swift Swauth install

devAuth 是swift原生的认证中间层，
Swauth是为了解决devAuth不能扩展的问题而开发的替代方案。

Quick Install

 #git clone https://github.com/gholt/swauth.git

1) Install Swauth with sudo python setup.py install or sudo python setup.py develop or via whatever packaging system you may be using.

2) Alter your proxy-server.conf pipeline to have swauth instead of tempauth:

Was::

    [pipeline:main]
    pipeline = catch_errors cache tempauth proxy-server

Change To::

    [pipeline:main]
    pipeline = catch_errors cache swauth proxy-server

3) Add to your proxy-server.conf the section for the Swauth WSGI filter::

[filter:swauth]
use = egg:swauth#swauth
set log_name = whatever super_admin_key = password

4) Restart your proxy server swift-init proxy reload

5) Initialize the Swauth backing store in Swift swauth-prep -K  password -A https://127.0.0.1/auth/

 

6) Add an account/user swauth-add-user -A https://127.0.0.1/auth/ -K password  -a test tester testing

 

7) Ensure it works swift -A https://127.0.0.1/auth/v1.0 -U test:tester -K testing stat -v

 

Web Admin Install

 

1) If you installed from packages, you'll need to cd to the webadmin directory the package installed. This is /usr/share/doc/python-swauth/webadminwith the Lucid packages. If you installed from source, you'll need to cd to the webadmin directory in the source directory.

 

   # cd /usr/src/lyq/gholt-swauth-69fd700/webadmin

 

2) Upload the Web Admin files with swift -A https://127.0.0.1/auth/v1.0 -U .super_admin:.super_admin -K password upload .webadmin .

 

3) Open https://192.168.1.70/auth/ in your browser.

 

and Input user: .super_admin  key: password 

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

My proxy-sever.conf

[DEFAULT]

cert_file = /etc/swift/cert.crt

key_file = /etc/swift/cert.key

bind_port = 443

user = root

log_facility = LOG_LOCAL1

[pipeline:main]

pipeline = healthcheck cache swauth proxy-server

[app:proxy-server]

use = egg:swift#proxy

allow_account_management = true

[filter:swauth]

use = egg:swauth#swauth

default_swift_cluster = local#https://192.168.1.70:443/v1#https://127.0.0.1:443/v1

 

user_admin_admin = admin .admin .reseller_admin

 

user_test_tester = testing .admin

 

user_test2_tester2 = testing2 .admin

 

user_test_tester3 = testing3

 

set log_name = root

 

super_admin_key = password

 

 

[filter:healthcheck]

 

use = egg:swift#healthcheck

 

 

[filter:cache]

 

use = egg:swift#memcache

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

 

Hidden configuration options

 

 

 

Mac

Type the defaults command given in a Terminal.app (in /Applications/Utilities) window and restart Cyberduck.

defaults write ch.sudo.cyberduck <property> <value>

 

Windows

Quit Cyberduck if it is currently running before editing any configuration file. You need to add the setting to AppDataCyberduck.exe_Url_*[Version]user.config as follows:

...

<setting name="CdSettings" serializeAs="Xml">

  <value>

    <settings>

      <setting name="[property]" value="[value]" />

      ...

    </settings>

  </value>

</setting>

C:UsersGuradAppDataRoamingCyberduckCyberduck.exe_Url_2lo40rrsb1ocwd4jaezr0bb42ppyulnb4.0.2.8601

<setting name="cf.authentication.context "value="/auth/v1.0" />

Authentication Context Path ?

Authentication with devauth

No configuration change should be needed.

Authentication with swauth 

To change the context of the URL from the default /v1.0, use the  hidden configuration option defaults write ch.sudo.cyberduck cf.authentication.context <string>.

defaults write ch.sudo.cyberduck cf.authentication.context /auth/v1.0