Hi Chmouel, The code looks good (+1 it for allowing anonymous access), but specifically for tempurl support, we will still need to validate the user's identity. The only difference is that we will validate the user's identity via a signature vs a token. We still need to validate that the assumed identity does indeed have access to the given container (i.e., you cannot give someone access to a container you yourself do not have access to via the tempurl mechanism).
More on the BP here: http://wiki.openstack.org/Projects/IncubatorApplication/Keystone?action=AttachFile&do=get&target=Tempurl+blueprint+proposal Thanks, Liem -----Original Message----- From: openstack-bounces+liem_m_nguyen=hp....@lists.launchpad.net [mailto:openstack-bounces+liem_m_nguyen=hp....@lists.launchpad.net] On Behalf Of Chmouel Boudjnah Sent: Tuesday, May 15, 2012 8:46 AM To: Rouault, Jason (Cloud Services) Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] Swift: tempURL On Tue, May 15, 2012 at 4:46 PM, Rouault, Jason (Cloud Services) <jason.roua...@hp.com> wrote: > There is a blueprint for this work in Keystone Folsom Review is up: https://review.openstack.org/7446 Chmouel. _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
