On Thu, Apr 24, 2014 at 4:17 AM, Jäger, Philipp <philipp.jaeger@xxxxxxx> wrote:
> Hello Yehuda,
>
> sorry for that, new logs:
>
>
> Debug developer:
> [DEBUG] conn.DefaultClientConnection - Receiving response: HTTP/1.1 403 Forbidden
> [DEBUG] org.apache.http.headers - << HTTP/1.1 403 Forbidden
> [DEBUG] org.apache.http.headers - << Date: Mon, 14 Apr 2014 07:04:13 GMT
> [DEBUG] org.apache.http.headers - << Server: Apache/2.2.22 (Ubuntu)
> [DEBUG] org.apache.http.headers - << Accept-Ranges: bytes
> [DEBUG] org.apache.http.headers - << Content-Length: 23
> [DEBUG] org.apache.http.headers - << Keep-Alive: timeout=5, max=100
> [DEBUG] org.apache.http.headers - << Connection: Keep-Alive
> [DEBUG] org.apache.http.headers - << Content-Type: application/json
> [DEBUG] client.DefaultHttpClient - Connection can be kept alive for 5000 MILLISECONDS
> [DEBUG] org.apache.http.wire - << "{"Code":"AccessDenied"}"
>
>
> radosgw.log
>
> 2014-04-24 13:06:04.680210 7fba44665780 20 enqueued request req=0x2531e20
> 2014-04-24 13:06:04.680277 7fba44665780 20 RGWWQ:
> 2014-04-24 13:06:04.680281 7fba44665780 20 req: 0x2531e20
> 2014-04-24 13:06:04.680290 7fba44665780 10 allocated request req=0x25321e0
> 2014-04-24 13:06:04.680337 7fba08ff1700 20 dequeued request req=0x2531e20
> 2014-04-24 13:06:04.680348 7fba08ff1700 20 RGWWQ: empty
> 2014-04-24 13:06:04.680363 7fba08ff1700 1 ====== starting new request req=0x2531e20 =====
> 2014-04-24 13:06:04.680471 7fba08ff1700 2 req 2:0.000109::::initializing
> 2014-04-24 13:06:04.680497 7fba08ff1700 10 host=172.25.3.12 rgw_dns_name=HAPPKO25.cgm.ag
> 2014-04-24 13:06:04.680622 7fba08ff1700 20 FCGI_ROLE=RESPONDER
> 2014-04-24 13:06:04.680630 7fba08ff1700 20 SCRIPT_URL=/admin/user
> 2014-04-24 13:06:04.680635 7fba08ff1700 20 SCRIPT_URI=https://172.25.3.12/admin/user
> 2014-04-24 13:06:04.680639 7fba08ff1700 20 HTTP_AUTHORIZATION=AWS NQY41E90E38HKJXV6DFM:YaHru0FheiTySH1y7Ek+cENSR44=
> 2014-04-24 13:06:04.680643 7fba08ff1700 20 HTTPS=on
> 2014-04-24 13:06:04.680647 7fba08ff1700 20 HTTP_HOST=172.25.3.12
> 2014-04-24 13:06:04.680663 7fba08ff1700 20 HTTP_USER_AGENT=aws-sdk-java/1.3.27 Windows_7/6.1 Java_HotSpot(TM)_Client_VM/25.5-b02
> 2014-04-24 13:06:04.680671 7fba08ff1700 20 HTTP_DATE=Thu, 24 Apr 2014 11:05:49 GMT
> 2014-04-24 13:06:04.680674 7fba08ff1700 20 CONTENT_TYPE=application/x-www-form-urlencoded; charset=utf-8
> 2014-04-24 13:06:04.680677 7fba08ff1700 20 HTTP_CONNECTION=Keep-Alive
> 2014-04-24 13:06:04.680680 7fba08ff1700 20 PATH=/usr/local/bin:/usr/bin:/bin
> 2014-04-24 13:06:04.680683 7fba08ff1700 20 SERVER_SIGNATURE=
> 2014-04-24 13:06:04.680686 7fba08ff1700 20 SERVER_SOFTWARE=Apache/2.2.22 (Ubuntu)
> 2014-04-24 13:06:04.680689 7fba08ff1700 20 SERVER_NAME=172.25.3.12
> 2014-04-24 13:06:04.680693 7fba08ff1700 20 SERVER_ADDR=172.25.3.12
