moondaisy moondaisy - 22 days ago 13
Java Question

Azure java: SAS identifier cannot be found for specified signed identifier

I'm using the SDK for java to crear a SAS to access a blob.
This is the code:

SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy();
policy.setPermissionsFromString("r");
Calendar date = Calendar.getInstance();
Date expire = new Date(date.getTimeInMillis() + (expirationMinutes * 60000));
Date start = new Date(date.getTimeInMillis());
policy.setSharedAccessExpiryTime(expire);
policy.setSharedAccessStartTime(start);
return blob.getUri().toString()+"?"+blob.generateSharedAccessSignature(policy, externalFileName);


But when I try to use the url to access the blob I get this error:

<Error>
<Code>AuthenticationFailed</Code>
<Message>
Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:f1f169d2-0001-003f-115a-3be1d6000000 Time:2016-11-10T13:57:14.6192554Z
</Message>
<AuthenticationErrorDetail>
SAS identifier cannot be found for specified signed identifier
</AuthenticationErrorDetail>
</Error>


I'm doing the same thing in NET for the same blob an the resulting url (which works) is different that the one I get here:

Doesn't work (java):

/mycontainer/privadoPrueba/cat1.jpg?sig=FFLVk%2FPViHBZhH1JIW6wBbWiJ0%2Bgz0U8wjFzgRoytNo%3D&st=2016-11-10T13%3A55%3A06Z&se=2016-11-10T14%3A06%3A06Z&sv=2015-07-08&si=privadoPrueba%2Fcat1.jpg&sp=r&sr=b


Works (NET):

/mycontainer/privadoPrueba/cat1.jpg?sv=2015-07-08&sr=b&sig=WyiJWltZFj1AkkzST6mo2NjBF1tRSXxrkMP5LEAGJNk%3D&st=2016-11-10T14%3A05%3A41Z&se=2016-11-10T14%3A16%3A41Z&sp=r


How could I fix this?

Answer

Just looking at the SAS token, you are specifying a policy with the filename. That's probably not what you wanted to do, and is not in the .NET SAS token.

The problem is here I guess:

blob.generateSharedAccessSignature(policy, externalFileName);

The second parameter is probably the policy name, if the API is similar to .NET.

Try this instead:

blob.generateSharedAccessSignature(policy, null);
Comments