An alternative authentication system for Swift

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for onovy from gravatar.com onovy Avatar for openstackci from gravatar.com openstackci Avatar for peter.lisak from gravatar.com peter.lisak

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: OpenStack
Classifiers

Project description

Swauth

An Auth Service for Swift as WSGI Middleware that uses Swift itself as a backing store. Docs at: <https://swauth.readthedocs.io/> or ask in #openstack-swauth on freenode [IRC](http://eavesdrop.openstack.org/irclogs/%23openstack-swauth/).

See also <https://github.com/openstack/keystone> for the standard OpenStack auth service.

NOTE

Be sure to review the docs at: <https://swauth.readthedocs.io/>

Quick Install

  1. Install Swauth with sudo python setup.py install or sudo python setup.py develop or via whatever packaging system you may be using.

  2. Alter your proxy-server.conf pipeline to have swauth instead of tempauth:

    Was:

    [pipeline:main] pipeline = catch_errors cache tempauth proxy-server

    Change To:

    [pipeline:main] pipeline = catch_errors cache swauth proxy-server

  3. Add to your proxy-server.conf the section for the Swauth WSGI filter:

    [filter:swauth] use = egg:swauth#swauth set log_name = swauth super_admin_key = swauthkey

  4. Be sure your proxy server allows account management:

    [app:proxy-server] … allow_account_management = true

  5. Restart your proxy server swift-init proxy reload

  6. Initialize the Swauth backing store in Swift swauth-prep -K swauthkey

  7. Add an account/user swauth-add-user -A http://127.0.0.1:8080/auth/ -K swauthkey -a test tester testing

  8. Ensure it works swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat -v

Web Admin Install

  1. If you installed from packages, you’ll need to cd to the webadmin directory the package installed. This is /usr/share/doc/python-swauth/webadmin with the Lucid packages. If you installed from source, you’ll need to cd to the webadmin directory in the source directory.

  2. Upload the Web Admin files with swift -A http://127.0.0.1:8080/auth/v1.0 -U .super_admin:.super_admin -K swauthkey upload .webadmin .

  3. Open http://127.0.0.1:8080/auth/ in your browser.

Swift3 Middleware Compatibility

[Swift3 middleware](https://github.com/openstack/swift3) can be used with swauth when auth_type in swauth is configured to be Plaintext (default).

[pipeline:main] pipeline = catch_errors cache swift3 swauth proxy-server

It can be used with auth_type set to Sha1/Sha512 too but with certain caveats and security concern. Hence, s3 support is disabled by default and you have to explicitly enable it in your configuration. Refer to swift3 compatibility [section](https://swauth.readthedocs.io/en/latest/#swift3-middleware-compatibility) in documentation for further details

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for onovy from gravatar.com onovy Avatar for openstackci from gravatar.com openstackci Avatar for peter.lisak from gravatar.com peter.lisak

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: OpenStack
Classifiers

Release history Release notifications | RSS feed

1.3.0

This version

1.2.0

1.1.0

1.0.8

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swauth-1.2.0.tar.gz (162.1 kB view hashes)

Uploaded Source

Built Distribution

swauth-1.2.0-py2-none-any.whl (38.1 kB view hashes)

Uploaded Python 2

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page