> 2014-04-24 13:06:04.680697 7fba08ff1700 20 SERVER_PORT=443
> 2014-04-24 13:06:04.680701 7fba08ff1700 20 REMOTE_ADDR=10.0.49.80
> 2014-04-24 13:06:04.680705 7fba08ff1700 20 DOCUMENT_ROOT=/var/www
> 2014-04-24 13:06:04.680708 7fba08ff1700 20 SERVER_ADMIN=edv@xxxxxxx
> 2014-04-24 13:06:04.680711 7fba08ff1700 20 SCRIPT_FILENAME=/var/www/s3gw.fcgi
> 2014-04-24 13:06:04.680715 7fba08ff1700 20 REMOTE_PORT=55225
> 2014-04-24 13:06:04.680718 7fba08ff1700 20 GATEWAY_INTERFACE=CGI/1.1
> 2014-04-24 13:06:04.680722 7fba08ff1700 20 SERVER_PROTOCOL=HTTP/1.1
> 2014-04-24 13:06:04.680726 7fba08ff1700 20 REQUEST_METHOD=GET
> 2014-04-24 13:06:04.680730 7fba08ff1700 20 QUERY_STRING=page=admin¶ms=/user&format=json
> 2014-04-24 13:06:04.680733 7fba08ff1700 20 REQUEST_URI=/admin/user?format=json
> 2014-04-24 13:06:04.680744 7fba08ff1700 20 SCRIPT_NAME=/admin/user
> 2014-04-24 13:06:04.680755 7fba08ff1700 2 req 2:0.000393::GET /admin/user::getting op
> 2014-04-24 13:06:04.680768 7fba08ff1700 2 req 2:0.000407::GET /admin/user:get_user_info:authorizing
> 2014-04-24 13:06:04.680876 7fba08ff1700 20 get_obj_state: rctx=0x7fba280066b0 obj=.users:NQY41E90E38HKJXV6DFM state=0x7fba28006768 s->prefetch_data=0
> 2014-04-24 13:06:04.680904 7fba08ff1700 10 moving .users+NQY41E90E38HKJXV6DFM to cache LRU end
> 2014-04-24 13:06:04.680909 7fba08ff1700 10 cache get: name=.users+NQY41E90E38HKJXV6DFM : type miss (requested=6, cached=3)
> 2014-04-24 13:06:04.689714 7fba08ff1700 10 cache put: name=.users+NQY41E90E38HKJXV6DFM
> 2014-04-24 13:06:04.689731 7fba08ff1700 10 moving .users+NQY41E90E38HKJXV6DFM to cache LRU end
> 2014-04-24 13:06:04.689748 7fba08ff1700 20 get_obj_state: s->obj_tag was set empty
> 2014-04-24 13:06:04.689763 7fba08ff1700 10 moving .users+NQY41E90E38HKJXV6DFM to cache LRU end
> 2014-04-24 13:06:04.689767 7fba08ff1700 10 cache get: name=.users+NQY41E90E38HKJXV6DFM : hit
> 2014-04-24 13:06:04.689905 7fba08ff1700 20 get_obj_state: rctx=0x7fba280066b0 obj=.users.uid:connect state=0x7fba28007188 s->prefetch_data=0
> 2014-04-24 13:06:04.689929 7fba08ff1700 10 moving .users.uid+connect to cache LRU end
> 2014-04-24 13:06:04.689933 7fba08ff1700 10 cache get: name=.users.uid+connect : type miss (requested=6, cached=3)
> 2014-04-24 13:06:04.692132 7fba08ff1700 10 cache put: name=.users.uid+connect
> 2014-04-24 13:06:04.692143 7fba08ff1700 10 moving .users.uid+connect to cache LRU end
> 2014-04-24 13:06:04.692154 7fba08ff1700 20 get_obj_state: s->obj_tag was set empty
> 2014-04-24 13:06:04.692167 7fba08ff1700 10 moving .users.uid+connect to cache LRU end
> 2014-04-24 13:06:04.692171 7fba08ff1700 10 cache get: name=.users.uid+connect : hit
> 2014-04-24 13:06:04.692266 7fba08ff1700 10 get_canon_resource(): dest=/admin/user
