openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #18708
Re: [Swift] Public Container's file listing
Edward Zhang, thanks a lot for clarifying some of my doubts.
On 19 November 2012 15:22, Hua ZZ Zhang <zhuadl@xxxxxxxxxx> wrote:
> *>>Is this the correct general format?*
> *>>user_username_grpname = password*
> The tempauth format is *user_<accountname>_<username> = <password>*
>
>
> *>>Is there any way where i can list the containers in a account?*
> I don't see the possibility of doing this without code change.
>
> *>>Does .rlistings do the same job as staticweb?*
> IMO, .rlistings directive is implemented as ACL. Staticweb middleware are
> using customerized metadata "web-listings: true" to enable listing objects
> in static web page. But you can get listings in staticweb without setting
> directive inside of the ACL. If you want to support API level of public
> listing container, you should use .rlisting directive.
>
>
> *Best Regards, *
>
> ------------------------------
>
> *Edward Zhang(张华)*
>
>
>
>
>
> [image: Inactive hide details for Sujay M ---2012-11-19 15:32:36--->>if
> you are using keystone as Swift authentication, you can create]Sujay M
> ---2012-11-19 15:32:36--->>if you are using keystone as Swift
> authentication, you can create user in an account(project) through horizion
> or using comma
>
>
> *Sujay M <sujay.m17@xxxxxxxxx>*
>
> 2012-11-19 15:32
>
>
> To
>
>
> Hua ZZ Zhang/China/IBM@IBMCN
>
>
> cc
>
>
> "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>,
> openstack-bounces+zhuadl=cn.ibm.com@xxxxxxxxxxxxxxxxxxx,
> openstack-dev@xxxxxxxxxxxxxxxxxxx,
> openstack-operators@xxxxxxxxxxxxxxxxxxx
>
>
> Subject
>
>
> Re: [Openstack] [Swift] Public Container's file listing
>
>
> *>>if you are using keystone as Swift authentication, you can create user
> in an account(project) through horizion or using command
> keystone user-create ...*
>
> *I am using tempauth where i'm specifying all the account details as below
> *
>
> *[filter:tempauth]*
> *use = egg:swift#tempauth*
> *user_admin_admin = admin .admin .reseller_admin*
> *user_test_tester = testing .admin*
> *user_test2_tester2 = testing2 .admin*
> *user_test_tester3 = testing3*
>
> *Is this the correct general format?*
> *user_username_grpname = password*
>
>
> >>For object public write, it seems that the referer is not allowed in
> ACL: *
> swift post -w '.r:*' publicContainer*
> Don't forget to add directive .rlistings to allow listing the whole public
> container:*
> swift post -r '.r:*,.rlistings' publicContainer*
>
> *thanks. (Does .rlistings do the same job as staticweb?)*
>
>
> On 19 November 2012 11:59, Hua ZZ Zhang <*zhuadl@xxxxxxxxxx*<zhuadl@xxxxxxxxxx>>
> wrote:
>
> if you are using keystone as Swift authentication, you can create user
> in an account(project) through horizion or using command *
> keystone user-create ...*
> For object public write, it seems that the referer is not allowed in
> ACL: *
> swift post -w '.r:*' publicContainer*
> *
> Best Regards, *
>
> ------------------------------
> *Edward Zhang(张华)*
> Advisory Software Engineer
> Software Standards & Open Source Software
> Emerging Technology Institute(ETI)
> IBM China Software Development Lab
> e-mail: *zhuadl@xxxxxxxxxx* <zhuadl@xxxxxxxxxx>
> Notes ID: Hua ZZ Zhang/China/IBM
> Tel: 86-10-82450483
> 地址:北京市海淀区东北旺西路8号 中关村软件园28号楼 环宇大厦3层 邮编:100193
> Address: 3F Ring, Building 28 Zhongguancun Software Park, 8
> Dongbeiwang West Road, Haidian District, Beijing, P.R.C.100193
>
> [image: Inactive hide details for Sujay M ---2012-11-19
> 13:43:53---Thanks Edward Zhang,]Sujay M ---2012-11-19
> 13:43:53---Thanks Edward Zhang,
> *Sujay M <**sujay.m17@xxxxxxxxx* <sujay.m17@xxxxxxxxx>*>*
>
> 2012-11-19 13:43
> To
> Hua ZZ Zhang/China/IBM@IBMCN
> cc
> *openstack@xxxxxxxxxxxxxxxxxxx* <openstack@xxxxxxxxxxxxxxxxxxx>,
> openstack-bounces+zhuadl=*cn.ibm.com@xxxxxxxxxxxxxxxxxxx*<cn.ibm.com@xxxxxxxxxxxxxxxxxxx>,
> *openstack-dev@xxxxxxxxxxxxxxxxxxx*<openstack-dev@xxxxxxxxxxxxxxxxxxx>,
> *openstack-operators@xxxxxxxxxxxxxxxxxxx*<openstack-operators@xxxxxxxxxxxxxxxxxxx>
> Subject
> Re: [Openstack] [Swift] Public Container's file listing
>
> Thanks Edward Zhang,
>
>
> >>"You can implement access control for objects either for users or
> accounts using XContainer-
> Read: accountname and X-Container-Write: accountname:username, which
> allows any user from the accountname account to read but only allows
> the username
> user from the accountname account to write."
