The –debug command worked as described. Can anyone give me a synposis of how the authentication token is generated? Token generated: AUTH_rgwtk0b0000007261646f733a7377696674046eff2c9ac6a5041b00545248a7893b900677683adaaca1095128b6edf8fc378d7d49d8" The first part looks like a header: 'AUTH_rgwtk', (rados gateway token)?? length == 11 and a prefix == rados:swift AUTH_rgwtk0b00000072 61 64 6f 73 3a 73 77 69 66 74 Length = 0xb r a d o s : s w i f t What is the token body -- How is the token body encoded? It's not a straight match of any keys shown by the radowgw-admin command? 046eff2c 9ac6a504 1b00545 248a7893 b9006776 83adaaca 1095128 b6edf8fc 378d7d49 d8 root@controller21:~/ssbench-0.2.16# radosgw-admin user info --uid=rados 2013-10-07 05:55:34.804639 7ff1c3f6c780 0 WARNING: cannot read region map { "user_id": "rados", "display_name": "rados", "email": "non@xxxxxxxx", "suspended": 0, "max_buckets": 1000, "auid": 0, "subusers": [ { "id": "rados:swift", "permissions": "full-control"}, { "id": "rados:swift1", "permissions": "full-control"}], "keys": [ { "user": "rados", "access_key": "R5F0D2UCSK3618DJ829A", "secret_key": "PJR1rvV2+Xrzlwo+AZZKXextsDl45EaLljzopgjD"}], "swift_keys": [ { "user": "rados:swift", "secret_key": "77iJvemrxWvYk47HW7pxsL+eHdA53AtLl2T0OyuG"}, { "user": "rados:swift1", "secret_key": "l9Xlg66JvbNvMmZAj91AeQByEiP8R8sBahCJeqAG"}], "caps": [], "op_mask": "read, write, delete", "default_placement": "", "placement_tags": []} swift --debug -V 1.0 -A http://ictp-R2C4-Controller21.ict.englab.netapp.com/auth -U rados:swift -K "77iJvemrxWvYk47HW7pxsL+eHdA53AtLl2T0OyuG" list DEBUG:swiftclient:REQ: curl -i http://ictp-R2C4-Controller21.ict.englab.netapp.com/auth -X GET DEBUG:swiftclient:RESP STATUS: 204 DEBUG:swiftclient:REQ: curl -i http://ictp-R2C4-Controller21.ict.englab.netapp.com/swift/v1?format=json -X GET -H "X-Auth-Token: AUTH_rgwtk0b0000007261646f733a7377696674046eff2c9ac6a5041b00545248a7893b900677683adaaca1095128b6edf8fc378d7d49d8" DEBUG:swiftclient:RESP STATUS: 200 DEBUG:swiftclient:RESP BODY: [{"name":"ssbench_000000","count":832,"bytes":85196800},...{"name":"xxx","count":1,"bytes":604}] DEBUG:swiftclient:REQ: curl -i http://ictp-R2C4-Controller21.ict.englab.netapp.com/swift/v1?format=json&marker=xxx -X GET -H "X-Auth-Token: AUTH_rgwtk0b0000007261646f733a7377696674046eff2c9ac6a5041b00545248a7893b900677683adaaca1095128b6edf8fc378d7d49d8" DEBUG:swiftclient:RESP STATUS: 200 DEBUG:swiftclient:RESP BODY: [] AUTH_rgwtk0b0000007261646f733a7377696674 r a d o s : s w i f t 046eff2c 9ac6a504 1b00545 248a7893 b9006776 83adaaca 1095128 b6edf8fc 378d7d49 d8 From: Darren Birkett [mailto:darren.birkett@xxxxxxxxx] Sent: Saturday, October 05, 2013 1:00 AM To: Snider, Tim; ceph-users@xxxxxxxxxxxxxx Subject: Re: ceph access using curl Try using passing '--debug' to the swift command. It should output the equivalent curl command for you to use. - Darren "Snider, Tim" <Tim.Snider@xxxxxxxxxx> wrote: I'm having pilot error with getting the path correct using curl. Bucket listing using "radosgw-admin bucket list" works as does the swift API. Can someone point out my (obvious) error? Bucket list works: root@controller21:/home/ceph/my-cluster# radosgw-admin bucket list 2013-10-04 11:28:13.144065 7fe5f26fe780 0 WARNING: cannot read region map [ "xxx"] Swift API to Ceph works swift -V 1.0 -A http://ictp-R2C4-Controller21.ict.englab.netapp.com/auth -U rados:swift -K "xxx" stat Account: v1 Containers: 1 Objects: 1 Bytes: 604 Vary: Accept-Encoding Server: Apache/2.2.22 (Ubuntu) X-Account-Bytes-Used-Actual: 4096 Content-Type: text/plain; charset=utf-8 root@controller21:/home/ceph/my-cluster# swift -V 1.0 -A http://ictp-R2C4-Controller21.ict.englab.netapp.com/auth -U rados:swift -K "77iJvemrxWvYk47HW7pxsL+eHdA53AtLl2T0OyuG" list xxx However I can’t get the correct http path. Variations of auth/v1.0, auth/v1 … don’t work either: root@controller21:/home/ceph/my-cluster# curl -v -H 'X-Storage-User: rados:swift' -H 'X-Storage-Pass: xxx' http://ictp-R2C4-Controller21.ict.englab.netapp.com/auth * About to connect() to ictp-R2C4-Controller21.ict.englab.netapp.com port 80 (#0) * Trying 10.113.193.189... connected > GET /auth HTTP/1.1 > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: ictp-R2C4-Controller21.ict.englab.netapp.com > Accept: */* > X-Storage-User: rados:swift > X-Storage-Pass: 77iJvemrxWvYk47HW7pxsL+eHdA53AtLl2T0OyuG > < HTTP/1.1 403 Forbidden < Date: Fri, 04 Oct 2013 18:30:01 GMT < Server: Apache/2.2.22 (Ubuntu) < Accept-Ranges: bytes < Content-Length: 23 < Content-Type: application/json < * Connection #0 to host ictp-R2C4-Controller21.ict.englab.netapp.com left intact * Closing connection #0 {"Code":"AccessDenied"}root@controller21:/home/ceph/my-cluster# Thanks, Tim ________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com