Hello, I am looking for advice on an interesting case a customer of our swift cluster has come with.
They have uploaded a large object (~5G) to a swift container "containerA". Swift broke this object into segments, creating a container for those segments "containerA_segments". If both containers are set to public, this object can be downloaded. They want this container to be private and only serve up content to a specific refer domain. So, they set the following ACL on "containerA" ".r:<secret-key>.example.com,.rlistings Where the secret-key is one their proxy re-directs requests to. Now, they can not get the object in containerA. Setting "containerA_segments" to the same ACL as containerA also does not work. We have found that the only way to access this object is to set the ACL on "containerA_segments" to public. This isn't desirable because it means the segments container is now public even though containerA is private. Is this expected? -Adam ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
