Looking over the state [and relatively untested nature] of the Keystone EC2
API and S3Token APIs, I want to propose deprecating these mechanisms of
auth within Keystone at this time.
These systems have been historically poorly tested and supported and have
remained broken / incompatible for long
+1 this is a totally logical move, especially given that the current
implementation back to the /v3/credentials API anyway.
On Friday, February 5, 2016, Morgan Fainberg
wrote:
> Looking over the state [and relatively untested nature] of the Keystone
> EC2 API and
>
> Is it certain that there is no need for the functions with the new EC2-API
> functions ?
>
> The S3 functions are somewhat separated from the EC2 API. How does SWIFT
> implement the S3 compatibility layer ?
>
> Getting a ‘to be deprecated’ log entry into Mitaka would be useful to make
>
On Feb 5, 2016 09:43, "Tim Bell" wrote:
>
>
> Is it certain that there is no need for the functions with the new
EC2-API functions ?
>
> The S3 functions are somewhat separated from the EC2 API. How does SWIFT
implement the S3 compatibility layer ?
>
> Getting a ‘to be
not using it somewhere else.
Tim
From: Dolph Mathews
Reply-To: "OpenStack Development Mailing List (not for usage questions)"
Date: Friday 5 February 2016 at 17:07
To: "OpenStack Development Mailing List (not for usage questions)"
Subject: Re: [openstack-dev] [keystone][ec2-
swift3(s3) works like ec2-api.
1. swift3/ec2-api recieves AWS request
2. it parses signature and access_key (and other headers)
3. it sends these values (and token that calculated from request) to keystone
4. keystone gets secret_key from DB, then calculates signature by
recieved access_key and
On Fri, Feb 5, 2016 at 12:37 PM, Andrey Pavlov wrote:
> swift3(s3) works like ec2-api.
>
> 1. swift3/ec2-api recieves AWS request
> 2. it parses signature and access_key (and other headers)
> 3. it sends these values (and token that calculated from request) to
> keystone
>
Can it be implemented as keystone plugin?
Is it possible to 'get' AUTH_TOKEN outside of keystone?
Will this code use keystone DB or it should create own?
So we will need one 'auth' module for swift3/ec2-api.
Sounds good but we need to understand some details before implementation.
On Fri, Feb 5,
On Fri, Feb 5, 2016 at 1:03 PM, Dolph Mathews
wrote:
>
> On Fri, Feb 5, 2016 at 12:37 PM, Andrey Pavlov
> wrote:
>
>> swift3(s3) works like ec2-api.
>>
>> 1. swift3/ec2-api recieves AWS request
>> 2. it parses signature and access_key (and other