Ask Your Question

Revision history [back]

  • User will first connect to keystone server and get the token.
  • Swift servers' url is in the service catalog which is part of token. They will get swift server url from the catalog and l call swift with that token. ( If you look at swiftclient code, it will do all these steps)
  • Swift will once again call keystone to verify the token.
  • If the verification is successful, then swift will allow listing.

You can verify this from the logs that you have posted. In this case , instead of user calling keystone directly , swift client calls keystone and gets the token and then passes the token to swift. So the url the client needs to know is that of keystone and not swift.

Authentication ( get token) is keystone api. If you point cloudberry to keystone, it will work since keystone understands authentication request. If you point cloudberry to swift url then it won't work since it doesn't understand that api.