[Cyberduck-trac] [Cyberduck] #5892: cyberduck with openstack-swift
Cyberduck
trac at trac.cyberduck.ch
Sun Apr 10 17:16:50 CEST 2011
#5892: cyberduck with openstack-swift
--------------------------+---------------------------
Reporter: btorch | Owner: dkocher
Type: defect | Status: new
Priority: normal | Milestone:
Component: openstack | Version: 4.0.2
Severity: normal | Keywords:
Architecture: Intel | Platform: Mac OS X 10.5
--------------------------+---------------------------
First of, thank you very much for all the hard work you have put into this
awesome app. I've had many people approach me asking for help with
cyberduck and openstack-swift so I decided to try it out myself. It always
worked in the past with our devauth authentication system.
I've tried the following with openstack-swift 1.2.0 using swauth. When
using devauth, the authentication step works fine but I believe devauth is
getting deprecated on 1.3.0.
What I have noticed from the cyberduck logs and my swift logs is that,
When trying to swauth, cyberduck is passing only /v1.0 and not the whole
"Path" value that is used in the connection configuration (Path =
/auth/v1.0) therefore the swift precondition fails.
GET /v1.0 HTTP/1.1
x-auth-user: external:marcelo
x-auth-key: XXXXXXXXX
Host: auth.swift.domain.com:8443
Connection: Keep-Alive
User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
HTTP/1.1 412 Precondition Failed
Content-Type: text/html; charset=UTF-8
Content-Length: 7
Date: Sun, 10 Apr 2011 14:02:03 GMT
Connection: keep-alive
swift logs:
Apr 10 14:02:03 swtester1 proxy-server %3A%3Affff%3A71.11.14.124 127.0.0.1
10/Apr/2011/14/02/03 GET /v1.0 HTTP/1.0 412 -
Cyberduck/4.0.2%20%28Mac%20OS%20X/10.5.8%29%20%28i386%29 - - - -
tx5be478af-99b4-4df9-bf15-209b07e7daf6 - 0.0004
When I change my swift system to use DevAuth, the authentication works but
when trying to perform a GET on the StorageUrl that it receives back from
auth, cyberduck seems to be using the same connection that it already has
open on port 8443.
On my environment I see that the GET request on the account is actually
going to the DevAuth service when it should be going to
https://swift.domain.com . I have also noticed that it also adds the /v1.0
at the end of the StorageUrl but on the second try it removes that which
means it would have probably worked if the request had been sent to 443
and not 8443.
GET /v1.0 HTTP/1.1
x-auth-user: external:marcelo
x-auth-key: XXXXXX
Host: auth.swift.domain.com:8443
Connection: Keep-Alive
User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
HTTP/1.1 204 No Content
X-Storage-Url:
https://swift.domain.com/v1/AUTH_50a8dbc55fb14808a3770b2e19599997
X-Storage-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
Content-Length: 0
Date: Sun, 10 Apr 2011 14:22:01 GMT
Connection: keep-alive
GET
/v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
HTTP/1.1
X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
Host: swift.domain.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
HTTP/1.0 503 Service Unavailable
Content-Type: text/html
Content-Length: 53
Expires: now
Pragma: no-cache
Cache-control: no-cache,no-store
GET /v1/AUTH_50a8dbc55fb14808a3770b2e19599997?format=xml HTTP/1.1
X-Auth-Token: AUTH_tk23d87b5332554a8792b5c3940ea8b7e3
Host: swift.domain.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.0.2 (Mac OS X/10.5.8) (i386)
HTTP/1.0 503 Service Unavailable
Content-Type: text/html
Content-Length: 53
Expires: now
Pragma: no-cache
Cache-control: no-cache,no-store
Apr 10 15:03:05 swtester1 pound: 12.11.13.24 GET /v1.0 HTTP/1.1 - HTTP/1.1
204 No Content
Apr 10 15:03:05 swtester1 pound: (7fa851125700) e503 no service "GET
/v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
HTTP/1.1" from 12.11.13.24
Apr 10 15:04:07 swtester1 pound: (7fa851125700) e503 no service "GET
/v1/AUTH_50a8dbc55fb14808a3770b2e19599997/v1.0?format=xml&prefix=auth%2F&delimiter=%2F
HTTP/1.1" from 12.11.13.24
Apr 10 15:04:08 swtester1 pound: (7fa851125700) e503 no service "GET
/v1/AUTH_50a8dbc55fb14808a3770b2e19599997?format=xml HTTP/1.1" from
12.11.13.24
In order to make sure that the request was indeed going to the auth system
on port 8443, I had pound listen on 8443 and nginx listen on 443. Just to
be double sure. The requests work fine when using curl to authenticate and
retrieve account data/information.
--
Ticket URL: <http://trac.cyberduck.ch/ticket/5892>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.
More information about the Cyberduck-trac
mailing list