openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #23171
Re: Configuring tempurl in Openstack Swift
Oh cool.. Didn't know about this. Will try this out.
On Tue, Apr 30, 2013 at 1:37 PM, Samuel Merritt <sam@xxxxxxxxxxxxxx> wrote:
> The tempurl key is just a metadata attribute on the account with a
> particular name. swiftclient already supports setting metadata on accounts
> (and containers and objects); no changes are needed.
>
> $ swift post -m temp-url-key:**correcthorsebatterystaple
>
>
> On 4/30/13 10:43 AM, Shrinand Javadekar wrote:
>
>> Thanks for the reply John.
>>
>> We have seen a few customers struggle when setting up tempurl. Its easy
>> to make them edit the proxy-server.conf file. But explaining the second
>> step is a bit tedious and error-prone. I've been thinking of having a
>> python script that does this. But something official would be better.
>>
>> Would it be a good idea to add capability to the swift command line
>> utility to configure tempurl?
>>
>>
>> On Mon, Apr 29, 2013 at 8:48 PM, John Dickinson <me@xxxxxx
>> <mailto:me@xxxxxx>> wrote:
>>
>> There are no plans to change the current implementation of tempurl.
>>
>> In order to generate a tempurl that can be validated without relying
>> on a network call to a centralized authority service, the owner and
>> the service must have a shared secret. In the tempurl feature, this
>> shared secret is set as a metadata key on the account. This allows
>> the content owner to generate as many keys as necessary (without
>> having to call an external service) and allows Swift to validate
>> each one (without calling an external service).
>>
>> Note that an auth token is only needed in order to save the shared
>> secret in the account metadata. Once the shared secret is set,
>> neither the owner of the content nor the user of the tempurl (ie
>> someone otherwise without access to the swift cluster) need a valid
>> auth token to generate or use a tempurl.
>>
>> The only official docs for tempurl are at
>> http://docs.openstack.org/**developer/swift/misc.html#**
>> module-swift.common.**middleware.tempurl<http://docs.openstack.org/developer/swift/misc.html#module-swift.common.middleware.tempurl>
>> (We should probably have some docs written for
>> http://docs.openstack.org/api/**openstack-object-storage/1.0/**
>> content/<http://docs.openstack.org/api/openstack-object-storage/1.0/content/>
>> on this feature.)
>>
>> --John
>>
>>
>>
>> On Apr 29, 2013, at 5:26 PM, Shrinand Javadekar
>> <shrinand@xxxxxxxxxxxxxx <mailto:shrinand@maginatics.**com<shrinand@xxxxxxxxxxxxxx>>>
>> wrote:
>>
>> > Hi,
>> >
>> > Configuring tempurl in openstack Swift requires two steps:
>> >
>> > 1) Adding tempurl to the pipeline in proxy-server.conf
>> > 2) Setting the tempurl key on the account.
>> >
>> > Step #1 above is fairly straight forward. However, step #2 is
>> slightly complicated; at least as per [1]. It requires first
>> authenticating the user and getting an auth token. Then make an http
>> request with the X-Meta-Tempurl-key header to set the tempurl key.
>> >
>> > Are there easier ways to do this? If not, is it on the roadmap to
>> do this easily?
>> >
>> > Thanks in advance.
>> > -Shri
>> >
>> > [1]
>> http://failverse.com/using-**temporary-urls-on-rackspace-**
>> cloud-files/<http://failverse.com/using-temporary-urls-on-rackspace-cloud-files/>
>> >
>> > ______________________________**_________________
>> > Mailing list: https://launchpad.net/~**openstack<https://launchpad.net/~openstack>
>> > Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> <mailto:openstack@lists.**launchpad.net<openstack@xxxxxxxxxxxxxxxxxxx>
>> >
>>
>> > Unsubscribe : https://launchpad.net/~**openstack<https://launchpad.net/~openstack>
>> > More help : https://help.launchpad.net/**ListHelp<https://help.launchpad.net/ListHelp>
>>
>>
>>
>>
>> ______________________________**_________________
>> Mailing list: https://launchpad.net/~**openstack<https://launchpad.net/~openstack>
>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~**openstack<https://launchpad.net/~openstack>
>> More help : https://help.launchpad.net/**ListHelp<https://help.launchpad.net/ListHelp>
>>
>>
>
References