[
https://issues.apache.org/jira/browse/JCLOUDS-196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13754142#comment-13754142
]
Andrew Phillips commented on JCLOUDS-196:
-----------------------------------------
> Alternatively, we could just use temp_url_sig exclusively and see if any
> users
> report a need for the legacy mechanism.
+1 for that. In fact, I'd probably go with renaming the constant to
USE_LEGACY_SHARED_TOKEN or something like that, and preferably deprecation the
methods that use it if nobody pipes up.
And thoughts on sending an email round to user@ proposing this change?
> Swift signGetBlob and signPutBlob implementations differ between two- and
> three-argument calls
> ----------------------------------------------------------------------------------------------
>
> Key: JCLOUDS-196
> URL: https://issues.apache.org/jira/browse/JCLOUDS-196
> Project: jclouds
> Issue Type: Bug
> Components: jclouds-blobstore
> Affects Versions: 1.6.1
> Reporter: Andrew Gaul
>
> The two-argument Swift signGetBlob and signPutBlob methods use the legacy
> shared secret X-Auth-Token to authenticate client requests while the
> three-argument methods use the more secure temp_url_sig mechanism. We should
> default both calls to the secure mechanism and provide a property to override
> for older Swift installations.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
