Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Navneeth1

29 Posts

7242

May 27th, 2009 12:00

Frequent "Signature Mismatch" errors

Hello,

This is a problem I have been seeing from the very beginning of interacting with Atmos (from v 0.5).

Frequently, we get a HTTP error "403 (Forbidden)" when we try to create/update an object; when we retry the same operation, changing nothing except recalculating the signature (since time of request has changed), we succeed. But a successful retry is not guaranteed; sometimes successive retries fail with the same 403 error; and we succeed on the 10th or 15th retry.

We never have to change the shared secret, the headers, time or the algorithm used: just retrying a number of times makes the request successful. This leaves the client application in a big dilemma on what to do.

My questions are:

  1. Is this a known issue?
  2. What is the cause of this problem?
  3. How should a client app deal with this? We cannot keep retrying on a 403 without knowing if the "shared secret" provided by the user is wrong or if Atmos is responding incorrectly. Further, we don't know how many times to retry since the success of a retry is random.

This is a critical issue for us at this time as the reliability of the service we provide to the end-user is dependent on consistent behavior and accurate error reporting. Thank you for your help.

HTTP Error: 403

Atmos Error: 1032

Atmos Error String: There was a mismatch between the signature in the request and the signature as computed by the server.

Navneeth

Navneeth1

29 Posts

May 27th, 2009 12:00

Thanks, Leo. No, I haven't asked the customer service folks; I will.

Navneeth

LeoLeung

1 Rookie

 • 

49 Posts

May 27th, 2009 12:00

Navneeth - have you tried asking Atmos customer service this question? We're still integrating our response across the developer community and CS, but this sounds like a bug. - Leo

JasonCwik

281 Posts

June 1st, 2009 21:00

Hi Navneeth,

Have you resolved your problem?  Are you using one of the wrappers?

Navneeth1

29 Posts

June 3rd, 2009 11:00

Hello Jason,

I've opened a case with the support folks and am following up with them.

I am using my own implementation of REST (not using the provided wrappers).

Navneeth

Sivan1

6 Posts

June 11th, 2009 06:00

Have you sorted out this problem?I am facing this issue while deleting an object from cloud and also when downloading the files.?any updates?

Navneeth1

29 Posts

June 11th, 2009 09:00

Hello Sivan,

One of the cases where this can happen is where the signature being calculated is indeed wrong. We found that in functions where we were decoding the token and calculating the HMAC, we were using "strcpy" at some point. However, the contents of the token (once base64 decoded) are not guaranteed to be like null-terminated strings (since they could contain the value 0); we were doing this and hence corrupting our signature. However, retrying a number of times made the request successful since at some point we got a signature without 0 in it and our function succeeded. We now do a byte-copy instead.

Hope this helps.

Navneeth

amarcionek

1 Rookie

 • 

56 Posts

July 30th, 2009 14:00

I too am trying to track down a signature mismatch error. Frankly, I haven't gotten it to work yet.  We aren't using one of the bindings so we have to code to the REST API ourselves. Can anyone give me a clue why this would happen?  Here is a sample header:

POST /rest/objects HTTP/1.1
Host: accesspoint.emccis.com
Accept: */*
content-type:application/octet-stream
date:Thu, 30 Jul 2009 20:52:50 GMT
x-emc-date:Thu, 30 Jul 2009 20:52:50 GMT
x-emc-groupacl:other=NONE
x-emc-listable-meta:part4/part7/part8=quick
x-emc-meta:part1=buy
x-emc-uid:c302076ecb114095b0e0426f979f72a1/SEVEN405E60F489EF240
x-emc-useracl:UID1=FULL_CONTROL,UID2=WRITE
x-emc-signature:mvs45xEIyiVhOH3XW7MiBjYyVD4=
Content-Length: 0

Hash string used is:

POST
application/octet-stream

Thu, 30 Jul 2009 20:52:50 GMT
/rest/objects
x-emc-date:Thu, 30 Jul 2009 20:52:50 GMT
x-emc-groupacl:other=NONE
x-emc-listable-meta:part4/part7/part8=quick
x-emc-meta:part1=buy
x-emc-uid:c302076ecb114095b0e0426f979f72a1/SEVEN405E60F489EF240
x-emc-useracl:UID1=FULL_CONTROL,UID2=WRITE

Returns a 403 HTTP response with a 1032 error.

I have run the identical headers through a modified version of the EsuRestApi (to extract the "sign" function) and the hash signature generated by the sign function matches my signature every single time.

aashishpatil

2 Intern

 • 

212 Posts

August 1st, 2009 16:00

Hmm, I got this error too using the Java wrapper.

1032 There was a mismatch between the signature in the request and the signature computed by the server.

Got this after using the URL obtained by EsuApi.getShareableURL() method.

Thanks,

Aashish

rbala1

222 Posts

August 3rd, 2009 07:00

Aashish,

Does the signature mismatch only happen when you call that method?  Are you able to create/list/delete objects otherwise?

Raj

amarcionek

1 Rookie

 • 

56 Posts

August 3rd, 2009 11:00

Just to reply to myself from earlier, I found we had a trailing newline at the end of the hash string (just like the API document says NOT to do.)

Was this post helpful?

View All

0 events found

No Events found!

Top