[Openstack-operators] swauth 1.0.3 user create and access problem?

Judd Maltin openstack at newgoliath.com
Mon Dec 5 20:06:18 UTC 2011 

No curl love either.

Might have to remove the .auth database by hand or somehting??

root at proxy01-c01:/etc/swift# curl  -i -H 'X-Auth-User: test1:tester1' -H
'X-Storage-Pass: testing1' http://127.0.0.1:8080/auth/v1.0
HTTP/1.1 200 OK
X-Storage-Url:
http://127.0.0.1:8080/v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74
X-Storage-Token: AUTH_tkb44d649b7e2f4c8d9a4653a60de3f980
X-Auth-Token: AUTH_tkb44d649b7e2f4c8d9a4653a60de3f980
X-Trans-Id: tx9a8f99333ac44e0885b0b4c0ddb67c30
Content-Length: 112
Date: Mon, 05 Dec 2011 20:05:09 GMT

{"storage": {"default": "local", "local": "
http://127.0.0.1:8080/v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74
"}}root at proxy01-c01:/etc/swift#

root at proxy01-c01:/etc/swift# curl -i -H 'X-Auth-Token:
AUTH_tkb44d649b7e2f4c8d9a4653a60de3f980' X-Storage-Url:
http://127.0.0.1:8080/v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74/
curl: (6) Couldn't resolve host 'X-Storage-Url:'
HTTP/1.1 403 Forbidden
Content-Length: 157
Content-Type: text/html; charset=UTF-8
X-Trans-Id: tx8d228af637ca40818a4fb4cae5e20e0e
Date: Mon, 05 Dec 2011 20:05:35 GMT

<html>
 <head>
  <title>403 Forbidden</title>
 </head>
 <body>
  <h1>403 Forbidden</h1>
  Access was denied to this resource.<br /><br />



 </body>



On Mon, Dec 5, 2011 at 2:26 PM, Jeff Kramer <jeffkramer at gmail.com> wrote:

> Maybe drop the single quotes around the password?  Have you tried with
> curl?  Something like this (ripped out of some docs I've got):
>
> We can also test this with curl, from this machine or another machine
> (replace 127.0.0.1 with the servers IP address as appropriate):
>
> [code]
> curl -v -H 'X-Storage-User: testaccount:testuser' -H 'X-Storage-Pass:
> testpassword' http://127.0.0.1:8080/auth/v1.0
> [/code]
>
> This should return an auth token like this:
>
> X-Auth-Token: AUTH_tk6c0e4a8829084a899d5742dd18a6b274
>
> And a URL like this:
>
> X-Storage-Url:
> http://127.0.0.1:8080/v1/AUTH_18c08955-6ea1-41c8-b899-9d8b26063a87
>
> Which you can use to talk to storage:
>
> [code]
> curl -v -H 'X-Auth-Token: AUTH_tk6c0e4a8829084a899d5742dd18a6b274'
> http://127.0.0.1:8080/v1/AUTH_18c08955-6ea1-41c8-b899-9d8b26063a87
> [/code]
>
> Which should show you something like this:
>
> [code]
> < HTTP/1.1 204 No Content
> < X-Account-Object-Count: 0
> < X-Account-Bytes-Used: 0
> < X-Account-Container-Count: 0
> < Accept-Ranges: bytes
> < Content-Length: 0
> [/code]
>
>
> On Mon, Dec 5, 2011 at 12:56 PM, Judd Maltin <openstack at newgoliath.com>
> wrote:
> > I create my user test1:tester1 testing1 using the swauth tools just fine.
> >
> > root at proxy01-c01:/etc/swift# swauth-list -K swauthkey
> > {"accounts": [{"name": "test1"}]}
> > root at proxy01-c01:/etc/swift# swauth-list -K swauthkey test1
> > {"services": {"storage": {"default": "local", "local":
> > "http://127.0.0.1:8080/v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74"}},
> > "account_id": "AUTH_840f1320-2d45-4e62-92a5-71e448190c74", "users":
> > [{"name": "tester1"}]}
> > root at proxy01-c01:/etc/swift#
> >
> > But then when I try to stat the account: :(
> >
> > /etc/swift# swift -A http://127.0.0.1:8080/auth/v1.0 -U test1:tester1 -K
> > 'testing1' stat -v
> > Account HEAD failed:
> > http://127.0.0.1:8080/v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74 403
> > Forbidden
> >
> > /var/log/syslog:
> >
> > Dec  5 13:45:30 proxy01-c01 proxy-server - - 05/Dec/2011/18/45/30 GET
> > /v1/AUTH_.auth/test1/tester1 HTTP/1.0 200 - Swauth - - - -
> > txb6f5ac66b1134c31814f1daf4192548b - 0.0440
> > Dec  5 13:45:30 proxy01-c01 proxy-server - - 05/Dec/2011/18/45/30 GET
> > /v1/AUTH_.auth/.token_2/AUTH_tk01423b7c65fc463394cf8ca3de8fef52 HTTP/1.0
> 200
> > - Swauth - - - - txc70046f612ce4baca788ee49b20fba63 - 0.0291
> > Dec  5 13:45:30 proxy01-c01 proxy-server - - 05/Dec/2011/18/45/30 GET
> > /v1/AUTH_.auth/test1/.services HTTP/1.0 200 - Swauth - - - -
> > tx0547130a2c444252a21a868785f68ebd - 0.0308
> > Dec  5 13:45:30 proxy01-c01 swauth - 127.0.0.1 05/Dec/2011/18/45/30 GET
> > /auth/v1.0 HTTP/1.0 200 - - - - - - - - 0.1095
> > Dec  5 13:45:30 proxy01-c01 proxy-server 127.0.0.1 127.0.0.1
> > 05/Dec/2011/18/45/30 HEAD /v1/AUTH_840f1320-2d45-4e62-92a5-71e448190c74
> > HTTP/1.0 403 - -
> test1%3Atester1%2CAUTH_tk01423b7c65fc463394cf8ca3de8fef52 -
> > - - tx116c0dc81110402fa4f106feebe3c121 - 0.0006
> >
> > I'm using swift 1.4.4, swauth 1.0.3
> >
> > proxy-server.conf:
> > [pipeline:main]
> > pipeline = swift3 catch_errors healthcheck cache swauth proxy-server
> >
> > ...
> >
> > [filter:swauth]
> > use = egg:swauth#swauth
> > set default_swift_cluster =
> > local#http://127.0.0.1:8080/v1#http://127.0.0.1:8080/v1
> > set log_name = swauth
> > super_admin_key = swauthkey
> >
> >
> > Any ideas whats going on here?
> >
> > Thanks,
> > -judd
> >
> > _______________________________________________
> > Openstack-operators mailing list
> > Openstack-operators at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
> >
>
>
>
> --
> Jeff Kramer
> jeffkramer at gmail.com
> http://www.jeffkramer.org/
> _______________________________________________
> Openstack-operators mailing list
> Openstack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20111205/d3ae61c3/attachment-0002.html>

More information about the Openstack-operators mailing list