← Back to team overview

openstack team mailing list archive

Improved browser-based access to Swift


We've been offering public object store services for roughly half a year
now. In the past few months, we received a wide range of responses from our
customers. Tech-savvy customers are very happy with this offering, and
quite a few are busy migrating their existing storage solutions to our
object store.

However, we find that several customers, especially those coming from
shared hosting solutions, struggle to grasp the abstract ideas behind
object storage. They struggle with two things: authentication against
keystone, which they consider too complicated, and having a user interface
that is totally distinct from the actual object store.

To help these users, we've developed two middleware projects:
swift_basicauth and better_staticweb. swift_basicauth allows web browsers
and general purpose HTTP clients to access object stores, without having to
contact keystone. The middleware interprets the authentication, and then
fetches a token based on that authentication. With that token, the rest of
the request is processed. This enables a wide range of HTTP clients to
access the object store. While the primary aim was unlocking the
objectstore for web-browsers, we quickly discovered the convenience of
using it with curl: "curl --user uid:pwd -X PUT "
https://static.example.net/the_file"; -T the_file".

The second middleware we developed was named better_staticweb (sorry for
the pretentious name). It is similar to static-web, in fact is is mostly
compatible. However, web-listings is enabled by default, even for
authenticated access (useful in combination with basic auth). It enables
the user to visualize his object store as a less-abstract concept.
Better_staticweb looks at the http Accept header to determine whether or
not to respond with a listing. It still listens to the same meta-headers,
but it assumes different defaults. We've gone through quite a bit of
testing to guarantee that it doesn't interfere with regular API usage.

Both middleware projects are released under the Apache 2.0 licence, and can
be found on our github page:


Koert van der Veer - Senior Developer @ CloudVPS
CloudVPS - High Availability Cloud Solutions
w: http://www.cloudvps.com/
m: koert@xxxxxxxxxxxx

Follow ups