← Back to team overview

openstack team mailing list archive

Re: Creating account and user in swift

 

Are you using the "swift" utility or are you using REST?
How are you performing the GET Authorization?

On Fri, Jan 27, 2012 at 9:00 AM, Khaled Ben Bahri <khaled-bbk@xxxxxxxxxxx>wrote:

>  Hi,
>
> I added an entry like this one but it doesn't work
> I got this error
> Account HEAD failed: https://x.x.x.x:8080/v1/AUTH_system 403 Forbidden
>
> ------------------------------
> Date: Fri, 27 Jan 2012 08:56:59 -0800
> Subject: Re: [Openstack] Creating account and user in swift
> From: sbroeker@xxxxxxxxxxxx
> To: khaled-bbk@xxxxxxxxxxx
> CC: openstack@xxxxxxxxxxxxxxxxxxx
>
> Try adding an entry like the following:
>
>     user_test_tester3 = testing3
>
>
> On Fri, Jan 27, 2012 at 2:44 AM, Khaled Ben Bahri <khaled-bbk@xxxxxxxxxxx>wrote:
>
>  Hi folks,
>
> I installed swift with "tempauth" authentication subsystem
> To create a user I have to write a new line in the proxy-server.conf on
> the section  [filter:temauth] like this :
> user_system_root = testpass .admin https://PROXY_IP:8080/v1/AUTH_system
>
> as i inderstood, the format is actually :
> user_**<account>_<user> = <key>  [group] [other options] [storage_url]**
>
> I added a new user in new account
> user_newaccount_user1 = passuser1 .swift
> https://PROXY_IP:8080/v1/AUTH_system
>
> After that, to get an x url for this user by executing this command
>
> curl -k -v -H 'X-Storage-User: newaccount:user1' -H 'X-Storage-Pass: passuser1' https://$PROXY_LOCAL_NET_IP:8080/auth/v1.0
>
> When i want to check that I can HEAD the new account, I got the error 403
>
>
>
>
> root@ubuntu-KVM:/etc/swift# curl -k -v -H 'X-Auth-Token: AUTH_tk76c7fbcfa4864cea8d6bc09bf5731658' https://x.x.x.x:8080/v1/AUTH_system
>
> * About to connect() to x.x.x.x port 8080 (#0)
> *   Trying x.x.x.x... connected
> * Connected to x.x.x.x (x.x.x.x) port 8080 (#0)
> * successfully set certificate verify locations:
> *   CAfile: none
>   CApath: /etc/ssl/certs
>
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv3, TLS handshake, Client key exchange (16):
>
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSL connection using AES256-SHA
> * Server certificate:
>
> * 	 subject: C=FR; ST=Some-State; O=Internet Widgits Pty Ltd
> * 	 start date: 2012-01-26 18:17:34 GMT
> * 	 expire date: 2012-02-25 18:17:34 GMT
>
> * SSL: unable to obtain common name from peer certificate
> > GET /v1/AUTH_system HTTP/1.1
> > User-Agent: curl/7.21.3 (x86_64-pc-linux-gnu) libcurl/7.21.3 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18
>
> > Host: x.x.x.x:8080
> > Accept: */*
> > X-Auth-Token: AUTH_tk76c7fbcfa4864cea8d6bc09bf5731658
> >
> < HTTP/1.1 403 Forbidden
> < Content-Length: 157
> < Content-Type: text/html; charset=UTF-8
>
> < Date: Fri, 27 Jan 2012 10:00:57 GMT
> <
> <html>
>  <head>
>   <title>403 Forbidden</title>
>  </head>
>  <body>
>   <h1>403 Forbidden</h1>
>   Access was denied to this resource.<br /><br />
>
>
>
>  </body>
> * Connection #0 to host x.x.x.x left intact
> * Closing connection #0
> * SSLv3, TLS alert, Client hello (1):
>
>
>
> Can any one please know any thing about this
>
> Best regards
>
> Khaled
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>
>

Follow ups

References