The documentation page at http://ceph.com/docs/master/radosgw/config/states:
Important Check the key output. Sometimes radosgw-admin generates a key
with an escape (\) character, and some clients do not know how to handle
escape characters. Remedies include removing the escape character (\),
encapsulating the string in quotes, or simply regenerating the key and
ensuring that it does not have an escape character.
Since your secret key does have a "\" in it, do you want to try
regenerating to see if that helps?
-Matt
On Fri, Oct 11, 2013 at 9:20 AM, lixuehui <lixue...@chinacloud.com.cn>wrote:
> **
> Hi All:
> I installed gateway on my cluster. but always get 403 response:
> for bucket in conn.get_all_buckets():
>
> File "/usr/local/lib/python2.7/dist-packages/boto/s3/connection.py", line
> 387, in get_all_buckets
> response.status, response.reason, body)
> boto.exception.S3ResponseError: S3ResponseError: 403 Forbidden
>
> <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code></Error>
>
> In fact,the user I've defined the permission :
>
>
> { "user_id": "johndoe",
> "display_name": "John Doe",
> "email": "",
> "suspended": 0,
> "max_buckets": 1000,
> "auid": 0,
> "subusers": [],
> "keys": [
> { "user": "johndoe",
> "access_key": "OEGPBGHD9DJRWVR3TYZC",
> "secret_key": "639gPny\/AZN2CTYAy1BV5V4kfqRP3\/1GOikHgUni"}],
> "swift_keys": [],
> "caps": [
> { "type": "usage",
> "perm": "*"},
> { "type": "user",
> "perm": "*"}],
> "op_mask": "read, write, delete",
> "default_placement": "",
> "placement_tags": []}
>
>
> and in the client the code is :
>
> #!/usr/bin/env python2
> import boto
> import boto.s3.connection
> access_key='OEGPBGHD9DJRWVR3TYZC'
> secret_key='639gPny\/AZN2CTYAy1BV5V4kfqRP3\/1GOikHgUni'
> conn=boto.connect_s3(
> aws_access_key_id=access_key,
> aws_secret_access_key=secret_key,
> host="cephclient21.com",
> is_secure = False ,
> calling_format=boto.s3.connection.OrdinaryCallingFormat(),
> )
> for bucket in conn.get_all_buckets():
> print "{name}\t{created}".format(
> name=bucket.name,
> created=bucket.creation_date,
> )
>
> The gateway info is :
> 2013-10-11 13:16:31.456348 7fcdf0073780 20 enqueued request req=0x154d760
> 2013-10-11 13:16:31.456436 7fcdf0073780 20 RGWWQ:
> 2013-10-11 13:16:31.456458 7fcdf0073780 20 req: 0x154d760
> 2013-10-11 13:16:31.456505 7fcdf0073780 10 allocated request req=0x154dfa0
> 2013-10-11 13:16:31.456561 7fcddcff9700 20 dequeued request req=0x154d760
> 2013-10-11 13:16:31.456633 7fcddcff9700 20 RGWWQ: empty
> 2013-10-11 13
> :16:31.456671 7fcddcff9700 1 ====== starting new request req=0x154d760 =====
> 2013-10-11 13
> :16:31.456965 7fcddcff9700 2 req 4:0.000296::PUT
> /my-new-bucket/::initializing