>
> How do i create users in a account? Currently i have only admin:admin
> account with password admin.(one user per account)
>
>
>
> >>"You can also grant public access to objects stored in OpenStack
> Object Storage but also limit
> public access using the Referer header to prevent site-based content
> theft such as hot-linking
> (for example, linking to an image filefrom off-site and therefore
> using other's bandwidth).
> The public container settings are used as the default authorization
> over access control lists.
> For example, using X-Container-Read:referer:any allows anyone to read
> from the container regardless
> of other authorization settings.
>
> Can i give public access that allows anyone to store/write the objects
> into a container. I have used referer for making container as public
> '.r:*'. Is there anything like this for write?
>
>
> On 19 November 2012 10:36, Hua ZZ Zhang <*zhuadl@xxxxxxxxxx*<zhuadl@xxxxxxxxxx>>
> wrote:
> "You can implement access control for objects either for users or
> accounts using XContainer-
> Read: accountname and X-Container-Write: accountname:username, which
> allows any user from the accountname account to read but only
> allows the username
> user from the accountname account to write."
>
> "You can also grant public access to objects stored in OpenStack
> Object Storage but also limit
> public access using the Referer header to prevent site-based
> content theft such as hot-linking
> (for example, linking to an image filefrom off-site and therefore
> using other's bandwidth).
> The public container settings are used as the default authorization
> over access control lists.
> For example, using X-Container-Read:referer:any allows anyone to
> read from the container regardless
> of other authorization settings."*
>
> Best Regards, *
>
> ------------------------------
> *Edward Zhang(张华)*
>
> [image: Inactive hide details for Sujay M ---2012-11-19
> 11:59:55---Hi all,]Sujay M ---2012-11-19 11:59:55---Hi all,
> *Sujay M <**sujay.m17@xxxxxxxxx* <sujay.m17@xxxxxxxxx>*>*
> Sent by: openstack-bounces+zhuadl=*cn.ibm.com@xxxxxxxxxxxxxxxxxxx
> * <cn.ibm.com@xxxxxxxxxxxxxxxxxxx>
>
> 2012-11-19 11:59
> To
> *openstack-operators@xxxxxxxxxxxxxxxxxxx*<openstack-operators@xxxxxxxxxxxxxxxxxxx>,
> *openstack@xxxxxxxxxxxxxxxxxxx* <openstack@xxxxxxxxxxxxxxxxxxx>,
> *openstack-dev@xxxxxxxxxxxxxxxxxxx*<openstack-dev@xxxxxxxxxxxxxxxxxxx>
> cc
> Subject
> [Openstack] [Swift] Public Container's file listing
>
> Hi all,
>
> Currently it is showing Unauthorized if i give only public
> container name for listing of files in the public Container
>
> *192.168.56.20:8080/v1/AUTH_test/publicContainer/*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer/>
>
>
> *192.168.56.20:8080/v1/AUTH_test/publicContainer*<http://192.168.56.20:8080/v1/AUTH_test/publicContainer>
>
>
> Unauthorized
>
> Is there any way i can list the files publicly? Thanks in advance
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> _______________________________________________
> Mailing list: *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
> Post to : *openstack@xxxxxxxxxxxxxxxxxxx*<openstack@xxxxxxxxxxxxxxxxxxx>
> Unsubscribe : *https://launchpad.net/~openstack*<https://launchpad.net/~openstack>
> More help : *https://help.launchpad.net/ListHelp*<https://help.launchpad.net/ListHelp>
>
>
>
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> *(See attached file: pic23265.gif)*
>
>
>
>
>
> --
> Best Regards,
>
> Sujay M
> Final year B.Tech
> Computer Engineering
> NITK Surathkal
>
> contact: +918971897571
> [附件 "pic15750.gif" 被 Hua ZZ Zhang/China/IBM 删除]
>
>
--
Best Regards,
Sujay M
Final year B.Tech
Computer Engineering
NITK Surathkal
contact: +918971897571
References