openstack team mailing list archive

Thread
Date

Re: [Swift] S3 like ACL for Swift

To: Victor Rodionov <victor.rodionov@xxxxxxxxxxx>
From: John Dickinson <me@xxxxxx>
Date: Wed, 20 Jun 2012 10:17:47 -0500
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4FE1E054.10609@nexenta.com>

Yes, this could be good for swift.

ACLs in swift do need to be stored in swift (for scale reasons), but their implementation is dependent on the particular auth system that you are using. The auth middleware is responsible for determining if a request is granted access to a particular swift entity. How does your implementation work with the current ACL support provided by tempauth and swauth? Are your ACLs compatible with the RBAC work being done in keystone?

I would suggest that general, full-featured ACL support should be done in conjunction with the work done in keystone and the swift-keystone middleware. If your implementation is simply more full-featured S3 compatibility, I'd suggest patching the 3rd party swift3 middleware.

--John

On Jun 20, 2012, at 9:38 AM, Victor Rodionov wrote:

> Hello
> 
> I have working implementation of S3 like ACL API for Swift, for this changes I need to store ACL on object and container server, then I need to change container and object servers code.
> 
> So my question, if this changes will be interesting for Swift community or no?
> 
> Thanks,
> Victor
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow ups

Re: [Swift] S3 like ACL for Swift
From: Victor Rodionov, 2012-06-20

References

[Swift] S3 like ACL for Swift
From: Victor Rodionov, 2012-06-20