Hi,
I changed the account name for tempauth in proxy-server.conf:
user_system_root = somepasswd .admin http://172.17.6.32:8080/v1/TEST_system
As shown above I changed the "AUTH_system" to "TEST_system".
Then I restarted the proxy: swift-init proxy restart
To get the auth token:
curl -v -H 'X-Storage-User: system:root' -H 'X-Storage-Pass: somepasswd'
http://172.17.6.32:8080/auth/v1.0
Then using the token to access the account:
$ curl -v -H "X-Auth-Token: AUTH_tkae821c50cb1247ccb88c0fb749dd5a88"
http://172.17.6.32:8080/v1/TEST_system
* About to connect() to 172.17.6.32 port 8080 (#0)
* Trying 172.17.6.32... connected
> GET /v1/TEST_system HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0
OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: 172.17.6.32:8080
> Accept: */*
> X-Auth-Token: AUTH_tkae821c50cb1247ccb88c0fb749dd5a88
>
< HTTP/1.1 403 Forbidden
< Content-Length: 73
< Content-Type: text/html; charset=UTF-8
< Date: Fri, 23 Aug 2013 07:28:59 GMT
<
* Connection #0 to host 172.17.6.32 left intact
* Closing connection #0
<html><h1>Forbidden</h1><p>Access was denied to this resource.</p></html>
Finally I got a 403 forbidden.
What's the problem? Thanks.
On 2013-8-23 10:31, John Dickinson wrote:
The auth system and how you organize the data are separate. You can certainly
store all objects in one account (although I'd recommend you spread the objects
across many containers). You could also not use any auth at all (by removing
tempauth or keystone from the pipeline in the proxy server config), although
only you know if that's a good idea or not.
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
