openstack team mailing list archive

Thread
Date

Re: Swift and keystone: asking for an auth token.

To: Pierre Amadio <pierre.amadio@xxxxxxxxxxxxx>
From: Pete Zaitcev <zaitcev@xxxxxxxxxx>
Date: Tue, 3 Apr 2012 22:03:36 -0600
Cc: openstack <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <4F7B0ED1.4010200@canonical.com>
Organization: Red Hat, Inc.

On Tue, 03 Apr 2012 16:53:05 +0200
Pierre Amadio <pierre.amadio@xxxxxxxxxxxxx> wrote:

> [filter:tokenauth]
> paste.filter_factory = keystone.middleware.auth_token:filter_factory
> service_port = 5000
> service_host = 192.168.122.102
> auth_port = 35357
> auth_host = 192.168.122.102
> auth_protocol = http

I'm surprised this works at all, because if service_protocol is
not set, it defaults to https:. However, your -A argument points
to http:, like so

> ubuntu@swift-a:~$ swift -V 2 -U ubuntu:ubuntu -K openstack -A
> http://192.168.122.102:5000/v2.0 list

Strange that nothing shows up in logs.

> Account GET failed:
> https://192.168.122.105:8080/v2/AUTH_ed0a2ebb66054096869605fb53c049d7?format=json
> 403 Forbidden

> Just in case, i try to change the keystone objectstore endpoint to use
> v1 instead of v2 in the 3 catalog urls, but i had the same result.

This is the most obvious problem. Please try to use /v1 once again,
look at swift.log. If that fails, we'll need to start probing with
curl step by step.

-- Pete

References

Swift and keystone: asking for an auth token.
From: Pierre Amadio, 2012-04-03