> 2013-10-11 13
> :16:31.457168 7fcddcff9700 10 s->object=<NULL> s->bucket=my-new-bucket
> 2013-10-11 13:16:31.457205 7fcddcff9700 20 FCGI_ROLE=RESPONDER
> 2013-10-11 13:16:31.457217 7fcddcff9700 20 SCRIPT_URL=/my-new-bucket/
> 2013-10-11 13:16:31.457226 7fcddcff9700 20 SCRIPT_URI=
> http://ceph-client21/my-new-bucket/
>
> 2013-10-11 13:16:31.457235 7fcddcff9700 20 HTTP_AUTHORIZATION=AWS
> OEGPBGHD9DJRWVR3TYZC:QjpQBiyGqQ+X3Hp6E0MTUeQSkXw=
> 2013-10-11 13:16:31.457246 7fcddcff9700 20 HTTP_HOST=ceph-client21
> 2013-10-11 13:16:31.457257 7fcddcff9700 20 HTTP_ACCEPT_ENCODING=identity
>
> 2013-10-11 13:16:31.457266 7fcddcff9700 20 HTTP_DATE=Fri, 11 Oct 2013
> 05:15:35 GMT
> 2013-10-11 13:16:31.457275 7fcddcff9700 20 CONTENT_LENGTH=0
>
> 2013-10-11 13:16:31.457285 7fcddcff9700 20 HTTP_USER_AGENT=Boto/2.13.3
> Python/2.7.3 Linux/3.5.0-23-generic
>
> 2013-10-11 13:16:31.457294 7fcddcff9700 20 PATH=/usr/local/bin:/usr/bin:/bin
> 2013-10-11 13:16:31.457303 7fcddcff9700 20 SERVER_SIGNATURE=
>
> 2013-10-11 13:16:31.457312 7fcddcff9700 20 SERVER_SOFTWARE=Apache/2.2.22
> (Ubuntu)
> 2013-10-11 13:16:31.457321 7fcddcff9700 20 SERVER_NAME=ceph-client21
> 2013-10-11 13:16:31.457330 7fcddcff9700 20 SERVER_ADDR=192.168.50.115
> 2013-10-11 13:16:31.457339 7fcddcff9700 20 SERVER_PORT=80
> 2013-10-11 13:16:31.457348 7fcddcff9700 20 REMOTE_ADDR=192.168.50.105
> 2013-10-11 13:16:31.457357 7fcddcff9700 20 DOCUMENT_ROOT=/var/www
> 2013-10-11 13:16:31.457366 7fcddcff9700 20 SERVER_ADMIN=[no address given]
>
> 2013-10-11 13:16:31.457376 7fcddcff9700 20 SCRIPT_FILENAME=/var/www/s3gw.fcgi
> 2013-10-11 13:16:31.457389 7fcddcff9700 20 REMOTE_PORT=38823
> 2013-10-11 13:16:31.457404 7fcddcff9700 20 GATEWAY_INTERFACE=CGI/1.1
> 2013-10-11 13:16:31.457420 7fcddcff9700 20 SERVER_PROTOCOL=HTTP/1.1
> 2013-10-11 13:16:31.457430 7fcddcff9700 20 REQUEST_METHOD=PUT
>
> 2013-10-11 13:16:31.457439 7fcddcff9700 20
> QUERY_STRING=page=my-new-bucket¶ms=/
> 2013-10-11 13:16:31.457448 7fcddcff9700 20 REQUEST_URI=/my-new-bucket/
> 2013-10-11 13:16:31.457457 7fcddcff9700 20 SCRIPT_NAME=/my-new-bucket/
>
> 2013-10-11 13:16:31.457469 7fcddcff9700 2 req 4:0.000799:s3:PUT
> /my-new-bucket/::getting op
>
> 2013-10-11 13:16:31.457504 7fcddcff9700 2 req 4:0.000835:s3:PUT
> /my-new-bucket/:create_bucket:authorizing
>
> 2013-10-11 13:16:31.457594 7fcddcff9700 20 get_obj_state: rctx=0x7fcd80009c50
> obj=.users:OEGPBGHD9DJRWVR3TYZC state=0x7fcd80009d18 s->prefetch_data=0
>
> 2013-10-11 13:16:31.457651 7fcddcff9700 10 moving .users+OEGPBGHD9DJRWVR3TYZC
> to cache LRU end
>
> 2013-10-11 13:16:31.457671 7fcddcff9700 10 cache get:
> name=.users+OEGPBGHD9DJRWVR3TYZC : type miss (requested=6, cached=3)
