Comment 6 for bug 477776

Neil, we tried your patch, but experienced the same intermittent results and now confirm that it is always when the signature is generated with a "+". Ran across this sample code at Amazon and reversed it for the decode and it seems to have solved our problem.

http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/index.html?Query_QueryAuth.html (Java example)

Also at:
http://pastebin.com/mb5e64d1

*** WalrusAuthenticationHandler.java 2009-11-05 05:25:20.000000000 -0500
--- WalrusAuthenticationHandler.java.ulicny 2009-11-17 15:10:30.000000000 -0500
***************
*** 252,258 ****
                                //query string authentication
                                String accesskeyid = parameters.remove(SecurityParameter.AWSAccessKeyId.toString());
                                try {
! String signature = URLDecoder.decode(parameters.remove(SecurityParameter.Signature.toString()), "UTF-8");
                                        if(signature == null) {
                                                throw new AuthenticationException("User authentication failed. Null signature.");
                                        }
--- 252,261 ----
                                //query string authentication
                                String accesskeyid = parameters.remove(SecurityParameter.AWSAccessKeyId.toString());
                                try {
! String signature = URLDecoder.decode(parameters.remove(SecurityParameter.Signature.toString()), "UTF-8")
! .replace("%20", "+")
! .replace("%2A", "*")
! .replace("~", "%7E");
                                        if(signature == null) {
                                                throw new AuthenticationException("User authentication failed. Null signature.");
                                        }