This is one of those edge case scenarios that can drive people crazy.
I was trying to push a file from a Google App Engine app to an Amazon S3 bucket via the jetS3t API and it would keep coming back with an AccessControlException (access denied) kind of exception.
After quite a bit of digging around turns out the Mac default Java SDK will try to load a native library for the cryptographic needs of the S3 stuff and this is forbidden in GAE.
There's 2 workarounds apparently:
- if you feel adventurous, (as I did) add this to your VM args from Properties > Run/Debug settings > Edit launch configuration options > Arguments: -D--enable_all_permissions=true
- use another crypto library instead of the default (BouncyCastle is a common one, and it comes with the S3 API).
EDIT (Dec 2nd 2011): Some news after more work on this, unfortunately solution 1) only fixes the problem locally - when you go and deploy you still get the same AccessControlException. Also, it appears that Google App Engine prevents you from specifying a custom crypto library so solution 2) is no good either. But bad news don't stop there, according to this thread:
JetS3t is not compatibile with Google App Engine. Or the other way around. Because JetS3t uses a number of libraries and techniques that are not supported in the restricted execution environment of Google App Engine there is no easy way to remedy this.Viable solutions seem to be:
I am in the process of trying some of this stuff. Will probably post something in a future post (if this stuff doesn't kill me first).