[Openstack] [Swift] S3 like ACL for Swift

John Dickinson me at not.mn
Wed Jun 20 15:17:47 UTC 2012


Yes, this could be good for swift.

ACLs in swift do need to be stored in swift (for scale reasons), but their implementation is dependent on the particular auth system that you are using. The auth middleware is responsible for determining if a request is granted access to a particular swift entity. How does your implementation work with the current ACL support provided by tempauth and swauth? Are your ACLs compatible with the RBAC work being done in keystone?

I would suggest that general, full-featured ACL support should be done in conjunction with the work done in keystone and the swift-keystone middleware. If your implementation is simply more full-featured S3 compatibility, I'd suggest patching the 3rd party swift3 middleware.

--John


On Jun 20, 2012, at 9:38 AM, Victor Rodionov wrote:

> Hello
> 
> I have working implementation of S3 like ACL API for Swift, for this changes I need to store ACL on object and container server, then I need to change container and object servers code.
> 
> So my question, if this changes will be interesting for Swift community or no?
> 
> Thanks,
> Victor
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4329 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120620/78b683d2/attachment.bin>


More information about the Openstack mailing list