- What's New
- Function Overview
- Service Overview
-
Billing
- Billing Overview
- Billing Modes
- Billed Items
- Billing Examples
- Billing Mode Changes
- Renewing Subscriptions
- Bills
- Arrears
- Billing Termination
- Cost Management
-
Billing FAQ
- How Do I Purchase SFS?
- How Do I Renew the Service?
- How Do I Check Whether the Subscriber Is in Arrears?
- Can I Purchase SFS Capacity-Oriented Resource Packages When I Still Have Valid Ones in Use?
- How Do I Check the Usage of an SFS Capacity-Oriented Resource Package?
- How Do I Adjust the Size of an SFS Capacity-Oriented Resource Package?
- Do SFS Capacity-Oriented and SFS Turbo Share One Resource Package?
- Getting Started
- User Guide
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Calling General Purpose File System APIs
- Getting Started (SFS Capacity-Oriented)
- Getting Started with SFS Turbo
- Getting Started with General Purpose File System
-
SFS Capacity-Oriented APIs
- API Version Queries
- File Systems
- File System Access Rules
- Quota Management
- Expansion and Shrinking
-
Tag Management
- Adding a Tag to a Shared File System
- Deleting a Tag from a Shared File System
- Querying Tags of a Shared File System
- Querying Tags of All File Systems of a Tenant
- Batch Adding Tags to a Shared File System
- Batch Deleting Tags from a Shared File System
- Querying Shared File Systems by Tag
- Querying the Number of Shared File Systems by Tag
- AZ
-
SFS Turbo APIs
- Lifecycle Management
- Connection Management
- Tag Management
- Name Management
- File System Management
-
Storage Interworking Management
- Adding a Backend Target
- Querying Backend Targets
- Obtaining Details About a Backend Target
- Deleting a Backend Target
- Updating the Properties of a Storage Backend
- Updating the Auto Synchronization Policy of a Storage Backend
- Creating an Import or Export Task
- Querying Details About an Import or Export Task
- Listing Import and Export Tasks
- Deleting an Import or Export Task
- Updating a File System
- Directory Management
-
Permissions Management
- Creating a Permission Rule
- Querying Permission Rules of a File System
- Querying a Permission Rule of a File System
- Modifying a Permission Rule
- Deleting a Permissions Rule
- Creating and Binding the LDAP Configuration
- Querying the LDAP Configuration
- Modifying the LDAP Configuration
- Deleting the LDAP Configuration
- Task Management
- General Purpose File System APIs
- Permissions Policies and Supported Actions
- Common Parameters
- Appendix
- SDK Reference
-
Troubleshooting
- Mounting a File System Times Out
- Mounting a File System Fails
- File System Performance Is Poor
- Failed to Create an SFS Turbo File System
- A File System Is Automatically Disconnected from the Server
- A Server Fails to Access a File System
- The File System Is Abnormal
- Data Fails to Be Written into a File System Mounted to ECSs Running Different Types of Operating Systems
- Failed to Mount an NFS File System to a Windows IIS Server
- Writing to a File System Fails
- Error Message "wrong fs type, bad option" Is Displayed During File System Mounting
- Failed to Access the Shared Folder in Windows
-
FAQs
- Concepts
- Specifications
- Restrictions
- Networks
-
Billing
- How Do I Purchase SFS?
- How Do I Renew the Service?
- How Do I Check Whether the Subscriber Is in Arrears?
- Can I Purchase SFS Capacity-Oriented Resource Packages When I Still Have Valid Ones in Use?
- How Do I Check the Usage of an SFS Capacity-Oriented Resource Package?
- How Do I Adjust the Size of an SFS Capacity-Oriented Resource Package?
- Do SFS Capacity-Oriented and SFS Turbo Share One Resource Package?
-
Others
- How Do I Access a File System from a Server?
- How Do I Check Whether a File System on a Linux Server Is Available?
- What Resources Does SFS Occupy?
- Why Is the Capacity Displayed as 10P After I Mount My SFS Capacity-Oriented File System?
- Why the Capacity Is Displayed as 250TB After I Mount My General Purpose File System?
- How Can I Migrate Data Between SFS and OBS?
- Can a File System Be Accessed Across Multiple AZs?
- Can I Upgrade an SFS Capacity-Oriented File System to an SFS Turbo File System?
- Can I Upgrade an SFS Turbo File System from Standard to Standard-Enhanced?
- How Can I Migrate Data Between SFS and EVS?
- Can I Directly Access SFS from On-premises Devices?
- How Do I Delete .nfs Files?
- Why My File System Used Space Increases After I Migrate from SFS Capacity-Oriented to SFS Turbo?
- How Can I Improve the Copy and Delete Efficiency with an SFS Turbo File System?
- How Do Second- and Third-level Directory Permissions of an SFS Turbo File System Be Inherited?
