← Back to team overview

openstack team mailing list archive

Re: [Swift] Public Container's file listing

 

Edward Zhang, thanks a lot for clarifying some of my doubts.


On 19 November 2012 15:22, Hua ZZ Zhang <zhuadl@xxxxxxxxxx> wrote:

> *>>Is this the correct general format?*
> *>>user_username_grpname = password*
> The tempauth format is *user_<accountname>_<username> = <password>*
>
>
> *>>Is there any way where i can list the containers in a account?*
> I don't see the possibility of doing this without code change.
>
> *>>Does .rlistings do the same job as staticweb?*
> IMO, .rlistings directive is implemented as ACL. Staticweb middleware are
> using customerized metadata "web-listings: true" to enable listing objects
> in static web page. But you can get listings in staticweb without setting
> directive inside of the ACL. If you want to support API level of public
> listing container, you should use .rlisting directive.
>
>
> *Best Regards, *
>
> ------------------------------
>
>    *Edward Zhang(张华)*
>
>
>
>
>
> [image: Inactive hide details for Sujay M ---2012-11-19 15:32:36--->>if
> you are using keystone as Swift authentication, you can create]Sujay M
> ---2012-11-19 15:32:36--->>if you are using keystone as Swift
> authentication, you can create user in an account(project) through horizion
> or using comma
>
>
>    *Sujay M <sujay.m17@xxxxxxxxx>*
>
>    2012-11-19 15:32
>
>
> To
>
>
>    Hua ZZ Zhang/China/IBM@IBMCN
>
>
> cc
>
>
>    "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>,
>    openstack-bounces+zhuadl=cn.ibm.com@xxxxxxxxxxxxxxxxxxx,
>    openstack-dev@xxxxxxxxxxxxxxxxxxx,
>    openstack-operators@xxxxxxxxxxxxxxxxxxx
>
>
> Subject
>
>
>    Re: [Openstack] [Swift] Public Container's file listing
>
>
> *>>if you are using keystone as Swift authentication, you can create user
> in an account(project) through horizion or using command
> keystone user-create ...*
>
> *I am using tempauth where i'm specifying all the account details as below
> *
>
> *[filter:tempauth]*
> *use = egg:swift#tempauth*
> *user_admin_admin = admin .admin .reseller_admin*
> *user_test_tester = testing .admin*
> *user_test2_tester2 = testing2 .admin*
> *user_test_tester3 = testing3*
>
> *Is this the correct general format?*
> *user_username_grpname = password*
>
>
> >>For object public write, it seems that the referer is not allowed in
> ACL: *
> swift post -w '.r:*' publicContainer*
> Don't forget to add directive .rlistings to allow listing the whole public
> container:*
> swift post -r '.r:*,.rlistings' publicContainer*
>
> *thanks. (Does .rlistings do the same job as staticweb?)*
>
>
> On 19 November 2012 11:59, Hua ZZ Zhang <*zhuadl@xxxxxxxxxx*<zhuadl@xxxxxxxxxx>>
> wrote:
>
>    if you are using keystone as Swift authentication, you can create user
>    in an account(project) through horizion or using command *
>    keystone user-create ...*
>    For object public write, it seems that the referer is not allowed in
>    ACL: *
>    swift post -w '.r:*' publicContainer*
>    *
>    Best Regards, *
>
>    ------------------------------
>     *Edward Zhang(张华)*
>       Advisory Software Engineer
>       Software Standards & Open Source Software
>       Emerging Technology Institute(ETI)
>       IBM China Software Development Lab
>       e-mail: *zhuadl@xxxxxxxxxx* <zhuadl@xxxxxxxxxx>
>       Notes ID: Hua ZZ Zhang/China/IBM
>       Tel: 86-10-82450483
>     地址:北京市海淀区东北旺西路8号 中关村软件园28号楼 环宇大厦3层 邮编:100193
>       Address: 3F Ring, Building 28 Zhongguancun Software Park, 8
>       Dongbeiwang West Road, Haidian District, Beijing, P.R.C.100193
>
>    [image: Inactive hide details for Sujay M ---2012-11-19
>    13:43:53---Thanks Edward Zhang,]Sujay M ---2012-11-19
>    13:43:53---Thanks Edward Zhang,
>      *Sujay M <**sujay.m17@xxxxxxxxx* <sujay.m17@xxxxxxxxx>*>*
>
>       2012-11-19 13:43
>        To
>    Hua ZZ Zhang/China/IBM@IBMCN
>     cc
>    *openstack@xxxxxxxxxxxxxxxxxxx* <openstack@xxxxxxxxxxxxxxxxxxx>,
>       openstack-bounces+zhuadl=*cn.ibm.com@xxxxxxxxxxxxxxxxxxx*<cn.ibm.com@xxxxxxxxxxxxxxxxxxx>,
>       *openstack-dev@xxxxxxxxxxxxxxxxxxx*<openstack-dev@xxxxxxxxxxxxxxxxxxx>,
>       *openstack-operators@xxxxxxxxxxxxxxxxxxx*<openstack-operators@xxxxxxxxxxxxxxxxxxx>
>     Subject
>    Re: [Openstack] [Swift] Public Container's file listing
>
>    Thanks Edward Zhang,
>
>
>    >>"You can implement access control for objects either for users or
>    accounts using XContainer-
