[openstack-dev] [Openstack] [Swift] Public Container's file listing
Sujay M
sujay.m17 at gmail.com
Mon Nov 19 07:32:19 UTC 2012
*>>if you are using keystone as Swift authentication, you can create user
in an account(project) through horizion or using command
keystone user-create ...*
*
*
*I am using tempauth where i'm specifying all the account details as below*
*
[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3
Is this the correct general format?
user_username_grpname = password
*
*
*>>For object public write, it seems that the referer is not allowed in
ACL:
*swift post -w '.r:*' publicContainer*
Don't forget to add directive .rlistings to allow listing the whole public
container:
*swift post -r '.r:*,.rlistings' publicContainer*
*
*
*thanks. (Does .rlistings do the same job as staticweb?)*
On 19 November 2012 11:59, Hua ZZ Zhang <zhuadl at cn.ibm.com> wrote:
> if you are using keystone as Swift authentication, you can create user
> in an account(project) through horizion or using command
> *keystone user-create ...*
> For object public write, it seems that the referer is not allowed in ACL:
> *swift post -w '.r:*' publicContainer*
>
> *Best Regards, *
>
> ------------------------------
>
> *Edward Zhang(张华)*
> Advisory Software Engineer
> Software Standards & Open Source Software
> Emerging Technology Institute(ETI)
> IBM China Software Development Lab
> e-mail: zhuadl at cn.ibm.com
> Notes ID: Hua ZZ Zhang/China/IBM
> Tel: 86-10-82450483
>
>
> 地址:北京市海淀区东北旺西路8号 中关村软件园28号楼 环宇大厦3层 邮编:100193
> Address: 3F Ring, Building 28 Zhongguancun Software Park, 8
> Dongbeiwang West Road, Haidian District, Beijing, P.R.C.100193
>
>
>
>
>
>
>
> [image: Inactive hide details for Sujay M ---2012-11-19 13:43:53---Thanks
> Edward Zhang,]Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang,
>
>
> *Sujay M <sujay.m17 at gmail.com>*
>
> 2012-11-19 13:43
>
>
> To
>
>
> Hua ZZ Zhang/China/IBM at IBMCN
>
>
> cc
>
>
> openstack at lists.launchpad.net, openstack-bounces+zhuadl=
> cn.ibm.com at lists.launchpad.net, openstack-dev at lists.openstack.org,
> openstack-operators at lists.openstack.org
>
>
> Subject
>
>
> Re: [Openstack] [Swift] Public Container's file listing
>
>
> Thanks Edward Zhang,
>
>
> >>"You can implement access control for objects either for users or
> accounts using XContainer-
> Read: accountname and X-Container-Write: accountname:username, which
> allows any user from the accountname account to read but only allows the
> username
> user from the accountname account to write."
>
> How do i create users in a account? Currently i have only admin:admin
> account with password admin.(one user per account)
>
>
>
> >>"You can also grant public access to objects stored in OpenStack Object
> Storage but also limit
> public access using the Referer header to prevent site-based content theft
> such as hot-linking
> (for example, linking to an image filefrom off-site and therefore using
> other's bandwidth).
> The public container settings are used as the default authorization over
> access control lists.
> For example, using X-Container-Read:referer:any allows anyone to read from
> the container regardless
> of other authorization settings.
>
> Can i give public access that allows anyone to store/write the objects
> into a container. I have used referer for making container as public
> '.r:*'. Is there anything like this for write?
>
>
> On 19 November 2012 10:36, Hua ZZ Zhang <*zhuadl at cn.ibm.com*<zhuadl at cn.ibm.com>>
> wrote:
>
> "You can implement access control for objects either for users or
> accounts using XContainer-
> Read: accountname and X-Container-Write: accountname:username, which
> allows any user from the accountname account to read but only allows
> the username
> user from the accountname account to write."
>
> "You can also grant public access to objects stored in OpenStack
> Object Storage but also limit
> public access using the Referer header to prevent site-based content
> theft such as hot-linking
> (for example, linking to an image filefrom off-site and therefore
> using other's bandwidth).
> The public container settings are used as the default authorization
> over access control lists.
> For example, using X-Container-Read:referer:any allows anyone to read
> from the container regardless
> of other authorization settings."
> *
> Best Regards, *
>
> ------------------------------
> *Edward Zhang(张华)*
>
> [image: Inactive hide details for Sujay M ---2012-11-19 11:59:55---Hi
> all,]Sujay M ---2012-11-19 11:59:55---Hi all,
> *Sujay M <**sujay.m17 at gmail.com* <sujay.m17 at gmail.com>*>*
> Sent by: openstack-bounces+zhuadl=*cn.ibm.com at lists.launchpad.net*<cn.ibm.com at lists.launchpad.net>
>
>
> 2012-11-19 11:59
> To
> *openstack-operators at lists.openstack.org*<openstack-operators at lists.openstack.org>,
> *openstack at lists.launchpad.net* <openstack at lists.launchpad.net>, *
> openstack-dev at lists.openstack.org*<openstack-dev at lists.openstack.org>
> cc
> Subject
> [Openstack] [Swift] Public Container's file listing
>
> Hi all,
>
> Currently it is showing Unauthorized if i give only public container
> name for listing of files in the public Container
>
> *192.168.56.20:8080/v1/AUTH_test/publicContainer/*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer/>
>
>
> *192.168.56.20:8080/v1/AUTH_test/publicContainer*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer>
>
>
> Unauthorized
>
> Is there any way i can list the files publicly? Thanks in advance
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> _______________________________________________
> Mailing list: *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
> Post to : *openstack at lists.launchpad.net*<openstack at lists.launchpad.net>
> Unsubscribe : *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
> More help : *https://help.launchpad.net/ListHelp*<https://help.launchpad.net/ListHelp>
>
>
>
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> *(See attached file: pic23265.gif)*
>
>
--
Best Regards,
Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal
contact: +918971897571
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/ea67fcbf/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/ea67fcbf/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/ea67fcbf/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic15750.gif
Type: image/gif
Size: 1255 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/ea67fcbf/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1D933875.gif
Type: image/gif
Size: 1279 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/ea67fcbf/attachment-0003.gif>
More information about the OpenStack-dev
mailing list
