openstack team mailing list archive
Mailing list archive
Re: 403 Forbidden integrate keystone essex with swift 1.4.9
Well , it looks normal in my consideration.
You specify the operator must have Member or admin role for accessing
If there's a user associates a role which named "watcher" . It will be
block in swift_auth filter .
That's the function of swift_auth , right ? It looks pretty match to
<jojo_wanglin@xxxxxxxx> 於 2012年3月29日下午5:38 寫道：
> Hi all:
> The story is: when i integrate keystone essex with swift 1.4.9, i use
> swift_auth for authorization, the configuration is belows:
> paste.filter_factory = keystone.middleware.swift_auth:filter_factory
> operator_roles = Member,admin
> If I access the swift service using swift command with the user who has
> the "Member, admin" role, it works successfully, but if i access using a
> user who has another role, it get the "403 Forbidden".
> That is why?
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
+ <tonytkdk@xxxxxxxxx>886 935004793