Are you using the "swift" utility or are you using REST?<div>How are you performing the GET Authorization?<br><br><div class="gmail_quote">On Fri, Jan 27, 2012 at 9:00 AM, Khaled Ben Bahri <span dir="ltr"><<a href="mailto:khaled-bbk@hotmail.com">khaled-bbk@hotmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div dir="ltr">
Hi,<br><br>I added an entry like this one but it doesn't work<br>I got this error<br>Account HEAD failed: <a href="https://x.x.x.x:8080/v1/AUTH_system" target="_blank">https://x.x.x.x:8080/v1/AUTH_system</a> 403 Forbidden<br>
<br><div><div></div><hr>Date: Fri, 27 Jan 2012 08:56:59 -0800<br>Subject: Re: [Openstack] Creating account and user in swift<br>From: <a href="mailto:sbroeker@internap.com" target="_blank">sbroeker@internap.com</a><br>To: <a href="mailto:khaled-bbk@hotmail.com" target="_blank">khaled-bbk@hotmail.com</a><br>
CC: <a href="mailto:openstack@lists.launchpad.net" target="_blank">openstack@lists.launchpad.net</a><br><br>Try adding an entry like the following:<div><br><div><div> user_test_tester3 = testing3</div><div><br></div><br>
<div>On Fri, Jan 27, 2012 at 2:44 AM, Khaled Ben Bahri <span dir="ltr"><<a href="mailto:khaled-bbk@hotmail.com" target="_blank">khaled-bbk@hotmail.com</a>></span> wrote:<br>
<blockquote style="border-left:1px #ccc solid;padding-left:1ex">
<div><div dir="ltr">
Hi folks,<br><br>I installed swift with "tempauth" authentication subsystem <br>To create a user I have to write a new line in the proxy-server.conf on the section [filter:temauth] like this :<br>user_system_root = testpass .admin <a href="https://PROXY_IP:8080/v1/AUTH_system" target="_blank">https://PROXY_IP:8080/v1/AUTH_system</a><br>
<br>as i inderstood, the format is actually :<br>user_<u></u><account>_<user> = <key> [group] [other options] [storage_url]<u></u><br><br>I added a new user in new account <br>user_newaccount_user1 = passuser1 .swift <a href="https://PROXY_IP:8080/v1/AUTH_system" target="_blank">https://PROXY_IP:8080/v1/AUTH_system</a><br>
<br>After that, to get an x url for this user by executing this command<br><pre>curl -k -v -H 'X-Storage-User: newaccount:user1' -H 'X-Storage-Pass: passuser1' https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0<br>
<br>When i want to check that I can HEAD the new account, I got the error 403 <br><br><br><br><br>root@ubuntu-KVM:/etc/swift# curl -k -v -H 'X-Auth-Token: AUTH_tk76c7fbcfa4864cea8d6bc09bf5731658' <a href="https://x.x.x.x:8080/v1/AUTH_system" target="_blank">https://x.x.x.x:8080/v1/AUTH_system</a><br>
* About to connect() to x.x.x.x port 8080 (#0)<br>* Trying x.x.x.x... connected<br>* Connected to x.x.x.x (x.x.x.x) port 8080 (#0)<br>* successfully set certificate verify locations:<br>* CAfile: none<br> CApath: /etc/ssl/certs<br>
* SSLv3, TLS handshake, Client hello (1):<br>* SSLv3, TLS handshake, Server hello (2):<br>* SSLv3, TLS handshake, CERT (11):<br>* SSLv3, TLS handshake, Server finished (14):<br>* SSLv3, TLS handshake, Client key exchange (16):<br>
* SSLv3, TLS change cipher, Client hello (1):<br>* SSLv3, TLS handshake, Finished (20):<br>* SSLv3, TLS change cipher, Client hello (1):<br>* SSLv3, TLS handshake, Finished (20):<br>* SSL connection using AES256-SHA<br>* Server certificate:<br>
* subject: C=FR; ST=Some-State; O=Internet Widgits Pty Ltd<br>* start date: <a>2012-01-26 18</a>:17:34 GMT<br>* expire date: <a>2012-02-25 18</a>:17:34 GMT<br>
* SSL: unable to obtain common name from peer certificate<br>> GET /v1/AUTH_system HTTP/1.1<br>> User-Agent: curl/7.21.3 (x86_64-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o zlib/<a href="http://1.2.3.4" target="_blank">1.2.3.4</a> libidn/1.18<br>
> Host: x.x.x.x:8080<br>> Accept: */*<br>> X-Auth-Token: AUTH_tk76c7fbcfa4864cea8d6bc09bf5731658<br>> <br>< HTTP/1.1 403 Forbidden<br>< Content-Length: 157<br>< Content-Type: text/html; charset=UTF-8<br>
< Date: Fri, 27 Jan 2012 10:00:57 GMT<br>< <br><html><br> <head><br> <title>403 Forbidden</title><br> </head><br> <body><br> <h1>403 Forbidden</h1><br> Access was denied to this resource.<br /><br /><br>
<br><br><br> </body><br>* Connection #0 to host x.x.x.x left intact<br>* Closing connection #0<br>* SSLv3, TLS alert, Client hello (1):<br><br><br><br>Can any one please know any thing about this<br><br>Best regards<span><font color="#888888"><br>
Khaled<br></font></span></pre><br> </div></div>
<br>_______________________________________________<br>
Mailing list: <a href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>
Post to : <a href="mailto:openstack@lists.launchpad.net" target="_blank">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a href="https://launchpad.net/%7Eopenstack" target="_blank">https://launchpad.net/~openstack</a><br>
More help : <a href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>
<br></blockquote></div><br></div></div></div> </div></div>
</blockquote></div><br></div>