- How Do I Deploy SFS Turbo on CCE?
- Videos
-
More Documents
- User Guide (ME-Abu Dhabi Region)
- API Reference (ME-Abu Dhabi Region)
-
User Guide (Paris Region)
- Introduction
- Getting Started
- Management
- Typical Applications
-
Troubleshooting
- Mounting a File System Times Out
- Mounting a File System Fails
- Failed to Create an SFS Turbo File System
- A File System Is Automatically Disconnected from the Server
- A Server Fails to Access a File System
- The File System Is Abnormal
- Data Fails to Be Written into a File System Mounted to ECSs Running Different Types of Operating Systems
- Failed to Mount an NFS File System to a Windows IIS Server
- Writing to a File System Fails
- Error Message "wrong fs type, bad option" Is Displayed During File System Mounting
- Failed to Access the Shared Folder in Windows
-
FAQs
- Concepts
- Specifications
- Restrictions
- Networks
-
Others
- How Do I Access a File System from a Server?
- How Do I Check Whether a File System on a Linux Server Is Available?
- What Resources Does SFS Occupy?
- Why Is the Capacity Displayed as 10P After I Mount My SFS Capacity-Oriented File System?
- Can a File System Be Accessed Across Multiple AZs?
- How Can I Migrate Data Between SFS and EVS?
- Can I Directly Access SFS from On-premises Devices?
- How Do I Delete .nfs Files?
- Why My File System Used Space Increases After I Migrate from SFS Capacity-Oriented to SFS Turbo?
- How Can I Improve the Copy and Delete Efficiency with an SFS Turbo File System?
- How Do Second- and Third-level Directory Permissions of an SFS Turbo File System Be Inherited?
- Other Operations
- Change History
- API Reference (Paris Region)
- User Guide (Kuala Lumpur Region)
- API Reference (Kuala Lumpur Region)
- Glossary
- General Reference
Show all
Copied.
User Signature Authentication
SFS signs a request using AK/SK. When a client is sending a request to SFS, the message header must contain the SK, request time, request type, and other information of the signature.
- AK: access key ID, which is a unique identifier associated with a secret access key (SK). The AK and SK are used together to obtain an encrypted signature for a request. Format example: HCY8BGCN1YM5ZWYOK1MH
- SK: secret access key, which is used together with the AK to sign requests, identify a request sender, and prevent the request from being modified. Format example: 9zYwf1uabSQY0JTnFqbUqG7vcfqYBaTdXde2GUcq
A user can obtain the AK and SK from IAM. For details, see Obtaining Access Keys (AK/SK).
SFS provides the signature calculation method based on the application scenario Authentication of Signature in a Header.
Table 1 shows the user signature verification process in which a signature is carried in a header. For details about the parameters and code examples of authentication of signature in a header, see Authentication of Signature in a Header.
Procedure |
Example |
|
---|---|---|
Signature calculation |
1. Construct an HTTP message. |
PUT /HTTP/1.1 Host: filesystem.sfs3.region.myhuaweicloud.com Date: Tue, 04 Jun 2019 06:54:59 GMT Content-Type: text/plain Content-Length: 5913 |
2. Calculate StringToSign based on the signature rule. |
StringToSign = HTTP-Verb + "\n" + Content-MD5 + "\n" + Content-Type + "\n" + Date + "\n" + CanonicalizedHeaders + CanonicalizedResource |
|
3. Prepare the AK and SK. |
AK: ****** SK: ****** |
|
4. Calculate Signature. |
Signature = Base64( HMAC-SHA1( SecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) |
|
5. Add a signature header and send the request to SFS. |
PUT /object HTTP/1.1 Host: filesystem.sfs3.region.myhuaweicloud.com Date: Tue, 04 Jun 2019 06:54:59 GMT Content-Type: text/plain Content-Length: 5913 Authorization: OBS AccessKeyID:Signature |
|
Signature authentication |
6. Receive the HTTP message. |
PUT / HTTP/1.1 Host: filesystem.sfs3.region.myhuaweicloud.com Date: Tue, 04 Jun 2019 06:54:59 GMT Content-Type: text/plain Content-Length: 5913 Authorization: OBS AccessKeyID:Signature |
7. Obtain the SK based on the AK in the request. |
Obtain the AK from the authorization header and obtain the SK of the user from IAM. |
|
8. Calculate StringToSign based on the signature rule. |
StringToSign = HTTP-Verb + "\n" + Content-MD5 + "\n" + Content-Type + "\n" + Date + "\n" + CanonicalizedHeaders + CanonicalizedResource |
|
9. Calculate Signature. |
Signature = Base64( HMAC-SHA1( SecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) |
|
10. Authenticate the signature. |
Verify that the value of Signature in the authorization header is the same as the value of Signature calculated by the server. If the two values are the same, the signature verification is successful. If the two values are different, the signature verification fails. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot