causing: org.jclouds.rest.AuthorizationException: Access Denied
! at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.refineException(ParseAWSErrorFromXmlContent.java:122)
~[sts-1.9.1.jar:1.9.1]
! at
org.jclouds.s3.handlers.ParseS3ErrorFromXmlContent.refineException(ParseS3ErrorFromXmlContent.java:97)
~[s3-1.9.1.jar:1.9.1]
! at
org.jclouds.aws.handlers.ParseAWSErrorFromXmlContent.handleError(ParseAWSErrorFromXmlContent.java:89)
~[sts-1.9.1.jar:1.9.1]
! at
org.jclouds.http.handlers.DelegatingErrorHandler.handleError(DelegatingErrorHandler.java:65)
~[jclouds-core-1.9.1.jar:1.9.1]
! at
org.jclouds.http.internal.BaseHttpCommandExecutorService.shouldContinue(BaseHttpCommandExecutorService.java:136)
~[jclouds-core-1.9.1.jar:1.9.1]
! at
org.jclouds.http.internal.BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService.java:105)
~[jclouds-core-1.9.1.jar:1.9.1]
! at
org.jclouds.rest.internal.InvokeHttpMethod.invoke(InvokeHttpMethod.java:90)
~[jclouds-core-1.9.1.jar:1.9.1]
! at org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:73)
~[jclouds-core-1.9.1.jar:1.9.1]
! at org.jclouds.rest.internal.InvokeHttpMethod.apply(InvokeHttpMethod.java:44)
~[jclouds-core-1.9.1.jar:1.9.1]
! at
org.jclouds.rest.internal.DelegatesToInvocationFunction.handle(DelegatesToInvocationFunction.java:156)
~[jclouds-core-1.9.1.jar:1.9.1]
! at
org.jclouds.rest.internal.DelegatesToInvocationFunction.invoke(DelegatesToInvocationFunction.java:123)
~[jclouds-core-1.9.1.jar:1.9.1]
! at com.sun.proxy.$Proxy75.getBucketACL(Unknown Source) ~[na:na]
! at
org.jclouds.s3.blobstore.internal.BackoffOnNotFoundWhenGetBucketACL.load(BackoffOnNotFoundWhenGetBucketACL.java:46)
~[s3-1.9.1.jar:1.9.1]
! at
org.jclouds.s3.blobstore.internal.BackoffOnNotFoundWhenGetBucketACL.load(BackoffOnNotFoundWhenGetBucketACL.java:31)
~[s3-1.9.1.jar:1.9.1]
! at
com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3527)
~[guava-18.0.jar:na]
! at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2319)
~[guava-18.0.jar:na]
! at
com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2282)
~[guava-18.0.jar:na]
! at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2197)
~[guava-18.0.jar:na]
! ... 18 common frames omitted
! Causing: com.google.common.util.concurrent.UncheckedExecutionException:
org.jclouds.rest.AuthorizationException: Access Denied
! at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2203)
~[guava-18.0.jar:na]
! at com.google.common.cache.LocalCache.get(LocalCache.java:3937)
~[guava-18.0.jar:na]
! at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3941)
~[guava-18.0.jar:na]
! at
com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4824)
~[guava-18.0.jar:na]
! at
com.google.common.cache.LocalCache$LocalLoadingCache.getUnchecked(LocalCache.java:4830)
~[guava-18.0.jar:na]
! at org.jclouds.s3.blobstore.S3BlobStore.putBlob(S3BlobStore.java:272)
~[s3-1.9.1.jar:1.9.1]
! at
org.jclouds.aws.s3.blobstore.AWSS3BlobStore.putBlob(AWSS3BlobStore.java:94)
~[aws-s3-1.9.1.jar:1.9.1]
! at org.jclouds.s3.blobstore.S3BlobStore.putBlob(S3BlobStore.java:251)
~[s3-1.9.1.jar:1.9.1]
> S3BlobStore.putBlob() makes a call to get ACL which maybe blocked by S3
> policy, resulting in failure of the operation.
> ----------------------------------------------------------------------------------------------------------------------
>
> Key: JCLOUDS-1042
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1042
> Project: jclouds
> Issue Type: Bug
> Affects Versions: 1.9.1
> Reporter: Igor Alekseev
> Fix For: 1.9.1
>
>
> A user may be prevented by S3 bucket policy from getting ACL, but can still
> have rights to do put/get/delete. Currently the code below fails to do put
> when there's an exception getting ACL.
> public String putBlob(String container, Blob blob, PutOptions overrides) {
> if (overrides.isMultipart()) {
> // need to use a provider if the strategy object is stateful
> return multipartUploadStrategy.get().execute(container, blob);
> }
> // TODO: Make use of options overrides
> PutObjectOptions options = new PutObjectOptions();
> try {
> AccessControlList acl = bucketAcls.getUnchecked(container);
> if (acl != null && acl.hasPermission(GroupGranteeURI.ALL_USERS,
> Permission.READ))
> options.withAcl(CannedAccessPolicy.PUBLIC_READ);
> } catch (CacheLoader.InvalidCacheLoadException e) {
> // nulls not permitted from cache loader
> }
> return sync.putObject(container, blob2Object.apply(blob), options);
> }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
