Re: Creating RGW S3 User using the Admin Ops API

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 16-11-14 07:05, Yehuda Sadeh wrote:
> On Sat, Nov 15, 2014 at 6:20 AM, Wido den Hollander <wido@xxxxxxxx> wrote:
>> Hi,
>>
>> I'm having trouble with creating a new user using the Admin Ops API and
>> I'm not sure where the problem lies.
>>
>> I'm using: http://eu.ceph.com/docs/master/radosgw/adminops/#create-user
>>
>> Using pycurl I send the requesting using PUT and sending the JSON data,
>> but I always get a 403: AccessDenied
>>
>> Looking at the RGW logs I see:
>>
>> 2014-11-15 13:19:36.761358 7fe7897ea700 15 calculated
>> digest=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761364 7fe7897ea700 15
>> auth_sign=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761367 7fe7897ea700 15 compare=0
>> 2014-11-15 13:19:36.761373 7fe7897ea700  2 req 2879:0.001038::PUT
>> /admin/user:create_user:reading permissions
>> 2014-11-15 13:19:36.761381 7fe7897ea700  2 req 2879:0.001047::PUT
>> /admin/user:create_user:verifying op mask
>> 2014-11-15 13:19:36.761388 7fe7897ea700 20 required_mask= 0 user.op_mask=7
>> 2014-11-15 13:19:36.761393 7fe7897ea700  2 req 2879:0.001058::PUT
>> /admin/user:create_user:verifying op permissions
>> 2014-11-15 13:19:36.761402 7fe7897ea700  2 req 2879:0.001067::PUT
>> /admin/user:create_user:verifying op params
>> 2014-11-15 13:19:36.761407 7fe7897ea700  2 req 2879:0.001073::PUT
>> /admin/user:create_user:executing
>> 2014-11-15 13:19:36.761474 7fe7897ea700  2 req 2879:0.001140::PUT
>> /admin/user:create_user:http status=403
>> 2014-11-15 13:19:36.761689 7fe7897ea700  1 ====== req done req=0x147b910
>> http_status=403 ======
>>
>> It seems that the user has all the permissions since it actually goes
>> towards create_user, but suddenly it's a 403.
>>
>> I'm send 'uid', 'email' and 'display-name', but it always instantly
>> responds with a 403.
>>
>> Using GET to get user information is not a problem, it's just that
>> creating a user fails.
>>
>> Has anybody used the Admin Ops API before and tried this? This cluster
>> is still running Dumpling btw.
> 
> Not sure where it would come from. It would return that if uid was not
> specified. What happens if you try to create a user that already
> exists, same error?
> 

Yes, but something that is not clear to me.

Should I send the data via PUT data or as arguments? With that I mean
uid, display-name and e-mail.

Wido

> Yehuda
> 


-- 
Wido den Hollander
42on B.V.

Phone: +31 (0)20 700 9902
Skype: contact42on
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux