quick observation. Why are you running the last command with local ip address i.e (127.0.0.1) http://127.0.0.1:8080<http://127.0.0.1:8080/v1/AUTH_$tenantTest1/foo>. Can you run this with your appropriate IP ?
-Dheerendra On Tue, Nov 12, 2013 at 10:09 PM, <[email protected]> wrote: > Hi all, > > I use Openstack Havana (Storage + Identity) > > I encountered some problems when i set permissions (ACLs) on Openstack > Swift containers. > > My swift proxy-server.conf is here: > http://pastebin.com/0hpfebNp > > My keystone.conf is here: > http://pastebin.com/VUGYbcM5 > > I have the token of test1:test1 and test2:test2 > > curl -s -H 'Content-type: application/json' \ > -d '{"auth": {"tenantName": "test1", "passwordCredentials": > {"username": "test1", "password": "test1"}}}' \ > http://192.168.3.100:5000/v2.0/tokens | python -mjson.tool > > > curl -s -H 'Content-type: application/json' \ > -d '{"auth": {"tenantName": "test2", "passwordCredentials": > {"username": "test2", "password": "test2"}}}' \ > http://192.168.3.100:5000/v2.0/tokens | python -mjson.tool > > Then,enable read access to test2:test2 > > curl -i -X PUT -H "X-Auth-Token: $tokenTest1" \ > -H "X-Container-Read:test2:test2" \ > -H "X-Container-Write: test2:test2" \ > http://192.168.3.100:8080/v1/AUTH_$tenantTest1/foo > > Check the permission of the container: > > curl -k -v -H "X-Auth-Token:$tokenTest1" \ > http://192.168.3.100:8080/v1/AUTH_$tenantTest1/foo > > This is the reply of the operation: > HTTP/1.1 204 No Content > < Content-Length: 0 > < X-Container-Object-Count: 0 > < X-Container-Write: test2:test2 > < Accept-Ranges: bytes > < X-Timestamp: 1384268871.16508 > < X-Container-Read: test2:test2 > < X-Container-Bytes-Used: 0 > < Content-Type: text/html; charset=UTF-8 > < Date: Tue, 12 Nov 2013 16:30:16 GMT > > Now,the user test2:test2 visit the container of test1:test1 > > curl -k -v -H 'X-Auth-Token:$tokenTest2' \ > http://127.0.0.1:8080/v1/AUTH_$tenantTest1/foo > > < HTTP/1.1 403 Forbidden > < Content-Length: 73 > < Content-Type: text/html; charset=UTF-8 > < Date: Tue, 12 Nov 2013 16:34:24 GMT > < Connection: close > < > * Closing connection 0 > <html><h1>Forbidden</h1><p>Access was denied to this resource.</p></html> > > While,I got 403 error.Can someone help me? > > > Best Regards > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > Post to : [email protected] > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
