Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Authentication for accessing private S3 files not working

  1. #1
    Join Date
    Feb 2012
    Posts
    4

    Default Authentication for accessing private S3 files not working

    - I'm using an EC2 AMI with Wowza Media Server 3 for Amazon EC2 3.0.4 build1127
    - I can stream public S3 files with no issue
    - But if I edit conf/MediaCache.xml, and add /MediaCacheSources/MediaCacheSource/Properties:
    <Property>
    <Name>awsAccessKeyId</Name>
    <Value>-----</Value>
    </Property>
    <Property>
    <Name>awsSecretAccessKey</Name>
    <Value>------------</Value>
    </Property>
    and restart, I cannot access any content at all, not even public content.
    - I am assuming my keys are correct as they are the same keys I use to successfully mount the S3 bucket using s3fs.

    Here's a relevant excerpt from the Wowza output when I try to play a file:

    DEBUG server comment - StreamNameAliasFile.load: /usr/local/WowzaMediaServer/conf/aliasmap.play.txt
    INFO server comment - StreamNameAliasFile.load[/usr/local/WowzaMediaServer/conf/aliasmap.play.txt]: size:0:1 hash:true matchAll:true
    INFO server comment - ModuleStreamNameAlias.nameToAlias[play]: streamName:mp4:amazons3/playfi-audio/sample.mp4 alias:{pattern: "*" alias:"${Stream.Name}" wildcardMatches:{[0]: "mp4:amazons3/playfi-audio/sample.mp4"}} result:mp4:amazons3/playfi-audio/sample.mp4
    DEBUG server comment - cmd: setBufferTime
    DEBUG session setbuffertime [1183153499,1]: 3000 3000
    DEBUG server comment - MediaReaderH264.mp4ReadAheadSize: 65536
    DEBUG server comment - MediaReaderH264.mp4ReadAheadTrigger: 32768
    DEBUG server comment - MediaReaderH264.mp4IndexBufferSize: 16384
    DEBUG server comment - MediaReaderH264.randomAccessReaderClass: com.wowza.wms.plugin.mediacache.impl.MediaCacheRandomAccessReader
    DEBUG server comment - MediaCache.acquireReader[amazons3/playfi-audio/sample.mp4]: createNew
    DEBUG server comment - MediaCacheSourceBasic.canHandle[amazons3]: true mediaName:amazons3/playfi-audio/sample.mp4 prefix:amazons3/
    DEBUG server comment - MediaCacheItemHTTPImpl.init url:http://playfi-audio.s3.amazonaws.com/sample.mp4
    WARN server comment - MediaCacheItemHTTPImpl.getItemInfo[playfi-audio.s3.amazonaws.com/sample.mp4]: HTTP response: 301
    DEBUG server comment - MediaCacheItemHTTPImpl.getItemInfo length: 0
    WARN server comment - MediaCacheItemBase.init: Item does not exist: amazons3/playfi-audio/sample.mp4
    DEBUG server comment - MediaCache.acquireReader[amazons3/playfi-audio/sample.mp4]: createNew
    DEBUG server comment - MediaCacheSourceBasic.canHandle[amazons3]: true mediaName:amazons3/playfi-audio/sample.mp4 prefix:amazons3/
    DEBUG server comment - MediaCacheItemHTTPImpl.init url:http://playfi-audio.s3.amazonaws.com/sample.mp4
    WARN server comment - MediaCacheItemHTTPImpl.getItemInfo[playfi-audio.s3.amazonaws.com/sample.mp4]: HTTP response: 301
    DEBUG server comment - MediaCacheItemHTTPImpl.getItemInfo length: 0
    WARN server comment - MediaCacheItemBase.init: Item does not exist: amazons3/playfi-audio/sample.mp4
    WARN server comment amazons3/playfi-audio/sample.mp4 MediaReaderH264.open[1]: java.io.IOException: MediaCacheRandomAccessReader.open: Item not in cache: amazons3/playfi-audio/sample.mp4
    DEBUG server comment - sendPlayStatus: ltc:0 atc:0

  2. #2
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Check the AWS key and SecretKey, the common problem is that they are reversed, transposed.

    Also, set your log level back to INFO instead of DEBUG, so you can see what is happening more easily. DEBUG level logging is useful sometimes, but usually not.

