Bug #9155
Swift Subuser - 403 Forbidden - during upload/post
0%
Description
Swift Upload fails with HTTP error 403 for an subuser that was created with the required permissions. This happens generally when creating the SWIFT key for the first subuser. Although, (radosgw-admin user info) displays the correct user information; the subuser is not listed as part of .users.swift pool; causing permission to be denied and returning an 403 error. The subuser is entered as a "blank"/empty string in the .users.swift pool.
one can infact use a blank string as the swift user(subuser) and do uploads/posts but not as the subuser specified or as shown in the "radosgw-admin user info"
This issue is seen in firefly and some users have reported about the same on the users mailing list.
Fix:
generate an id(access_key) during SWIFT key creation for the subuser.
Due to some changes done previously(post ceph 0.78) the id is set to an empty string/blank and not set to the user:subuser - expected id. This empty id gets added to the .users.swift pool instead of the expected id - causing a 403 error - when user tries to do uploads/posts via swift with the provided subuser i.e. user:subuser.
I have made the changes and tested the fix; will be raising the git pull request for the same in sometime
Related issues
History
#1 Updated by Yehuda Sadeh over 9 years ago
That's duplicate of #8587, a pull request for your fix would be great.
#2 Updated by Dhiraj Kamble over 9 years ago
Here's the pull request:
[[https://github.com/ceph/ceph/pull/2281]]
#3 Updated by Yehuda Sadeh over 9 years ago
I pushed a different fix to wip-8587, please take a look and see if you think it makes sense.
#4 Updated by Dhiraj Kamble over 9 years ago
made a comment on your proposed fix.
#5 Updated by Yehuda Sadeh over 9 years ago
- Status changed from New to 12