Cyberduck Mountain Duck CLI

#7754 closed enhancement (fixed)

Authentication failure with ec2-credentials

Reported by: themediaengine Owned by: dkocher
Priority: normal Milestone: 4.4.4
Component: openstack Version: 4.4.3
Severity: normal Keywords:
Cc: Architecture: Intel
Platform: Mac OS X 10.9

Description (last modified by dkocher)

https://svn.cyberduck.ch/trunk/profiles/Openstack%20Swift%20(Keystone%20HTTP).cyberduckprofile

I downloaded this profile so I could connect to our internal swift POC installation but the profile is not connecting.

My settings are:

  • auth server is:
server:10.68.240.191
port:5000 (swift on 8888)
  • keystone ec2-credentials-list gives me:
usrname: f03ec1aa7ed443e7bbb4af9c5ab75b59:e4725694a1d841e28b083084abb821ae
secretkey: XXXXXXXXXX
  • also tried these options
path: NULL, /v2.0, /v2.0/tokens

can anyone suggest where I am going wrong?

Attachments (1)

swifterror.png (34.2 KB) - added by themediaengine on Jan 22, 2014 at 7:15:12 PM.

Download all attachments as: .zip

Change History (14)

Changed on Jan 22, 2014 at 7:15:12 PM by themediaengine

comment:1 Changed on Jan 23, 2014 at 8:20:44 AM by dkocher

  • Component changed from core to openstack
  • Description modified (diff)
  • Owner set to dkocher

comment:2 Changed on Jan 23, 2014 at 8:24:09 AM by dkocher

We currently default to a passwordCredentials request for keystone authentication which explains why the request is failing with 403 given the secret key. We should make this configurable and default to the method used by a default installation stack.

Last edited on Jan 23, 2014 at 8:24:46 AM by dkocher (previous) (diff)

comment:3 Changed on Jan 23, 2014 at 10:42:35 AM by dkocher

  • Milestone set to 4.4.4
  • Status changed from new to assigned
  • Summary changed from Openstack Swift (Keystone HTTP) to Authentication failure with username and secretkey

comment:4 Changed on Jan 23, 2014 at 11:37:54 AM by themediaengine

So I am a bit confused. Please note that this is the Openstack Swift (Keystone HTTP) profile and not the Openstack Swift (Keystone) profile which uses https. The profile calls for:

  • server and port - should I use keystoneip/keystoneport (10.x.x.x:5000) or swiftproxyip:swiftproxyport (10.x.x.x:8888)
  • username [TennantID:AccessKey] - should I use TennantID:EC2AccessID or username or userid
  • password [SecretKey] - you suggest passwordCredentials so should I use the user password instead of the EC2SecretKey

an example or corresponding screenshot would help if you have some instruction to follow

Last edited on Jan 23, 2014 at 1:47:51 PM by dkocher (previous) (diff)

comment:5 Changed on Jan 23, 2014 at 4:57:50 PM by dkocher

Yes, try to use the password instead of the secret key as in

  • Username tenant:username
  • Password password

comment:6 Changed on Jan 24, 2014 at 2:15:09 PM by themediaengine

This worked fine, thank you

comment:7 Changed on Jan 24, 2014 at 2:15:42 PM by themediaengine

  • Resolution set to fixed
  • Status changed from assigned to closed

comment:8 Changed on Jan 24, 2014 at 3:19:30 PM by dkocher

  • Resolution fixed deleted
  • Status changed from closed to reopened

comment:9 Changed on Jan 28, 2014 at 8:09:17 PM by dkocher

  • Summary changed from Authentication failure with username and secretkey to Authentication failure with ec2-credentials

comment:10 Changed on Jan 28, 2014 at 8:10:15 PM by dkocher

  • Milestone 4.4.4 deleted
  • Type changed from defect to enhancement

comment:11 Changed on Mar 26, 2014 at 2:17:37 PM by dkocher

You do not need to give the authentication context in the Path option.

comment:12 Changed on Mar 26, 2014 at 2:18:32 PM by dkocher

  • Milestone set to 4.4.4
  • Resolution set to fixed
  • Status changed from reopened to closed

We are supporting multiple authentication strategies as of r14344. Please update to the latest snapshot build available.

comment:13 Changed on Mar 26, 2014 at 2:21:37 PM by dkocher

You can either provide

  • (Tenant ID:)Username and Password
  • (Tenant Name:)Username and Password
  • (Tenant ID:)Access Key and secret key
Note: See TracTickets for help on using tickets.