diff options
| author | Yehuda Sadeh <yehuda@inktank.com> | 2012-10-30 12:39:29 -0700 |
|---|---|---|
| committer | Yehuda Sadeh <yehuda@inktank.com> | 2012-10-30 12:39:29 -0700 |
| commit | 44818eb0ba550e4c3fb88382b0a94a2b25602a4b (patch) | |
| tree | 78587d12e2d65e3ebb92b5555333bd58f7496a98 | |
| parent | bfc49049e36c006123295fb038361ae1b63f6ede (diff) | |
| download | ceph-44818eb0ba550e4c3fb88382b0a94a2b25602a4b.tar.gz | |
rgw: configurable swift auth url
This is relevant when using external swift v1 authentication. The
url was hard coded, now it's configurable.
Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>
| -rw-r--r-- | src/common/config_opts.h | 6 | ||||
| -rw-r--r-- | src/rgw/rgw_swift.cc | 9 |
2 files changed, 12 insertions, 3 deletions
diff --git a/src/common/config_opts.h b/src/common/config_opts.h index a49b9d76ecc..c6e8dc0ce99 100644 --- a/src/common/config_opts.h +++ b/src/common/config_opts.h @@ -409,14 +409,16 @@ OPTION(rbd_cache_size, OPT_LONGLONG, 32<<20) // cache size in bytes OPTION(rbd_cache_max_dirty, OPT_LONGLONG, 24<<20) // dirty limit in bytes - set to 0 for write-through caching OPTION(rbd_cache_target_dirty, OPT_LONGLONG, 16<<20) // target dirty limit in bytes OPTION(rbd_cache_max_dirty_age, OPT_FLOAT, 1.0) // seconds in cache before writeback starts + OPTION(rgw_data, OPT_STR, "/var/lib/ceph/radosgw/$cluster-$id") OPTION(rgw_enable_apis, OPT_STR, "s3, swift, swift_auth, admin") OPTION(rgw_cache_enabled, OPT_BOOL, true) // rgw cache enabled OPTION(rgw_cache_lru_size, OPT_INT, 10000) // num of entries in rgw cache OPTION(rgw_socket_path, OPT_STR, "") // path to unix domain socket, if not specified, rgw will not run as external fcgi OPTION(rgw_dns_name, OPT_STR, "") -OPTION(rgw_swift_url, OPT_STR, "") // -OPTION(rgw_swift_url_prefix, OPT_STR, "swift") // +OPTION(rgw_swift_url, OPT_STR, "") // the swift url, being published by the internal swift auth +OPTION(rgw_swift_url_prefix, OPT_STR, "swift") // entry point for which a url is considered a swift url +OPTION(rgw_swift_auth_url, OPT_STR, "") // default URL to go and verify tokens for v1 auth (if not using internal swift auth) OPTION(rgw_swift_auth_entry, OPT_STR, "auth") // entry point for which a url is considered a swift auth url OPTION(rgw_admin_entry, OPT_STR, "admin") // entry point for which a url is considered an admin request OPTION(rgw_enforce_swift_acls, OPT_BOOL, true) diff --git a/src/rgw/rgw_swift.cc b/src/rgw/rgw_swift.cc index e7f4035d56c..212fadb2105 100644 --- a/src/rgw/rgw_swift.cc +++ b/src/rgw/rgw_swift.cc @@ -60,7 +60,14 @@ static size_t read_http_header(void *ptr, size_t size, size_t nmemb, void *_info static int rgw_swift_validate_token(const char *token, struct rgw_swift_auth_info *info) { CURL *curl_handle; - string auth_url = "http://127.0.0.1:11000/token"; + + if (g_conf->rgw_swift_auth_url.empty()) + return -EINVAL; + + string auth_url = g_conf->rgw_swift_auth_url; + if (auth_url[auth_url.size() - 1] != '/') + auth_url.append("/"); + auth_url.append("token"); char url_buf[auth_url.size() + 1 + strlen(token) + 1]; sprintf(url_buf, "%s/%s", auth_url.c_str(), token); |