Answered by:
Problems Authenticating to Storage Emulator with Signed REST

-
Hi there,
I have method that simply makes a REST call to table storage and returns the raw ATOM feed to me. It works great with the live table storage, but for some reason or another I do not seem to be able to get it to authenticate to the storage emulator.
I'm using the following code to create the signature...
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Method = "GET";
request.ContentLength = 0;
request.Headers.Add("x-ms-date", DateTime.UtcNow.ToString("R", System.Globalization.CultureInfo.InvariantCulture));// Now sign the request
string signature = "GET\n";// Content-MD5
signature += "\n";// Content-Type
signature += "\n";// Date
signature += request.Headers["x-ms-date"] + "\n";// Canonicalized Resource
// remove the query string
int q = pStrTableName.IndexOf("?");
if (q > 0) pStrTableName = TableName.Substring(0, q);// Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;// Hash-based Message Authentication Code (HMAC) using SHA256 hash
System.Security.Cryptography.HMACSHA256 hasher = null;
String key = "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==";
hasher = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(key));
// Authorization header
string authH = "SharedKey " + cCSAAccount.Credentials.AccountName + ":" + System.Convert.ToBase64String(hasher.ComputeHash(System.Text.Encoding.UTF8.GetBytes(signature)));// Add the Authorization header to the request
request.Headers.Add("Authorization", authH);Just to clarify that this is working great with live table storage, just not the emulator.
Thanks in advance.
Question
Answers
-
I think the issue is in the following line of code:
// Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;Please refer to the "Constructing the Canonicalized Resource String" section (read Note there) from here: http://msdn.microsoft.com/en-us/library/dd179428.aspx. Essentially your storage account name should appear twice in the code above when connecting to development storage.
Hope this helps.
Thanks
Gaurav Mantri
Cerebrata Software
- Marked as answer by Trolololoooo Tuesday, September 06, 2011 9:06 AM
All replies
-
I think the issue is in the following line of code:
// Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
signature += "/" + cCSAAccount.Credentials.AccountName + "/" + pStrTableName;Please refer to the "Constructing the Canonicalized Resource String" section (read Note there) from here: http://msdn.microsoft.com/en-us/library/dd179428.aspx. Essentially your storage account name should appear twice in the code above when connecting to development storage.
Hope this helps.
Thanks
Gaurav Mantri
Cerebrata Software
- Marked as answer by Trolololoooo Tuesday, September 06, 2011 9:06 AM
-