    Richard

  3. #3
    Join Date
    Feb 2012
    Posts
    4

    Default

    Quote Originally Posted by rrlanham View Post
    Check the AWS key and SecretKey, the common problem is that they are reversed, transposed.

    Also, set your log level back to INFO instead of DEBUG, so you can see what is happening more easily. DEBUG level logging is useful sometimes, but usually not.

    Richard
    Hi Richard. I've triple-checked the keys and they are definitely correct; I copied and pasted the same keys and was able to mount the S3 bucket using s3fs.

    I've also tried reversing the order of the AWS key and the secret key, but no luck.

    Any other ideas?

  4. #4
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Are they commented out? In the default /conf/MediaCache.xml, the AWS keys are commented out. Make sure you remove those. Otherwise, zip up the conf and logs folders and send them to support@wowza.com

    Include a link to this thread for reference.

    Richard

  5. #5

    Default

    Hey,

    did you solve the problem. I have exactley the same probleme. I used the defautl vods3 example from the documentation.
    s3fs mount is working. I double checked the keys, but still no success. If I make the files public AND comment the keys out, it works. I wonder if there is a problem with the URL because there is a redirect and no 404 error.
    If it helps I can also sent the log files and config options. Please give me a hint!

    Thanks,
    Sebastian

  6. #6
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Is there any clue in the access or error logs? You realize that S3FS is not involved in streaming from S3 with vods3 app, right?

    Richard

  7. #7

    Default

    Hey Richard,

    i am aware that s3fs has nothing to do with the access of wowza to s3, but it does use the same keys to access protected files. So I used it to test the connection.
    I added the keys to MediaCache.xml. Is there anything else I should do?

    Thanks,
    Sebastian


    INFO	session	connect-pending	2012-03-08	15:58:37	1811712729	92.231.44.137	-	3367	3073	0.093	-	-	-	-	--	-	92.231.44.137	-
    INFO	session	connect	2012-03-08	15:58:37	1811712729	92.231.44.137	-	3367	3073	0.094	-	-	-	-	-	--	92.231.44.137	-
    INFO	stream	create	2012-03-08	15:58:37	1811712729	92.231.44.137	-	3417	3413	0.0	-	1	-	0	0	00.0	-	-
    INFO	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.298	-	-	-	-	-	-	--	ModuleStreamNameAlias.nameToAlias[play]: streamName:mp4:amazons3/ambientas/test/sample.mp4 alias:{pattern: "*" alias:"${Stream.Name}" wildcardMatches:{[0]: "mp4:amazons3/ambientas/test/sample.mp4"}} result:mp4:amazons3/ambientas/test/sample.mp4
    WARN	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.605	-	-	-	-	-	-	--	MediaCacheItemHTTPImpl.getItemInfo[s3.amazonaws.com/ambientas/test/sample.mp4]: HTTP response: 301
    WARN	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.606	-	-	-	-	-	-	--	MediaCacheItemBase.init: Item does not exist: amazons3/ambientas/test/sample.mp4
    WARN	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.71	-	-	-	-	-	-	-	-MediaCacheItemHTTPImpl.getItemInfo[s3.amazonaws.com/ambientas/test/sample.mp4]: HTTP response: 301
    WARN	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.711	-	-	-	-	-	-	--	MediaCacheItemBase.init: Item does not exist: amazons3/ambientas/test/sample.mp4
    WARN	server	comment	2012-03-08	15:58:37	-	-	-	-	-	5445.711	-	-	-	-	-	-	-amazons3/ambientas/test/sample.mp4	MediaReaderH264.open[1]: java.io.IOException: MediaCacheRandomAccessReader.open: Item not in cache: amazons3/ambientas/test/sample.mp4

  8. #8
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Check the AWS keys, see if they are transposed. That is the common problem so far, since the recent change.

    Richard

  9. #9

    Default

    What do you mean with transposed? I copied the key exactly as they appear under Access Credentials. Is this right?

  10. #10
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    I mean, make sure you didn't enter the AWS secret access key in the awsAccessKeyId field, and vice versa

    Richard

Page 1 of 2 12 LastLast

Similar Threads

  1. Accessing streams via HTTPS not working
    By DaveMPS in forum Server Administration Discussion
    Replies: 4
    Last Post: 06-13-2016, 08:44 AM
  2. Accessing Wowza Log Files Via PHP
    By vBadvanced in forum General Forum
    Replies: 2
    Last Post: 01-22-2013, 08:12 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •