Re: [Openstack] [Swift] Public Container's file listing
Is this the correct general format? user_username_grpname = password The tempauth format is user_accountname_username = password Is there any way where i can list the containers in a account? I don't see the possibility of doing this without code change. Does .rlistings do the same job as staticweb? IMO, .rlistings directive is implemented as ACL. Staticweb middleware are using customerized metadata web-listings: true to enable listing objects in static web page. But you can get listings in staticweb without setting directive inside of the ACL. If you want to support API level of public listing container, you should use .rlisting directive. Best Regards, Edward Zhang(张华) Sujay M sujay.m17@gmail. com To Hua ZZ Zhang/China/IBM@IBMCN 2012-11-19 15:32 cc openstack@lists.launchpad.net openstack@lists.launchpad.net, openstack-bounces +zhuadl=cn.ibm.com@lists.launchpad. net, openstack-...@lists.openstack.org, openstack-operators@lists.openstack .org Subject Re: [Openstack] [Swift] Public Container's file listing if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using command keystone user-create ... I am using tempauth where i'm specifying all the account details as below [filter:tempauth] use = egg:swift#tempauth user_admin_admin = admin .admin .reseller_admin user_test_tester = testing .admin user_test2_tester2 = testing2 .admin user_test_tester3 = testing3 Is this the correct general format? user_username_grpname = password For object public write, it seems that the referer is not allowed in ACL: swift post -w '.r:*' publicContainer Don't forget to add directive .rlistings to allow listing the whole public container: swift post -r '.r:*,.rlistings' publicContainer thanks. (Does .rlistings do the same job as staticweb?) On 19 November 2012 11:59, Hua ZZ Zhang zhu...@cn.ibm.com wrote: if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using command keystone user-create ... For object public write, it seems that the referer is not allowed in ACL: swift post -w '.r:*' publicContainer Best Regards, Edward Zhang(张华)地址:北京市海淀区东北旺西路8号 Advisory Software Engineer中关村软件园28号楼 环宇大厦3层 Software Standards Open 邮编:100193 Source Software Address: 3F Ring, Building 28 Emerging Technology Institute Zhongguancun Software Park, 8 (ETI) Dongbeiwang West Road, Haidian IBM China Software DevelopmentDistrict, Beijing, P.R.C.100193 Lab
Re: [Openstack] [Swift] Public Container's file listing
Edward Zhang, thanks a lot for clarifying some of my doubts. On 19 November 2012 15:22, Hua ZZ Zhang zhu...@cn.ibm.com wrote: *Is this the correct general format?* *user_username_grpname = password* The tempauth format is *user_accountname_username = password* *Is there any way where i can list the containers in a account?* I don't see the possibility of doing this without code change. *Does .rlistings do the same job as staticweb?* IMO, .rlistings directive is implemented as ACL. Staticweb middleware are using customerized metadata web-listings: true to enable listing objects in static web page. But you can get listings in staticweb without setting directive inside of the ACL. If you want to support API level of public listing container, you should use .rlisting directive. *Best Regards, * -- *Edward Zhang(张华)* [image: Inactive hide details for Sujay M ---2012-11-19 15:32:36---if you are using keystone as Swift authentication, you can create]Sujay M ---2012-11-19 15:32:36---if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using comma *Sujay M sujay@gmail.com* 2012-11-19 15:32 To Hua ZZ Zhang/China/IBM@IBMCN cc openstack@lists.launchpad.net openstack@lists.launchpad.net, openstack-bounces+zhuadl=cn.ibm@lists.launchpad.net, openstack-...@lists.openstack.org, openstack-operat...@lists.openstack.org Subject Re: [Openstack] [Swift] Public Container's file listing *if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using command keystone user-create ...* *I am using tempauth where i'm specifying all the account details as below * *[filter:tempauth]* *use = egg:swift#tempauth* *user_admin_admin = admin .admin .reseller_admin* *user_test_tester = testing .admin* *user_test2_tester2 = testing2 .admin* *user_test_tester3 = testing3* *Is this the correct general format?* *user_username_grpname = password* For object public write, it seems that the referer is not allowed in ACL: * swift post -w '.r:*' publicContainer* Don't forget to add directive .rlistings to allow listing the whole public container:* swift post -r '.r:*,.rlistings' publicContainer* *thanks. (Does .rlistings do the same job as staticweb?)* On 19 November 2012 11:59, Hua ZZ Zhang *zhu...@cn.ibm.com*zhu...@cn.ibm.com wrote: if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using command * keystone user-create ...* For object public write, it seems that the referer is not allowed in ACL: * swift post -w '.r:*' publicContainer* * Best Regards, * -- *Edward Zhang(张华)* Advisory Software Engineer Software Standards Open Source Software Emerging Technology Institute(ETI) IBM China Software Development Lab e-mail: *zhu...@cn.ibm.com* zhu...@cn.ibm.com Notes ID: Hua ZZ Zhang/China/IBM Tel: 86-10-82450483 地址:北京市海淀区东北旺西路8号 中关村软件园28号楼 环宇大厦3层 邮编:100193 Address: 3F Ring, Building 28 Zhongguancun Software Park, 8 Dongbeiwang West Road, Haidian District, Beijing, P.R.C.100193 [image: Inactive hide details for Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang,]Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang, *Sujay M **sujay@gmail.com* sujay@gmail.com** 2012-11-19 13:43 To Hua ZZ Zhang/China/IBM@IBMCN cc *openstack@lists.launchpad.net* openstack@lists.launchpad.net, openstack-bounces+zhuadl=*cn.ibm@lists.launchpad.net*cn.ibm@lists.launchpad.net, *openstack-...@lists.openstack.org*openstack-...@lists.openstack.org, *openstack-operat...@lists.openstack.org*openstack-operat...@lists.openstack.org Subject Re: [Openstack] [Swift] Public Container's file listing Thanks Edward Zhang, You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. How do i create users in a account? Currently i have only admin:admin account with password admin.(one user per account) You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows
[Openstack] [Swift] Public Container's file listing
Hi all, Currently it is showing Unauthorized if i give only public container name for listing of files in the public Container 192.168.56.20:8080/v1/AUTH_test/publicContainer/ 192.168.56.20:8080/v1/AUTH_test/publicContainer Unauthorized Is there any way i can list the files publicly? Thanks in advance -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Public Container's file listing
You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Best Regards, Edward Zhang(张华) Sujay M sujay.m17@gmail. com To Sent by: openstack-operators@lists.openstack openstack-bounces .org, +zhuadl=cn.ibm.co openstack@lists.launchpad.net, m@lists.launchpad openstack-...@lists.openstack.org .net cc Subject 2012-11-19 11:59 [Openstack] [Swift] Public Container's file listing Hi all, Currently it is showing Unauthorized if i give only public container name for listing of files in the public Container 192.168.56.20:8080/v1/AUTH_test/publicContainer/ 192.168.56.20:8080/v1/AUTH_test/publicContainer Unauthorized Is there any way i can list the files publicly? Thanks in advance -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp inline: ecblank.gifinline: 32390508.gifinline: graycol.gifinline: pic23265.gif___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Public Container's file listing
Thanks Edward Zhang, You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. How do i create users in a account? Currently i have only admin:admin account with password admin.(one user per account) You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Can i give public access that allows anyone to store/write the objects into a container. I have used referer for making container as public '.r:*'. Is there anything like this for write? On 19 November 2012 10:36, Hua ZZ Zhang zhu...@cn.ibm.com wrote: You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. *Best Regards, * -- *Edward Zhang(张华)* [image: Inactive hide details for Sujay M ---2012-11-19 11:59:55---Hi all,]Sujay M ---2012-11-19 11:59:55---Hi all, *Sujay M sujay@gmail.com* Sent by: openstack-bounces+zhuadl=cn.ibm@lists.launchpad.net 2012-11-19 11:59 To openstack-operat...@lists.openstack.org, openstack@lists.launchpad.net, openstack-...@lists.openstack.org cc Subject [Openstack] [Swift] Public Container's file listing Hi all, Currently it is showing Unauthorized if i give only public container name for listing of files in the public Container *192.168.56.20:8080/v1/AUTH_test/publicContainer/*http://192.168.56.20:8080/v1/AUTH_test/publicContainer/ *192.168.56.20:8080/v1/AUTH_test/publicContainer*http://192.168.56.20:8080/v1/AUTH_test/publicContainer Unauthorized Is there any way i can list the files publicly? Thanks in advance -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 ___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 graycol.gif32390508.gifpic23265.gifecblank.gif___ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
Re: [Openstack] [Swift] Public Container's file listing
if you are using keystone as Swift authentication, you can create user in an account(project) through horizion or using command keystone user-create ... For object public write, it seems that the referer is not allowed in ACL: swift post -w '.r:*' publicContainer Best Regards, Edward Zhang(张华)地址:北京市海淀区东北旺西路8号 中关村 Advisory Software Engineer软件园28号楼 环宇大厦3层 邮编:100193 Software Standards Open Source Address: 3F Ring, Building 28 Software Zhongguancun Software Park, 8 Emerging Technology Institute(ETI)Dongbeiwang West Road, Haidian IBM China Software Development LabDistrict, Beijing, P.R.C.100193 e-mail: zhu...@cn.ibm.com Notes ID: Hua ZZ Zhang/China/IBM Tel: 86-10-82450483 Sujay M sujay.m17@gmail. com To Hua ZZ Zhang/China/IBM@IBMCN 2012-11-19 13:43 cc openstack@lists.launchpad.net, openstack-bounces +zhuadl=cn.ibm.com@lists.launchpad. net, openstack-...@lists.openstack.org, openstack-operators@lists.openstack .org Subject Re: [Openstack] [Swift] Public Container's file listing Thanks Edward Zhang, You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. How do i create users in a account? Currently i have only admin:admin account with password admin.(one user per account) You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Can i give public access that allows anyone to store/write the objects into a container. I have used referer for making container as public '.r:*'. Is there anything like this for write? On 19 November 2012 10:36, Hua ZZ Zhang zhu...@cn.ibm.com wrote: You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off
Re: [Openstack] [Swift] Public Container's file listing
Don't forget to add directive .rlistings to allow listing the whole public container: swift post -r '.r:*,.rlistings' publicContainer Best Regards, Edward Zhang(张华) Sujay M sujay.m17@gmail. com To Hua ZZ Zhang/China/IBM@IBMCN 2012-11-19 13:43 cc openstack@lists.launchpad.net, openstack-bounces +zhuadl=cn.ibm.com@lists.launchpad. net, openstack-...@lists.openstack.org, openstack-operators@lists.openstack .org Subject Re: [Openstack] [Swift] Public Container's file listing Thanks Edward Zhang, You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. How do i create users in a account? Currently i have only admin:admin account with password admin.(one user per account) You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Can i give public access that allows anyone to store/write the objects into a container. I have used referer for making container as public '.r:*'. Is there anything like this for write? On 19 November 2012 10:36, Hua ZZ Zhang zhu...@cn.ibm.com wrote: You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Best Regards, Inactive hide details for Sujay M ---2012-11-19 11:59:55---Hi all,Sujay M ---2012-11-19 11:59:55---Hi all, Sujay M
Re: [Openstack] [Swift] Public Container's file listing
Thanks Edward Zhang, I tried .rlistings, it gives a XML of list of objects. Like this, Is there any way where i can list the containers in a account? On 19 November 2012 12:07, Hua ZZ Zhang zhu...@cn.ibm.com wrote: Don't forget to add directive .rlistings to allow listing the whole public container: *swift post -r '.r:*,.rlistings' publicContainer* *Best Regards, * -- *Edward Zhang(张华)* [image: Inactive hide details for Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang,]Sujay M ---2012-11-19 13:43:53---Thanks Edward Zhang, *Sujay M sujay@gmail.com* 2012-11-19 13:43 To Hua ZZ Zhang/China/IBM@IBMCN cc openstack@lists.launchpad.net, openstack-bounces+zhuadl= cn.ibm@lists.launchpad.net, openstack-...@lists.openstack.org, openstack-operat...@lists.openstack.org Subject Re: [Openstack] [Swift] Public Container's file listing Thanks Edward Zhang, You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. How do i create users in a account? Currently i have only admin:admin account with password admin.(one user per account) You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. Can i give public access that allows anyone to store/write the objects into a container. I have used referer for making container as public '.r:*'. Is there anything like this for write? On 19 November 2012 10:36, Hua ZZ Zhang *zhu...@cn.ibm.com*zhu...@cn.ibm.com wrote: You can implement access control for objects either for users or accounts using XContainer- Read: accountname and X-Container-Write: accountname:username, which allows any user from the accountname account to read but only allows the username user from the accountname account to write. You can also grant public access to objects stored in OpenStack Object Storage but also limit public access using the Referer header to prevent site-based content theft such as hot-linking (for example, linking to an image filefrom off-site and therefore using other's bandwidth). The public container settings are used as the default authorization over access control lists. For example, using X-Container-Read:referer:any allows anyone to read from the container regardless of other authorization settings. * Best Regards, * -- [image: Inactive hide details for Sujay M ---2012-11-19 11:59:55---Hi all,]Sujay M ---2012-11-19 11:59:55---Hi all, *Sujay M **sujay@gmail.com* sujay@gmail.com** Sent by: openstack-bounces+zhuadl=*cn.ibm@lists.launchpad.net*cn.ibm@lists.launchpad.net 2012-11-19 11:59 To *openstack-operat...@lists.openstack.org*openstack-operat...@lists.openstack.org, *openstack@lists.launchpad.net* openstack@lists.launchpad.net, * openstack-...@lists.openstack.org*openstack-...@lists.openstack.org cc Subject [Openstack] [Swift] Public Container's file listing Hi all, Currently it is showing Unauthorized if i give only public container name for listing of files in the public Container *192.168.56.20:8080/v1/AUTH_test/publicContainer/*http://192.168.56.20:8080/v1/AUTH_test/publicContainer/ *192.168.56.20:8080/v1/AUTH_test/publicContainer*http://192.168.56.20:8080/v1/AUTH_test/publicContainer Unauthorized Is there any way i can list the files publicly? Thanks in advance -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 ___ Mailing list: *https://launchpad.net/~openstack*https://launchpad.net/~openstack Post to : *openstack@lists.launchpad.net*openstack@lists.launchpad.net Unsubscribe : *https://launchpad.net/~openstack*https://launchpad.net/~openstack More help : *https://help.launchpad.net/ListHelp*https://help.launchpad.net/ListHelp -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK Surathkal contact: +918971897571 [附件 pic23265.gif 被 Hua ZZ Zhang/China/IBM 删除] -- Best Regards, Sujay M Final year B.Tech Computer Engineering NITK