[
https://issues.apache.org/jira/browse/JCLOUDS-1579?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17360942#comment-17360942
]
Stefan H. commented on JCLOUDS-1579:
------------------------------------
Microsoft confirmed that this behavior is not bug and SharedKeyLite is not
intended to function with premium *page* accounts. They'll fix their
documentation to reflect that. They say they will consider implementing the
feature for premium page accounts however there's no time-frame or decision
whether they'll do so at all.
> SharedKeyLite authentication against Azure Blob with Premium SKU fails
> ----------------------------------------------------------------------
>
> Key: JCLOUDS-1579
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1579
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-blobstore
> Affects Versions: 2.3.0, 2.4.0
> Reporter: Stefan H.
> Priority: Major
> Labels: azureblob
>
> We have been using jclouds with Azure Blob Storage successfully. However when
> changing the SKU of one of the Storage Accounts from Standard to
> [Premium|https://azure.microsoft.com/en-us/blog/azure-premium-block-blob-storage-is-now-generally-available/]
> jclouds was suddenly no longer able to authenticate against the storage
> event though the credentials were valid. E.g. checking the existence of a
> container results in:
> request: HEAD https://XXX.blob.core.windows.net/test?restype=container
> HTTP/1.1 failed with response: HTTP/1.1 403 Server failed to authenticate the
> request. Make sure the value of Authorization header is formed correctly
> including the signature.
> After some investigation this seems to be caused by Premium storage not
> supporting the SharedKeyLite authenticatication method jclouds uses. Other
> projects seem to also have stumbled over this issue (e.g.
> [https://github.com/khenidak/dysk/issues/6#issuecomment-355877888] ,
> [https://github.com/terraform-providers/terraform-provider-azurerm/issues/3939#issuecomment-524401721]
> ).
> My reading of
> [https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key]
> would have been that auth is the same for the SKUs and we have opened a
> support case with Microsoft to get further information. But given that at
> least one of the issues I linked before also mentioned raising this with them
> it is unlikely this behavior is unintended or will change.
> Everyone else encountering this seems to switch to SharedKey authentication
> instead to resolve the issue and their code changes seem quite contained at
> first glance. This would also resolve the local development workflow issue of
> the Azurite storage emulator from Microsoft not supporting SharedKeyLite on
> blob storage.
> To reproduce the problem just create Standard and a Premium SKU storage
> account and try to use them with jclouds to do a call like containerExists.
> With all else being the same Standard SKU will work while Premium SKU 403s.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