> 2014-04-24 13:06:04.692273 7fba08ff1700 10 auth_hdr:
> GET
> application/x-www-form-urlencoded; charset=utf-8
> Thu, 24 Apr 2014 11:05:49 GMT
> /admin/user
> 2014-04-24 13:06:04.692509 7fba08ff1700 15 b64=C42JUJ9LOM8fa9WaHSu8ijEwpHI=
> 2014-04-24 13:06:04.692518 7fba08ff1700 15 auth_sign=YaHru0FheiTySH1y7Ek+cENSR44=
> 2014-04-24 13:06:04.692521 7fba08ff1700 15 compare=22
That's a signing issue.
Yehuda
> 2014-04-24 13:06:04.692527 7fba08ff1700 10 failed to authorize request
> 2014-04-24 13:06:04.693049 7fba08ff1700 2 req 2:0.012687::GET /admin/user:get_user_info:http status=403
> 2014-04-24 13:06:04.694861 7fba08ff1700 1 ====== req done req=0x2531e20 http_status=403 ======
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Yehuda Sadeh [mailto:yehuda@xxxxxxxxxxx]
> Gesendet: Freitag, 11. April 2014 18:12
> An: Jäger, Philipp
> Cc: ceph-devel@xxxxxxxxxxxxxxx
> Betreff: Re: RadosGW- Admin API
>
> You're running Bobtail, this functionality only appeared on Cuttlefish.
>
> Yehuda
>
>
> On Fri, Apr 11, 2014 at 2:28 AM, Jäger, Philipp <philipp.jaeger@xxxxxxx> wrote:
>> Hello yehuda,
>>
>> Please have a look:
>>
>> /etc/ceph/ceph.conf
>>
>> [client.radosgw.gateway]
>> host = <hostname>
>> log file = /var/log/ceph/radosgw.log
>> rgw dns name = <fqdn>
>> rgw print continue= true
>> rgw enable ops log = true
>> rgw enable usage log = true
>> admin socket = /tmp/radosgw.adsock
>> debug rgw=20
>>
>> /var/log/apache2/access.log
>> [11/Apr/2014:09:14:40 +0200] "GET /admin/user?format=json HTTP/1.1" 405 1896 "-" "aws-sdk-java/1.3.27 Windows_7/6.1 Java_HotSpot(TM)_Client_VM/23.21-b01"
>>
>> /var/log/ceph/radosgw.log
>> 2014-04-11 09:07:04.692526 7fe0ca076700 0 -- 172.25.3.12:0/1025431 >> 172.25.3.12:6789/0 pipe(0x7fe0b0015820 sd=12 :0 pgs=0 cs=0 l=1).fault
>> 2014-04-11 09:07:07.414199 7fe0b87f8700 0 -- 172.25.3.12:0/1025431 >> 172.25.3.12:6801/26141 pipe(0x7fe0b00180a0 sd=13 :0 pgs=0 cs=0 l=1).fault
>> 2014-04-11 09:07:15.540562 7f995c46e780 0 ceph version 0.56.1 (e4a541624df62ef353e754391cbbb707f54b16f7), process radosgw, pid 27051
>> 2014-04-11 09:07:15.561118 7f994ac91700 2 garbage collection: start
>> 2014-04-11 09:07:21.474434 7f995c46e780 10 allocated request req=0x20d8e30
>> 2014-04-11 09:07:21.873066 7f994ac91700 2 garbage collection: stop
>> 2014-04-11 09:07:50.739178 7f995c46e780 20 enqueued request req=0x20d8e30
>> 2014-04-11 09:07:50.739222 7f995c46e780 20 RGWWQ:
>> 2014-04-11 09:07:50.739227 7f995c46e780 20 req: 0x20d8e30
>> 2014-04-11 09:07:50.739239 7f995c46e780 10 allocated request req=0x20df730
>> 2014-04-11 09:07:50.739469 7f9911fcb700 20 dequeued request req=0x20d8e30
>> 2014-04-11 09:07:50.739489 7f9911fcb700 20 RGWWQ: empty
>> 2014-04-11 09:07:50.739511 7f9911fcb700 1 ====== starting new request req=0x20d8e30 =====