>    Read: accountname and X-Container-Write: accountname:username, which
>    allows any user from the accountname account to read but only allows
>    the username
>    user from the accountname account to write."
>
>    How do i create users in a account? Currently i have only admin:admin
>    account with password admin.(one user per account)
>
>
>
>    >>"You can also grant public access to objects stored in OpenStack
>    Object Storage but also limit
>    public access using the Referer header to prevent site-based content
>    theft such as hot-linking
>    (for example, linking to an image filefrom off-site and therefore
>    using other's bandwidth).
>    The public container settings are used as the default authorization
>    over access control lists.
>    For example, using X-Container-Read:referer:any allows anyone to read
>    from the container regardless
>    of other authorization settings.
>
>    Can i give public access that allows anyone to store/write the objects
>    into a container.  I have used referer for making container as public
>    '.r:*'. Is there anything like this for write?
>
>
>    On 19 November 2012 10:36, Hua ZZ Zhang <*zhuadl@xxxxxxxxxx*<zhuadl@xxxxxxxxxx>>
>    wrote:
>       "You can implement access control for objects either for users or
>       accounts using XContainer-
>       Read: accountname and X-Container-Write: accountname:username, which
>       allows any user from the accountname account to read but only
>       allows the username
>       user from the accountname account to write."
>
>       "You can also grant public access to objects stored in OpenStack
>       Object Storage but also limit
>       public access using the Referer header to prevent site-based
>       content theft such as hot-linking
>       (for example, linking to an image filefrom off-site and therefore
>       using other's bandwidth).
>       The public container settings are used as the default authorization
>       over access control lists.
>       For example, using X-Container-Read:referer:any allows anyone to
>       read from the container regardless
>       of other authorization settings."*
>
>       Best Regards, *
>
>       ------------------------------
>        *Edward Zhang(张华)*
>
>       [image: Inactive hide details for Sujay M ---2012-11-19
>       11:59:55---Hi all,]Sujay M ---2012-11-19 11:59:55---Hi all,
>          *Sujay M <**sujay.m17@xxxxxxxxx* <sujay.m17@xxxxxxxxx>*>*
>          Sent by: openstack-bounces+zhuadl=*cn.ibm.com@xxxxxxxxxxxxxxxxxxx
>          * <cn.ibm.com@xxxxxxxxxxxxxxxxxxx>
>
>          2012-11-19 11:59
>           To
>       *openstack-operators@xxxxxxxxxxxxxxxxxxx*<openstack-operators@xxxxxxxxxxxxxxxxxxx>,
>          *openstack@xxxxxxxxxxxxxxxxxxx* <openstack@xxxxxxxxxxxxxxxxxxx>,
>          *openstack-dev@xxxxxxxxxxxxxxxxxxx*<openstack-dev@xxxxxxxxxxxxxxxxxxx>
>        cc
>        Subject
>       [Openstack] [Swift] Public Container's file listing
>
>       Hi all,
>
>       Currently it is showing Unauthorized if i give only public
>       container name for listing of files in the public Container
>
>       *192.168.56.20:8080/v1/AUTH_test/publicContainer/*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer/>
>
>
>       *192.168.56.20:8080/v1/AUTH_test/publicContainer*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer>
>
>
>       Unauthorized
>
>       Is there any way i can list the files publicly? Thanks in advance
>
>
>
>       --
>       Best Regards,
>
>       Sujay M
>       Final year B.Tech
>       Computer Engineering
>       NITK Surathkal
>
>       contact: +918971897571
>       _______________________________________________
>       Mailing list: *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
>       Post to     : *openstack@xxxxxxxxxxxxxxxxxxx*<openstack@xxxxxxxxxxxxxxxxxxx>
>       Unsubscribe : *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
>       More help   : *https://help.launchpad.net/ListHelp*<https://help.launchpad.net/ListHelp>
>
>
>
>
>
>
>    --
>    Best Regards,
>
>    Sujay M
>    Final year B.Tech
>    Computer Engineering
>    NITK Surathkal
>
>    contact: +918971897571
>    *(See attached file: pic23265.gif)*
>
>
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> [附件 "pic15750.gif" 被 Hua ZZ Zhang/China/IBM 删除]
>
>


-- 
Best Regards,

Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal

contact: +918971897571

GIF image

GIF image

GIF image

GIF image


References