Well , it looks normal in my consideration. You specify the operator must have Member or admin role for accessing swift. If there's a user associates a role which named "watcher" . It will be block in swift_auth filter . That's the function of swift_auth , right ? It looks pretty match to your expectation.
<jojo_wang...@sina.com> 於 2012年3月29日下午5:38 寫道: > Hi all: > > The story is: when i integrate keystone essex with swift 1.4.9, i use > swift_auth for authorization, the configuration is belows: > > [filter:keystone] > paste.filter_factory = keystone.middleware.swift_auth:filter_factory > operator_roles = Member,admin > > If I access the swift service using swift command with the user who has > the "Member, admin" role, it works successfully, but if i access using a > user who has another role, it get the "403 Forbidden". > > > That is why? > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > -- +Hugo Kuo+ tonyt...@gmail.com + <tonyt...@gmail.com>886 935004793
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