>> 2014-04-11 09:07:50.739615 7f9911fcb700 2 req 1:0.000104::::initializing
>> 2014-04-11 09:07:50.739680 7f9911fcb700 10 host=<hostname> rgw_dns_name=<fqdn>
>> 2014-04-11 09:07:50.759827 7f9911fcb700 5 nothing to log for operation
>> 2014-04-11 09:07:50.759876 7f9911fcb700 2 req 1:0.020365::GET /admin/user::http status=405
>> 2014-04-11 09:07:50.761521 7f9911fcb700 1 ====== req done req=0x20d8e30 http_status=405 ======
>> 2014-04-11 09:07:51.469971 7f994ffff700 0 WARNING: RGWRados::log_usage(): user name empty (bucket=), skipping
>>
>> Thanks
>>
>> Regards
>>
>> Philipp
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Yehuda Sadeh [mailto:yehuda@xxxxxxxxxxx]
>> Gesendet: Donnerstag, 3. April 2014 17:55
>> An: Jäger, Philipp
>> Cc: ceph-devel@xxxxxxxxxxxxxxx
>> Betreff: Re: RadosGW- Admin API
>>
>> (resending to mailing list)
>>
>> Could be a more basic issue, can you turn on 'debug rgw = 20', and provide the corresponding log?
>>
>> Yehuda
>>
>> On Thu, Apr 3, 2014 at 3:51 AM, Jäger, Philipp <philipp.jaeger@xxxxxxx> wrote:
>>> Hello yehuda,
>>>
>>> we want to administrate the rados users via the admin api.
>>> http://ceph.com/docs/master/radosgw/adminops/#get-user-info
>>>
>>>
>>> We got the following logs from the developer, see line " Receiving response: HTTP/1.1 405 Method Not Allowed":
>>>
>>> [DEBUG] internal.S3Signer - Calculated string to sign:
>>> "GET
>>>
>>> application/x-www-form-urlencoded; charset=utf-8 Mon, 31 Mar 2014
>>> 11:25:58 GMT //"
>>> [DEBUG] com.amazonaws.request - Sending Request: GET https://172.25.3.12 /admin/user?format=json&uid=test Headers: (Authorization: AWS NQY41E90E38HKJXV6DFM:/v1NjvtT/khFuR875Fx+rexmyuo=, Date: Mon, 31 Mar 2014 11:25:58 GMT, User-Agent: aws-sdk-java/1.3.27 Windows_7/6.1 Java_HotSpot(TM)_Client_VM/23.21-b01, Content-Type: application/x-www-form-urlencoded; charset=utf-8, )
>>> [DEBUG] conn.BasicClientConnectionManager - Get connection for route {s}->https://172.25.3.12
>>> [DEBUG] conn.DefaultClientConnectionOperator - Connecting to 172.25.3.12:443
>>> [DEBUG] protocol.RequestAddCookies - CookieSpec selected: best-match
>>> [DEBUG] protocol.RequestAuthCache - Auth cache not set in the context
>>> [DEBUG] protocol.RequestProxyAuthentication - Proxy auth state: UNCHALLENGED
>>> [DEBUG] client.DefaultHttpClient - Attempt 1 to execute request
>>> [DEBUG] conn.DefaultClientConnection - Sending request: GET /admin/user?format=json&uid=test HTTP/1.1
>>> [DEBUG] org.apache.http.wire - >> "GET /admin/user?format=json&uid=test HTTP/1.1[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "Host: 172.25.3.12[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "Authorization: AWS NQY41E90E38HKJXV6DFM:/v1NjvtT/khFuR875Fx+rexmyuo=[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "Date: Mon, 31 Mar 2014 11:25:58 GMT[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "User-Agent: aws-sdk-java/1.3.27 Windows_7/6.1 Java_HotSpot(TM)_Client_VM/23.21-b01[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "Content-Type: application/x-www-form-urlencoded; charset=utf-8[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "Connection: Keep-Alive[\r][\n]"
