Ceph » rgw

thanks for the log. my understanding of 'implicit tenants' is that we use the tenant name from the authenticated user. but this OPTIONS request is unauthenticated, so we have no way to know which tenant to use when looking up the bucket metadata

Thank for chiming in, yes this one uses anonymous and should not check permissions further imho, but others cors related reqs are failing as well, after checking cors policy if goes to check permission and fails, returns -2002 and 404 to the requestor. Will add logs for other methods here as well, it looks more like general issue. It all works perfectly with RGW local users. I do use test from s3test suite.

thanks Pawel. there was another CORS-related fix in https://tracker.ceph.com/issues/62033 that might be relevant there

yes, I was hoping it can help with more canonical approach, but on my Q build with this PR unfortunately it still doesn't work. I will collect more logs now.

Another weird behaviour here, when the bucket has cors policy set, it's not accessible from radosgw-admin commands as well, so there is maybe something messed with finding correect bucket entity, and not in permissions at all ?
https://gist.github.com/pejotes/298fce125901f3f64d90e67dbeb31f6b - debug_rgw 20.

Pawel Stefanski wrote:

Another weird behaviour here, when the bucket has cors policy set, it's not accessible from radosgw-admin commands as well

does that same 'bi list' command work if you remove the cors policy?