Ceph » rgw

We are able to create a bucket and then apply a CORS configuration to the bucket. We are then able to create a pre-generated PUT url that we then send back to the client (hosted on a different domain). However, the CORS preflight (Options) request fails with 403. 403 usually signifies a signature mismatch. Against AWS our code works great. However, Ceph fails on the OPTIONS request with 403. Since the OPTIONS fails, CORS fails. We tracked it down (we think) to a possible flaw in RADOSGW in how it creates the auth header...it doesnt match the signing process used by the amazon SDK. For example:

AWS Java auth hdr that gets signed:

PUT

image/jpeg
1404252781
x-amz-meta-origfile:Desert.jpg
/virbsupport/78946140-4638-4338-b765-6f701c453a89?response-content-disposition=attachment; filename=Desert.jpg

And in Ceph debug logs:

OPTIONS

1404252781
/virbsupport/78946140-4638-4338-b765-6f701c453a89?response-content-disposition=attachment; filename=Desert.jpg

Obviously we are missing the Content-Type and any "x-amz-meta*" header that was supposed to be included. Those we could potentially live without and we could just not include them on the original pregenerated url. However, notice the method. RADOSGW I think should be using the "Access-Control-Request-Method" as the method in the signature...not the actual OPTIONS method being used for the preflight request.

We are running 0.80 on centos.