| I think I figured it out, for my install the admin token is broken for v2 auth and I needed to use user:password w/ admin role. It is the more correct way to do things but is conspicuously missing from here http://docs.ceph.com/docs/master/radosgw/keystone/ and here http://docs.ceph.com/docs/master/radosgw/config-ref/ and I had to read the source code to find it. I would have expected some sort of error to be thrown before the role checking failed. I’ll see if I can’t file a documentation bug.
I think so, unless I misunderstand how it works. (openstack) role list --user jomlowe --project jomlowe +----------------------------------+----------+---------+---------+ | ID | Name | Project | User | +----------------------------------+----------+---------+---------+ | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | jomlowe | jomlowe | | 8adcf7413cd3469abe4ae13cf259be6e | user | jomlowe | jomlowe | +----------------------------------+----------+---------+---------+ On Oct 15, 2015, at 1:50 PM, Yehuda Sadeh-Weinraub <yehuda@xxxxxxxxxx> wrote:
On Thu, Oct 15, 2015 at 8:34 AM, Mike Lowe <j.michael.lowe@xxxxxxxxx> wrote:
I’m having some trouble with radosgw and keystone integration, I always get the following error:
user does not hold a matching role; required roles: Member,user,_member_,admin
Despite my token clearly having one of the roles:
"user": {
"id": "401375297eb540bbb1c32432439827b0",
"name": "jomlowe",
"roles": [
{
"id": "8adcf7413cd3469abe4ae13cf259be6e",
"name": "user"
}
],
"roles_links": [],
"username": "jomlowe"
}
Does anybody have any hints?
Does the user has these roles assigned on keystone?
Yehuda
|
_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
