← Back to team overview

openstack team mailing list archive

Re: Improved browser-based access to Swift



Just looked through the code. Would like to add this to our solution but it seems to be hardcoded to keystone (we use swauth).

I might look into getting it working with swauth though - would be a nice addition.

Thanks for sharing!

Mvh / Best regards
Morten Møller Riis
Gigahost ApS

On Jul 18, 2013, at 10:20 PM, Koert van der Veer <koert@xxxxxxxxxxxx> wrote:

> We've been offering public object store services for roughly half a year now. In the past few months, we received a wide range of responses from our customers. Tech-savvy customers are very happy with this offering, and quite a few are busy migrating their existing storage solutions to our object store. 
> However, we find that several customers, especially those coming from shared hosting solutions, struggle to grasp the abstract ideas behind object storage. They struggle with two things: authentication against keystone, which they consider too complicated, and having a user interface that is totally distinct from the actual object store.
> To help these users, we've developed two middleware projects: swift_basicauth and better_staticweb. swift_basicauth allows web browsers and general purpose HTTP clients to access object stores, without having to contact keystone. The middleware interprets the authentication, and then fetches a token based on that authentication. With that token, the rest of the request is processed. This enables a wide range of HTTP clients to access the object store. While the primary aim was unlocking the objectstore for web-browsers, we quickly discovered the convenience of using it with curl: "curl --user uid:pwd -X PUT "https://static.example.net/the_file"; -T the_file".
> The second middleware we developed was named better_staticweb (sorry for the pretentious name). It is similar to static-web, in fact is is mostly compatible. However, web-listings is enabled by default, even for authenticated access (useful in combination with basic auth). It enables the user to visualize his object store as a less-abstract concept. Better_staticweb looks at the http Accept header to determine whether or not to respond with a listing. It still listens to the same meta-headers, but it assumes different defaults. We've gone through quite a bit of testing to guarantee that it doesn't interfere with regular API usage.
> Both middleware projects are released under the Apache 2.0 licence, and can be found on our github page:
> https://github.com/CloudVPS/better-staticweb
> https://github.com/CloudVPS/swift-basicauth
> --
> Koert van der Veer - Senior Developer @ CloudVPS
> CloudVPS - High Availability Cloud Solutions
> w: http://www.cloudvps.com/
> m: koert@xxxxxxxxxxxx
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp