As a followup, additional info…
Both the admin and glance accounts, that successfully authenticate against
keystone, were created via the command line. Both accounts also have a tenant
of the same name as the user (probably irrelevant). All other user accounts
that have been created for
I think I'm figuring this out, then again maybe not. For general users, via
the command line, you need to specify your user id as tenant:username after
reading through the source (my Python is really rusty). So, when I try this I
now get a 403 Forbidden error. I had high hopes.
Just another
OK, is this a 'role' grant issue?
/ross
On Feb 22, 2012, at 2:52 PM, Lillie Ross-CDSR11 wrote:
I've successfully installed all OpenStack components with Keystone
authorization (well, mostly at least), but am now seeing an interesting problem
for new accounts (created in Dashboard).
Using my
OK.
Reading through the swiftkeystone2 (module that I'm using to support v2
authentication in swift's proxy configuration) source and documentation, I've
figured out the necessary roles that need to be applied to user's accounts and
ACLs to project containers to allow all combinations of
I've successfully installed all OpenStack components with Keystone
authorization (well, mostly at least), but am now seeing an interesting problem
for new accounts (created in Dashboard).
Using my admin account, I issue a swift stat command and get the expected
response back from swift-proxy:
5 matches
Mail list logo
