[openstack-dev] [Openstack] [Swift] Public Container's file listing
Hua ZZ Zhang
zhuadl at cn.ibm.com
Mon Nov 19 09:52:05 UTC 2012
>>Is this the correct general format?
>>user_username_grpname = password
The tempauth format is user_<accountname>_<username> = <password>
>>Is there any way where i can list the containers in a account?
I don't see the possibility of doing this without code change.
>>Does .rlistings do the same job as staticweb?
IMO, .rlistings directive is implemented as ACL. Staticweb middleware are
using customerized metadata "web-listings: true" to enable listing objects
in static web page. But you can get listings in staticweb without setting
directive inside of the ACL. If you want to support API level of public
listing container, you should use .rlisting directive.
Best Regards,
Edward Zhang(张华)
Sujay M
<sujay.m17 at gmail.
com> To
Hua ZZ Zhang/China/IBM at IBMCN
2012-11-19 15:32 cc
"openstack at lists.launchpad.net"
<openstack at lists.launchpad.net>,
openstack-bounces
+zhuadl=cn.ibm.com at lists.launchpad.
net,
openstack-dev at lists.openstack.org,
openstack-operators at lists.openstack
.org
Subject
Re: [Openstack] [Swift] Public
Container's file listing
>>if you are using keystone as Swift authentication, you can create user in
an account(project) through horizion or using command
keystone user-create ...
I am using tempauth where i'm specifying all the account details as below
[filter:tempauth]
use = egg:swift#tempauth
user_admin_admin = admin .admin .reseller_admin
user_test_tester = testing .admin
user_test2_tester2 = testing2 .admin
user_test_tester3 = testing3
Is this the correct general format?
user_username_grpname = password
>>For object public write, it seems that the referer is not allowed in ACL:
swift post -w '.r:*' publicContainer
Don't forget to add directive .rlistings to allow listing the whole public
container:
swift post -r '.r:*,.rlistings' publicContainer
thanks. (Does .rlistings do the same job as staticweb?)
On 19 November 2012 11:59, Hua ZZ Zhang <zhuadl at cn.ibm.com> wrote:
if you are using keystone as Swift authentication, you can create user in
an account(project) through horizion or using command
keystone user-create ...
For object public write, it seems that the referer is not allowed in ACL:
swift post -w '.r:*' publicContainer
Best Regards,
Edward Zhang(张华) 地址:北京市海淀区东北旺西路8号
Advisory Software Engineer 中关村软件园28号楼 环宇大厦3层
Software Standards & Open 邮编:100193
Source Software Address: 3F Ring, Building 28
Emerging Technology Institute Zhongguancun Software Park, 8
(ETI) Dongbeiwang West Road, Haidian
IBM China Software Development District, Beijing, P.R.C.100193
Lab
e-mail: zhuadl at cn.ibm.com
Notes ID: Hua ZZ
Zhang/China/IBM
Tel: 86-10-82450483
Inactive hide details for Sujay M ---2012-11-19 13:43:53---Thanks Edward
Zhang,Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang,
Sujay M
<
sujay.m
17 at gmai
l.com> To
Hua ZZ Zhang/China/IBM at IBMCN
2012-11
-19 cc
13:43
openstack at lists.launchpad.net,
openstack-bounces+zhuadl=
cn.ibm.com at lists.launchpad.net,
openstack-dev at lists.openstack.org,
openstack-operators at lists.openstack.org
Subject
Re: [Openstack] [Swift] Public Container's
file listing
Thanks Edward Zhang,
>>"You can implement access control for objects either for users or
accounts using XContainer-
Read: accountname and X-Container-Write: accountname:username, which
allows any user from the accountname account to read but only allows the
username
user from the accountname account to write."
How do i create users in a account? Currently i have only admin:admin
account with password admin.(one user per account)
>>"You can also grant public access to objects stored in OpenStack Object
Storage but also limit
public access using the Referer header to prevent site-based content
theft such as hot-linking
(for example, linking to an image filefrom off-site and therefore using
other's bandwidth).
The public container settings are used as the default authorization over
access control lists.
For example, using X-Container-Read:referer:any allows anyone to read
from the container regardless
of other authorization settings.
Can i give public access that allows anyone to store/write the objects
into a container. I have used referer for making container as public
'.r:*'. Is there anything like this for write?
On 19 November 2012 10:36, Hua ZZ Zhang <zhuadl at cn.ibm.com> wrote:
"You can implement access control for objects either for users or
accounts using XContainer-
Read: accountname and X-Container-Write: accountname:username,
which
allows any user from the accountname account to read but only
allows the username
user from the accountname account to write."
"You can also grant public access to objects stored in OpenStack
Object Storage but also limit
public access using the Referer header to prevent site-based
content theft such as hot-linking
(for example, linking to an image filefrom off-site and therefore
using other's bandwidth).
The public container settings are used as the default authorization
over access control lists.
For example, using X-Container-Read:referer:any allows anyone to
read from the container regardless
of other authorization settings."
Best Regards,
Edward Zhang(张华)
Inactive hide details for Sujay M ---2012-11-19 11:59:55---Hi all,
Sujay M ---2012-11-19 11:59:55---Hi all,
Sujay M <
sujay.m17 at gmail.com>
Sent by:
openstack-bounces
+zhuadl= To
cn.ibm.com at lists.laun
chpad.net openstack-operators at lists.opens
tack.org,
openstack at lists.launchpad.net,
2012-11-19 11:59 openstack-dev at lists.openstack.o
rg
cc
Subject
[Openstack] [Swift] Public
Container's file listing
Hi all,
Currently it is showing Unauthorized if i give only public
container name for listing of files in the public Container
192.168.56.20:8080/v1/AUTH_test/publicContainer/
192.168.56.20:8080/v1/AUTH_test/publicContainer
Unauthorized
Is there any way i can list the files publicly? Thanks in advance
--
Best Regards,
Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal
contact: +918971897571
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
--
Best Regards,
Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal
contact: +918971897571
(See attached file: pic23265.gif)
--
Best Regards,
Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal
contact: +918971897571
[附件 "pic15750.gif" 被 Hua ZZ Zhang/China/IBM 删除]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/a69e9284/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/a69e9284/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/a69e9284/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic02883.gif
Type: image/gif
Size: 1255 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/a69e9284/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 51843587.gif
Type: image/gif
Size: 1279 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20121119/a69e9284/attachment-0003.gif>
More information about the OpenStack-dev
mailing list
