<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><span style="-webkit-text-size-adjust: auto; background-color: rgba(255, 255, 255, 0);">reseller_prefix = AUTH</span></div><div><span style="-webkit-text-size-adjust: auto;"><br></span></div><div><span style="-webkit-text-size-adjust: auto;">Ref: </span><a href="https://github.com/openstack/swift/blob/master/etc/proxy-server.conf-sample">https://github.com/openstack/swift/blob/master/etc/proxy-server.conf-sample</a><br><br><span style="-webkit-text-size-adjust: auto;">從我的 iPhone 傳送</span></div><div style="-webkit-text-size-adjust: auto; "><br>pangj <<a href="mailto:pangj@laposte.net">pangj@laposte.net</a>> 於 2013/8/23 上午12:32 寫道:<br><br></div><blockquote type="cite" style="-webkit-text-size-adjust: auto; "><div><span></span><br><span>Hi,</span><br><span></span><br><span>I changed the account name for tempauth in proxy-server.conf:</span><br><span></span><br><span>user_system_root = somepasswd .admin <a href="http://172.17.6.32:8080/v1/TEST_system">http://172.17.6.32:8080/v1/TEST_system</a></span><br><span></span><br><span>As shown above I changed the "AUTH_system" to "TEST_system".</span><br><span>Then I restarted the proxy: swift-init proxy restart</span><br><span></span><br><span>To get the auth token:</span><br><span>curl -v -H 'X-Storage-User: system:root' -H 'X-Storage-Pass: somepasswd' <a href="http://172.17.6.32:8080/auth/v1.0">http://172.17.6.32:8080/auth/v1.0</a></span><br><span></span><br><span>Then using the token to access the account:</span><br><span></span><br><span>$ curl -v -H "X-Auth-Token: AUTH_tkae821c50cb1247ccb88c0fb749dd5a88" <a href="http://172.17.6.32:8080/v1/TEST_system">http://172.17.6.32:8080/v1/TEST_system</a></span><br><span>* About to connect() to 172.17.6.32 port 8080 (#0)</span><br><span>*   Trying 172.17.6.32... connected</span><br><span>> GET /v1/TEST_system HTTP/1.1</span><br><span>> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3</span><br><span>> Host: 172.17.6.32:8080</span><br><span>> Accept: */*</span><br><span>> X-Auth-Token: AUTH_tkae821c50cb1247ccb88c0fb749dd5a88</span><br><span>></span><br><span>< HTTP/1.1 403 Forbidden</span><br><span>< Content-Length: 73</span><br><span>< Content-Type: text/html; charset=UTF-8</span><br><span>< Date: Fri, 23 Aug 2013 07:28:59 GMT</span><br><span><</span><br><span>* Connection #0 to host 172.17.6.32 left intact</span><br><span>* Closing connection #0</span><br><span><html><h1>Forbidden</h1><p>Access was denied to this resource.</p></html></span><br><span></span><br><span></span><br><span>Finally I got a 403 forbidden.</span><br><span>What's the problem? Thanks.</span><br><span></span><br><span></span><br><span>On 2013-8-23 10:31, John Dickinson wrote:</span><br><blockquote type="cite"><span>The auth system and how you organize the data are separate. You can certainly store all objects in one account (although I'd recommend you spread the objects across many containers). You could also not use any auth at all (by removing tempauth or keystone from the pipeline in the proxy server config), although only you know if that's a good idea or not.</span><br></blockquote><span></span><br><span></span><br><span>_______________________________________________</span><br><span>Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br><span>Post to     : <a href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a></span><br><span>Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br></div></blockquote></body></html>