[
https://issues.apache.org/jira/browse/JCLOUDS-196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13753801#comment-13753801
]
Andrew Gaul commented on JCLOUDS-196:
-------------------------------------
I propose that by default jclouds use temp_url_sig for all signing methods and
provide a default value for the non-timeout variants. When users set some
SwiftConstants.USE_TEMP_URL_SIG property to false, jclouds uses the legacy
mechanism or throws UnsupportedOperationException for the signing methods it
cannot support, e.g., the timeout variant.
Alternatively, we could just use temp_url_sig exclusively and see if any users
report a need for the legacy mechanism.
> Swift signGetBlob and signPutBlob implementations differ between two- and
> three-argument calls
> ----------------------------------------------------------------------------------------------
>
> Key: JCLOUDS-196
> URL: https://issues.apache.org/jira/browse/JCLOUDS-196
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-blobstore
> Affects Versions: 1.6.1
> Reporter: Andrew Gaul
>
> The two-argument Swift signGetBlob and signPutBlob methods use the legacy
> shared secret X-Auth-Token to authenticate client requests while the
> three-argument methods use the more secure temp_url_sig mechanism. We should
> default both calls to the secure mechanism and provide a property to override
> for older Swift installations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
