[Cyberduck-trac] [Cyberduck] #5892: cyberduck with openstack-swift

Cyberduck trac at trac.cyberduck.ch
Sun Apr 10 17:16:50 CEST 2011 

#5892: cyberduck with openstack-swift
--------------------------+---------------------------
    Reporter:  btorch     |      Owner:  dkocher
        Type:  defect     |     Status:  new
    Priority:  normal     |  Milestone:
   Component:  openstack  |    Version:  4.0.2
    Severity:  normal     |   Keywords:
Architecture:  Intel      |   Platform:  Mac OS X 10.5
--------------------------+---------------------------
 First of, thank you very much for all the hard work you have put into this
 awesome app. I've had many people approach me asking for help with
 cyberduck and openstack-swift so I decided to try it out myself. It always
 worked in the past with our devauth authentication system.

 I've tried the following with openstack-swift 1.2.0 using swauth. When
 using devauth, the authentication step works fine but I believe devauth is
 getting deprecated on 1.3.0.

 What I have noticed from the cyberduck logs and my swift logs is that,
 When trying to swauth, cyberduck is passing only /v1.0 and not the whole
 "Path" value that is used in the connection configuration (Path =
 /auth/v1.0) therefore the swift precondition fails.

 GET /v1.0 HTTP/1.1
 x-auth-user: external:marcelo
 x-auth-key: XXXXXXXXX
 Host: auth.swift.domain.com:8443
 Connection: Keep-Alive
 User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
 HTTP/1.1 412 Precondition Failed
 Content-Type: text/html; charset=UTF-8
 Content-Length: 7
 Date: Sun, 10 Apr 2011 14:02:03 GMT
 Connection: keep-alive

 swift logs:
 Apr 10 14:02:03 swtester1 proxy-server %3A%3Affff%3A71.11.14.124 127.0.0.1
 10/Apr/2011/14/02/03 GET /v1.0 HTTP/1.0 412 -
 Cyberduck/4.0.2%20%28Mac%20OS%20X/10.5.8%29%20%28i386%29 - - - -
 tx5be478af-99b4-4df9-bf15-209b07e7daf6 - 0.0004



 When I change my swift system to use DevAuth, the authentication works but
 when trying to perform a GET on the StorageUrl that it receives back from
 auth, cyberduck seems to be using the same connection that it already has
 open on port 8443.

 On my environment I see that the GET request on the account is actually
 going to the DevAuth service when it should be going to
 https://swift.domain.com . I have also noticed that it also adds the /v1.0
 at the end of the StorageUrl but on the second try it removes that which
 means it would have probably worked if the request had been sent to 443
 and not 8443.


 GET /v1.0 HTTP/1.1
 x-auth-user: external:marcelo
 x-auth-key: XXXXXX
 Host: auth.swift.domain.com:8443
 Connection: Keep-Alive
 User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
 HTTP/1.1 204 No Content
 X-Storage-Url:
 https://swift.domain.com/v1/AUTH_50a8dbc55fb14808a3770b2e19599997
 X-Storage-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
 X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
 Content-Length: 0
 Date: Sun, 10 Apr 2011 14:22:01 GMT
 Connection: keep-alive

 GET
 /v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
 HTTP/1.1
 X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
 Host: swift.domain.com
 Connection: Keep-Alive
 User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
 HTTP/1.0 503 Service Unavailable
 Content-Type: text/html
 Content-Length: 53
 Expires: now
 Pragma: no-cache
 Cache-control: no-cache,no-store

 GET /v1/AUTH_50a8dbc55fb14808a3770b2e19599997?format=xml HTTP/1.1
 X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
 Host: swift.domain.com
 Connection: Keep-Alive
 User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
 HTTP/1.0 503 Service Unavailable
 Content-Type: text/html
 Content-Length: 53
 Expires: now
 Pragma: no-cache
 Cache-control: no-cache,no-store


 Apr 10 15:03:05 swtester1 pound: 12.11.13.24 GET /v1.0 HTTP/1.1 - HTTP/1.1
 204 No Content

 Apr 10 15:03:05 swtester1 pound: (7fa851125700) e503 no service "GET
 /v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
 HTTP/1.1" from 12.11.13.24

 Apr 10 15:04:07 swtester1 pound: (7fa851125700) e503 no service "GET
 /v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
 HTTP/1.1" from 12.11.13.24

 Apr 10 15:04:08 swtester1 pound: (7fa851125700) e503 no service "GET
 /v1/AUTH_50a8dbc55fb14808a3770b2e19599997?format=xml HTTP/1.1" from
 12.11.13.24



 In order to make sure that the request was indeed going to the auth system
 on port 8443, I had pound listen on 8443 and nginx listen on 443. Just to
 be double sure. The requests work fine when using curl to authenticate and
 retrieve account data/information.

-- 
Ticket URL: <http://trac.cyberduck.ch/ticket/5892>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.

More information about the Cyberduck-trac mailing list