openstack team mailing list archive

[Tomasz 'Zen' Napierała <tomasz@xxxxxxxxxxxxx>]

On 3 paź 2011, at 16:56, Khaled Ben Bahri wrote:

> Hi 
> 
> This is the proxy-server.conf
> 
> [DEFAULT]
> cert_file = /etc/swift/cert.crt
> key_file = /etc/swift/cert.key
> bind_port = 8080
> workers = 8
> user = swift
> [pipeline:main]
> pipeline = healthcheck cache tempauth proxy-server
> [app:proxy-server]
> use = egg:swift#proxy
> allow_account_management = true
> [filter:tempauth]
> use = egg:swift#tempauth
> user_system_root = testpass .admin https://157.159.103.40:8080/v1/AUTH_system
> [filter:healthcheck]
> use = egg:swift#healthcheck
> [filter:cache]
> use = egg:swift#memcache
> memcache_servers = 157.159.103.40:11211
> 
> 
> 
> when I connect to the proxy server, I can manage files
> swift -A https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0 -U system:root -K testpass upload myfiles fichier_test
> swift -A https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0 -U system:root -K testpass list
> 
> these are commands used i 'm logged on the proxy node to stor a file named 'fichier_test' 
> and the second is to list created containers
> 
> I want to store file without logging to the proxy server but i don't know how to do this

I assume you checked that you can connect to port 8080 from outside the proxy.
What I suspect is that you don't have 
> $PROXY_LOCAL_NET_IP

defined on external system

Anyway, you just disclosed your credentials to the list (which means the whole world), and considering fact, that your system is open to the world, I would change system:root user and password, and also set up firewall.

Regards,
-- 
Tomasz 'Zen' Napierała