[Openstack] Swift tempurl
Morten Møller Riis
mmr at gigahost.dk
Wed Jul 10 11:43:18 UTC 2013
I've been looking at tempurl.py and found that the problem occurs here:
def _get_key(self, env, account):
"""
Returns the X-Account-Meta-Temp-URL-Key header value for the
account, or None if none is set.
:param env: The WSGI environment for the request.
:param account: Account str.
:returns: X-Account-Meta-Temp-URL-Key str value, or None.
"""
key = None
memcache = env.get('swift.cache')
if memcache:
key = memcache.get('temp-url-key/%s' % account)
if not key:
newenv = make_pre_authed_env(env, 'HEAD', '/v1/' + account,
self.agent)
newenv['CONTENT_LENGTH'] = '0'
newenv['wsgi.input'] = StringIO('')
key = [None]
def _start_response(status, response_headers, exc_info=None):
for h, v in response_headers:
if h.lower() == 'x-account-meta-temp-url-key':
key[0] = v
i = iter(self.app(newenv, _start_response))
self.logger.info()
try:
i.next()
except StopIteration:
pass
key = key[0]
if key and memcache:
memcache.set('temp-url-key/%s' % account, key, timeout=60)
return key
The request get 403 forbidden and thus never gets the key in the first place. I'm looking at the github repo and the implementation there seems to have changed.
Mvh / Best regards
Morten Møller Riis
Gigahost ApS
mmr at gigahost.dk
On Jul 10, 2013, at 6:24 PM, Morten Møller Riis <mmr at gigahost.dk> wrote:
> I'm having trouble getting tempurl to work.
>
> I set the "X-Account-Meta-Temp-Url-Key" metadata on the account. And a GET request shows it's set correctly.
>
> I've enabled it on the proxy server in /etc/swift/proxy-server.conf:
>
> [DEFAULT]
> bind_port = 8080
> workers = 8
> user = swift
>
> [pipeline:main]
> pipeline = healthcheck cache tempurl swauth proxy-server
>
> [app:proxy-server]
> use = egg:swift#proxy
> allow_account_management = true
> account_autocreate = true
>
> [filter:tempurl]
> use = egg:swift#tempurl
>
> [filter:swauth]
> use = egg:swauth#swauth
> set log_name = swauth
> super_admin_key = <removed>
> default_swift_cluster = gigahost#https://<url>/v1#http://localhost:8080/v1
>
> [filter:healthcheck]
> use = egg:swift#healthcheck
>
> [filter:cache]
> use = egg:swift#memcache
> memcache_servers = 127.0.0.1:11211
>
> When creating the tempurl's, even using the swift-temp-url program I get:
>
> ~ $ curl -i "https://<url>/v1/AUTH_224b1001-2c75-444c-aaef-30af13b9154c/000/206.pdf?temp_url_sig=387d79120a591e1cf6f4d4356f5c0a96fb49d202&temp_url_expires=1373438360"
> HTTP/1.1 401 Unauthorized
> Server: nginx
> Date: Wed, 10 Jul 2013 08:21:32 GMT
> Content-Type: text/plain
> Content-Length: 35
> Connection: keep-alive
>
> 401 Unauthorized: Temp URL invalid
>
> I've even tried running it locally on the proxy-server to localhost:8080, so I'm sure it's not nginx doing any funny stuff.
>
> Does anybody have any suggestions? I'm pretty lost :(
>
>
> Mvh / Best regards
> Morten Møller Riis
> Gigahost ApS
> mmr at gigahost.dk
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130710/a5c02ef7/attachment.html>
More information about the Openstack
mailing list