I think you should send the data (uid & display-name) as arguments. I successfully create user via adminOps without any problems.
Thanks
Leidong
On Monday, November 17, 2014 2:39 PM, Wido den Hollander <wido@xxxxxxxx> wrote:
On 16-11-14 07:05, Yehuda Sadeh wrote:
> On Sat, Nov 15, 2014 at 6:20 AM, Wido den Hollander <wido@xxxxxxxx> wrote:
>> Hi,
>>
>> I'm having trouble with creating a new user using the Admin Ops API and
>> I'm not sure where the problem lies.
>>
>> I'm using: http://eu.ceph.com/docs/master/radosgw/adminops/#create-user
>>
>> Using pycurl I send the requesting using PUT and sending the JSON data,
>> but I always get a 403: AccessDenied
>>
>> Looking at the RGW logs I see:
>>
>> 2014-11-15 13:19:36.761358 7fe7897ea700 15 calculated
>> digest=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761364 7fe7897ea700 15
>> auth_sign=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761367 7fe7897ea700 15 compare=0
>> 2014-11-15 13:19:36.761373 7fe7897ea700 2 req 2879:0.001038::PUT
>> /admin/user:create_user:reading permissions
>> 2014-11-15 13:19:36.761381 7fe7897ea700 2 req 2879:0.001047::PUT
>> /admin/user:create_user:verifying op mask
>> 2014-11-15 13:19:36.761388 7fe7897ea700 20 required_mask= 0 user.op_mask=7
>> 2014-11-15 13:19:36.761393 7fe7897ea700 2 req 2879:0.001058::PUT
>> /admin/user:create_user:verifying op permissions
>> 2014-11-15 13:19:36.761402 7fe7897ea700 2 req 2879:0.001067::PUT
>> /admin/user:create_user:verifying op params
>> 2014-11-15 13:19:36.761407 7fe7897ea700 2 req 2879:0.001073::PUT
>> /admin/user:create_user:executing
>> 2014-11-15 13:19:36.761474 7fe7897ea700 2 req 2879:0.001140::PUT
>> /admin/user:create_user:http status=403
>> 2014-11-15 13:19:36.761689 7fe7897ea700 1 ====== req done req=0x147b910
>> http_status=403 ======
>>
>> It seems that the user has all the permissions since it actually goes
>> towards create_user, but suddenly it's a 403.
>>
>> I'm send 'uid', 'email' and 'display-name', but it always instantly
>> responds with a 403.
>>
>> Using GET to get user information is not a problem, it's just that
>> creating a user fails.
>>
>> Has anybody used the Admin Ops API before and tried this? This cluster
>> is still running Dumpling btw.
>
> Not sure where it would come from. It would return that if uid was not
> specified. What happens if you try to create a user that already
> exists, same error?
>
Yes, but something that is not clear to me.
Should I send the data via PUT data or as arguments? With that I mean
uid, display-name and e-mail.
Wido
> Yehuda
>
--
Wido den Hollander
42on B.V.
Phone: +31 (0)20 700 9902
Skype: contact42on
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
> On Sat, Nov 15, 2014 at 6:20 AM, Wido den Hollander <wido@xxxxxxxx> wrote:
>> Hi,
>>
>> I'm having trouble with creating a new user using the Admin Ops API and
>> I'm not sure where the problem lies.
>>
>> I'm using: http://eu.ceph.com/docs/master/radosgw/adminops/#create-user
>>
>> Using pycurl I send the requesting using PUT and sending the JSON data,
>> but I always get a 403: AccessDenied
>>
>> Looking at the RGW logs I see:
>>
>> 2014-11-15 13:19:36.761358 7fe7897ea700 15 calculated
>> digest=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761364 7fe7897ea700 15
>> auth_sign=7+ZV9ndzDbHiBOLP8yKrokF2DOc=
>> 2014-11-15 13:19:36.761367 7fe7897ea700 15 compare=0
>> 2014-11-15 13:19:36.761373 7fe7897ea700 2 req 2879:0.001038::PUT
>> /admin/user:create_user:reading permissions
>> 2014-11-15 13:19:36.761381 7fe7897ea700 2 req 2879:0.001047::PUT
>> /admin/user:create_user:verifying op mask
>> 2014-11-15 13:19:36.761388 7fe7897ea700 20 required_mask= 0 user.op_mask=7
>> 2014-11-15 13:19:36.761393 7fe7897ea700 2 req 2879:0.001058::PUT
>> /admin/user:create_user:verifying op permissions
>> 2014-11-15 13:19:36.761402 7fe7897ea700 2 req 2879:0.001067::PUT
>> /admin/user:create_user:verifying op params
>> 2014-11-15 13:19:36.761407 7fe7897ea700 2 req 2879:0.001073::PUT
>> /admin/user:create_user:executing
>> 2014-11-15 13:19:36.761474 7fe7897ea700 2 req 2879:0.001140::PUT
>> /admin/user:create_user:http status=403
>> 2014-11-15 13:19:36.761689 7fe7897ea700 1 ====== req done req=0x147b910
>> http_status=403 ======
>>
>> It seems that the user has all the permissions since it actually goes
>> towards create_user, but suddenly it's a 403.
>>
>> I'm send 'uid', 'email' and 'display-name', but it always instantly
>> responds with a 403.
>>
>> Using GET to get user information is not a problem, it's just that
>> creating a user fails.
>>
>> Has anybody used the Admin Ops API before and tried this? This cluster
>> is still running Dumpling btw.
>
> Not sure where it would come from. It would return that if uid was not
> specified. What happens if you try to create a user that already
> exists, same error?
>
Yes, but something that is not clear to me.
Should I send the data via PUT data or as arguments? With that I mean
uid, display-name and e-mail.
Wido
> Yehuda
>
--
Wido den Hollander
42on B.V.
Phone: +31 (0)20 700 9902
Skype: contact42on
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
