Merge "Update swift_auth documentation."

2012-05-29 21:58:21 +00:00 · 2012-05-29 21:58:21 +00:00 · 1349e12735
commit 1349e12735
parent b6dbb103e1 055d073803
2 changed files with 9 additions and 8 deletions
--- a/doc/source/configuringservices.rst
+++ b/doc/source/configuringservices.rst
@ -238,7 +238,7 @@ rather than its built in 'tempauth'.
 Configuring Swift with S3 emulation to use Keystone
 ---------------------------------------------------

-Keystone support validating S3 tokens using the same tokens as the
+Keystone supports validating S3 tokens using the same tokens as the
 generated EC2 tokens. When you have generated a pair of EC2 access
 token and secret you can access your swift cluster directly with the
 S3 api.
@ -247,7 +247,7 @@ S3 api.
   (`/etc/swift/swift-proxy.conf` to use S3token and Swift3
   middleware.

-   Here's an example::
+   Here's an example that by default communicates with keystone via https ::

    [DEFAULT]
    bind_port = 8080
@ -278,15 +278,17 @@ S3 api.

    [filter:s3token]
    paste.filter_factory = keystone.middleware.s3_token:filter_factory
+    # uncomment the following line if you don't want to use SSL
+    # auth_protocol = http
    auth_port = 35357
    auth_host = 127.0.0.1
-    auth_protocol = http

    [filter:authtoken]
    paste.filter_factory = keystone.middleware.auth_token:filter_factory
+    # uncomment the following line if you don't want to use SSL
+    # auth_protocol = http
    auth_port = 35357
    auth_host = 127.0.0.1
-    auth_protocol = http
    auth_token = ADMIN
    admin_token = ADMIN

--- a/keystone/middleware/swift_auth.py
+++ b/keystone/middleware/swift_auth.py
@ -41,7 +41,7 @@ class SwiftAuth(object):
    In Swift's proxy-server.conf add this middleware to your pipeline::

        [pipeline:main]
-        pipeline = catch_errors cache authtoken swiftauth proxy-server
+        pipeline = catch_errors cache authtoken keystone proxy-server

    Make sure you have the authtoken middleware before the swiftauth
    middleware.  authtoken will take care of validating the user and
@ -58,10 +58,9 @@ class SwiftAuth(object):

    And add a swift authorization filter section, such as::

-        [filter:swiftauth]
-        use = egg:keystone#swiftauth
+        [filter:keystone]
+        paste.filter_factory = keystone.middleware.auth_token:filter_factory
        operator_roles = admin, swiftoperator
-        is_admin = false

    This maps tenants to account in Swift.