>>> [DEBUG] org.apache.http.wire - >> "[\r][\n]"
>>> [DEBUG] org.apache.http.headers - >> GET /admin/user?format=json&uid=test HTTP/1.1
>>> [DEBUG] org.apache.http.headers - >> Host: 172.25.3.12
>>> [DEBUG] org.apache.http.headers - >> Authorization: AWS NQY41E90E38HKJXV6DFM:/v1NjvtT/khFuR875Fx+rexmyuo=
>>> [DEBUG] org.apache.http.headers - >> Date: Mon, 31 Mar 2014 11:25:58 GMT
>>> [DEBUG] org.apache.http.headers - >> User-Agent: aws-sdk-java/1.3.27 Windows_7/6.1 Java_HotSpot(TM)_Client_VM/23.21-b01
>>> [DEBUG] org.apache.http.headers - >> Content-Type: application/x-www-form-urlencoded; charset=utf-8
>>> [DEBUG] org.apache.http.headers - >> Connection: Keep-Alive
>>> [DEBUG] org.apache.http.wire - << "HTTP/1.1 405 Method Not Allowed[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Date: Mon, 31 Mar 2014 11:26:20 GMT[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Server: Apache/2.2.22 (Ubuntu)[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Accept-Ranges: bytes[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Content-Length: 27[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Keep-Alive: timeout=5, max=100[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Connection: Keep-Alive[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "Content-Type: application/json[\r][\n]"
>>> [DEBUG] org.apache.http.wire - << "[\r][\n]"
>>> [DEBUG] conn.DefaultClientConnection - Receiving response: HTTP/1.1 405 Method Not Allowed
>>> [DEBUG] org.apache.http.headers - << HTTP/1.1 405 Method Not Allowed
>>> [DEBUG] org.apache.http.headers - << Date: Mon, 31 Mar 2014 11:26:20 GMT
>>> [DEBUG] org.apache.http.headers - << Server: Apache/2.2.22 (Ubuntu)
>>> [DEBUG] org.apache.http.headers - << Accept-Ranges: bytes
>>> [DEBUG] org.apache.http.headers - << Content-Length: 27
>>> [DEBUG] org.apache.http.headers - << Keep-Alive: timeout=5, max=100
>>> [DEBUG] org.apache.http.headers - << Connection: Keep-Alive
>>> [DEBUG] org.apache.http.headers - << Content-Type: application/json
>>> [DEBUG] client.DefaultHttpClient - Connection can be kept alive for 5000 MILLISECONDS
>>>
>>>
>>>
>>> Do you know where the mistake is or how we can identify it?
>>>
>>> The user has the following caps:
>>> "caps": [
>>> { "type": "users",
>>> "perm": "*"}]}
>>>
>>> Is there something else to configure?
>>>
>>>
>>> Thank you very much.
>>>
>>> Regards
>>> Philipp
>>>
>>>
>>>
>>>
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
