A tenant is what used to be called a project in nova, and an account in swift.
When you validate a token using keystone you get the "account" (tenant) and the user who is performing the account (who is a member of the tenant) Jesse On Sun, Nov 20, 2011 at 7:58 AM, John Dickinson <m...@not.mn> wrote: > I don't think that is exactly right, but my understanding of tenants vs > accounts vs users may be lacking. Nonetheless, auth v2.0 support was added to > the swift cli tool by Chmouel recently. Have you tried with the code in > swift's trunk (also the 1.4.4 release scheduled for Tuesday)? > > --John > > > On Nov 20, 2011, at 8:55 AM, Rouault, Jason (Cloud Services) wrote: > >> Ziad, >> >> I think the problem is that the ‘swift’ command scopes a user to an >> account(tenant) via the concatenation of account:username when providing >> credentials for a valid token. With Keystone and /v2.0 auth the tenantId >> (or tenantName) are passed in the body of the request. >> >> Jason >> >> From: openstack-bounces+jason.rouault=hp....@lists.launchpad.net >> [mailto:openstack-bounces+jason.rouault=hp....@lists.launchpad.net] On >> Behalf Of Ziad Sawalha >> Sent: Friday, November 18, 2011 2:10 PM >> To: Judd Maltin; openstack@lists.launchpad.net >> Subject: Re: [Openstack] Keystone & Swift: swiftauth tenant namespace >> collisions? >> >> Hi Judd – I'm not sire I understand. Can you give me an example of two >> tenants, their usernames, and the endpoints you would like them to have in >> Keystone? >> >> >> From: Judd Maltin <j...@newgoliath.com> >> Date: Fri, 18 Nov 2011 15:22:09 -0500 >> To: <openstack@lists.launchpad.net> >> Subject: [Openstack] Keystone & Swift: swiftauth tenant namespace collisions? >> >> In keystone auth for swift (swiftauth), is there a way to eliminate >> namespace conflicts across tenants?" >> >> i.e. in tempauth we use account:username password >> >> curl -k -v -H 'X-Auth-User: test:tester' -H 'X-Auth-Token: testing' >> http://127.0.0.1:8080/auth/v1.0 >> >> in swiftauth we use username password: >> $ swift -A http://127.0.0.1:5000/v1.0 -U joeuser -K secrete stat -v >> StorageURL: http://127.0.0.1:8888/v1/AUTH_1234 >> Auth Token: 74ce1b05-e839-43b7-bd76-85ef178726c3 >> Account: AUTH_12 >> >> How can I indicate my tenant (aka account) in this scheme. I already have >> lots of data. >> >> Further, should I create custom endpoint templates for each tenant to >> address "Account: AUTH_12" being unknown to my current swift account db? >> >> Thanks very much, >> -judd >> >> >> -- >> Judd Maltin >> T: 917-882-1270 >> F: 501-694-7809 >> A loving heart is never wrong. >> >> >> >> _______________________________________________ Mailing list: >> https://launchpad.net/~openstack Post to :openstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~openstack More help : >> https://help.launchpad.net/ListHelp >> _______________________________________________ >> Mailing list: https://launchpad.net/~openstack >> Post to : openstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~openstack >> More help : https://help.launchpad.net/ListHelp > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