>
> 2013-10-11 13:16:31.464221 7fcddcff9700 10 cache put:
> name=.users+OEGPBGHD9DJRWVR3TYZC
>
> 2013-10-11 13:16:31.464242 7fcddcff9700 10 moving .users+OEGPBGHD9DJRWVR3TYZC
> to cache LRU end
>
> 2013-10-11 13:16:31.464276 7fcddcff9700 20 get_obj_state: s->obj_tag was set
> empty
>
> 2013-10-11 13:16:31.464303 7fcddcff9700 10 moving .users+OEGPBGHD9DJRWVR3TYZC
> to cache LRU end
>
> 2013-10-11 13:16:31.464310 7fcddcff9700 10 cache get:
> name=.users+OEGPBGHD9DJRWVR3TYZC : hit
>
> 2013-10-11 13:16:31.464373 7fcddcff9700 20 get_obj_state: rctx=0x7fcd80009e40
> obj=.users.uid:johndoe state=0x7fcd80001858 s->prefetch_data=0
>
> 2013-10-11 13:16:31.464396 7fcddcff9700 10 moving .users.uid+johndoe to cache
> LRU end
>
> 2013-10-11 13:16:31.464402 7fcddcff9700 10 cache get: name=.users.uid+johndoe
> : type miss (requested=6, cached=3)
>
> 2013-10-11 13:16:31.467418 7fcddcff9700 10 cache put: name=.users.uid+johndoe
>
> 2013-10-11 13:16:31.467438 7fcddcff9700 10 moving .users.uid+johndoe to cache
> LRU end
>
> 2013-10-11 13:16:31.467461 7fcddcff9700 20 get_obj_state: s->obj_tag was set
> empty
>
> 2013-10-11 13:16:31.467492 7fcddcff9700 10 moving .users.uid+johndoe to cache
> LRU end
>
> 2013-10-11 13:16:31.467501 7fcddcff9700 10 cache get: name=.users.uid+johndoe
> : hit
> 2013-10-11 13:16:31.467607 7fcddcff9700 10 get_canon_resource(): dest=
> 2013-10-11 13:16:31.467615 7fcddcff9700 10 auth_hdr:
> PUT
>
>
> Fri, 11 Oct 2013 05:15:35 GMT
> /my-new-bucket/
>
> 2013-10-11 13:16:31.467665 7fcddcff9700 15 calculated
> digest=g0tUCPLXbvAdrRDa1etmPSlUEBQ=
>
> 2013-10-11 13:16:31.467671 7fcddcff9700 15
> auth_sign=QjpQBiyGqQ+X3Hp6E0MTUeQSkXw=
> 2013-10-11 13:16:31.467676 7fcddcff9700 15 compare=-1
> 2013-10-11 13:16:31.467683 7fcddcff9700 10 failed to authorize request
>
> 2013-10-11 13:16:31.467748 7fcddcff9700 2 req 4:0.011079:s3:PUT
> /my-new-bucket/:create_bucket:http status=403
>
> 2013-10-11 13:16:31.467990 7fcddcff9700 1 ====== req done req=0x154d760
> http_status=403 ======
>
> 2013-10-11 13:16:44.221024 7fcddeffd700 2
> RGWDataChangesLog::ChangesRenewThread: start
>
> 2013-10-11 13:17:06.221232 7fcddeffd700 2
> RGWDataChangesLog::ChangesRenewThread: start
>
> 2013-10-11 13:17:28.221434 7fcddeffd700 2
> RGWDataChangesLog::ChangesRenewThread: start
>
> 2013-10-11 13:17:50.221628 7fcddeffd700 2
> RGWDataChangesLog::ChangesRenewThread: start
>
> I can really not find the mistake ,thanks for any help!
> ------------------------------
> lixuehui
>
> _______________________________________________
> ceph-users mailing list
> ceph-users@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>
>
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
