Authentication Error when trying to access Storage Queue using service principal
PunithkumarJagadees opened this issue · 3 comments
Describe the bug
Authentication Error when trying to access Storage Queue using service principal.
Exception or Stack Trace
com.azure.storage.queue.models.QueueStorageException: If you are using a StorageSharedKeyCredential, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate method call.
If you are using a SAS token, and the server returned an error message that says 'Signature did not match', you can compare the string to sign with the one generated by the SDK. To log the string to sign, pass in the context key value pair 'Azure-Storage-Log-String-To-Sign': true to the appropriate generateSas method call.
Please remember to disable 'Azure-Storage-Log-String-To-Sign' before going to production as this string can potentially contain PII.
Status code 403, "?<?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
RequestId:xxxxxxxxxx-xxx-xxxxxx-6085-xxxxxxxxxxxx
Time:2022-02-16T22:33:18.4506561Z</Message><AuthenticationErrorDetail>The MAC signature found in the HTTP request 'XXXXXXXXXXXXXXX' is not the same as any computed signature. Server used following string to sign: 'PUT
Wed, 16 Feb 2022 22:33:16 GMT
x-ms-client-request-id:xxxxxxxxx-53cf-xxxxxx-96c6-xxxxxxxx
x-ms-version:2020-10-02
To Reproduce
I'm trying to access storage queue using service principal through spring boot example mentioned below.
https://github.com/Azure-Samples/azure-spring-boot-samples/tree/main/storage/azure-spring-cloud-starter-storage-queue/storage-queue-operation
I'm using intellij and trying to add a message to the queue and end up with the error. However I'm able to add a message using storage account and access key combination.
Code Snippet
Add the code snippet that causes the issue.
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Setup (please complete the following information):
- OS: [e.g. iOS]
- IDE: [e.g. IntelliJ]
- Library/Libraries: [e.g. com.azure:azure-core:1.16.0 (groupId:artifactId:version)]
- Java version: [e.g. 8]
- App Server/Environment: [e.g. Tomcat, WildFly, Azure Function, Apache Spark, Databricks, IDE plugin or anything special]
- Frameworks: [e.g. Spring Boot, Micronaut, Quarkus, etc]
If you suspect a dependency version mismatch (e.g. you see NoClassDefFoundError, NoSuchMethodError or similar), please check out Troubleshoot dependency version conflict article first. If it doesn't provide solution for the problem, please provide:
- verbose dependency tree (
mvn dependency:tree -Dverbose) - exception message, full stack trace, and any available logs
Additional context
Add any other context about the problem here.
Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report
- Bug Description Added
- Repro Steps Added
- Setup information Added
@PunithkumarJagadees thanks for reaching us, can you tell me what are the scenarios in which you use Storage Queue?
if you want to use service principal, you can refer to our new library(spring-cloud-azure-starter-integration-storage-queue:4.0.0-beta.3), and refer to this sample.
@PunithkumarJagadees the spring-cloud-azure-starter-integration-storage-queue has been GAed, and you can check our reference doc here https://microsoft.github.io/spring-cloud-azure/current/reference/html/index.html. Did you get a chance to give it a try with the service principal? Did it work now?
Resolved