Feature #6568
openceph-rest-api authentication
0%
Description
Hi All,
When using the radosgw admin API, I have to provide an AWS authorization header to requests and also ensure that the user I've built the header with has the necessary capabilities. Using the ceph-rest-api on the other hand, I am able to make requests without providing an authorization header.
Whilst I can run ceph-rest-api through Apache (or similar) and have that perform authentication, it would be nice to use the same user database that exists for radosgw. Also, the ceph-rest-api exposes a lot of destructive capabilities, so having it locked down by default would probably be advantageous.
Are there any existing plans to include authorization into the ceph-rest-api, and if not can we get this added to your feature backlog?
Thank you in advance for your assistance.
Regards,
Matt