I would love to know more about this topic too. push.... Hugo Kuo
2012/2/2 Pete Zaitcev <zait...@redhat.com> > Hello: > > Does anyone happen to have Swift running with S3 and Keystone? If yes, > send me the proxy-server.conf, please. Also, I'd like to ask a few > questions, if I may. I tried to piece it together from the code, > but failed. > > The authentication is done with a special hook into Keystone. It supplies > middleware, keystone/keystone/middleware/s3_token.py, which invokes > a POST to v2 Keysone with OS-KSS3:s3Credentials, then sets a req. header > X-Auth-Token. So far so good. > > However, how does it fit in with Swift? The actual S3 operations are > implemented by swift/common/middleware/swift3.py, which rolls up the > canonical string, then stuffs it into env['HTTP_X_AUTH_TOKEN']. > The intent is, as I understand, to invoke the special purpose > code in tempauth and thus is useless for Keystone. So, how is this > supposed to work? > > I imagine the pipeline should look something like this: > > [pipeline:main] > pipeline = healthcheck cache s3auth swift3 proxy-server > > [filter:s3auth] > use = egg:keystone#swiftauth > service_protocol = http > service_host = 192.168.129.18 > service_port = 5000 > > [filter:swift3] > use = egg:swift#swift3 > > Except... There is no entry point for s3_auth in keystone egg. > > Documentation seems to be absent. I suppose I could put it together, > if I got it all working at least once. > > Confused, > -- Pete > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > -- +Hugo Kuo+ tonyt...@gmail.com hugo....@cloudena.com +886-935-004-793 www.cloudena.com
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
