Do we really need these many swift auths S3, TempAuth, SwiftAuth, cacheAuth.....?

asked 2013-06-26 09:54:28 -0600

raghavendra gravatar image

I really do not understand if we need the S3, EC2, TempAuth, SwiftAuth, tempauth staticweb, LDAP Auth, keystone staticweb, authtoken swiftauth, KeystoneAuth, Keystone SSL support, pki_setup, CacheAuth, Keystone auth_token middleware is a WSGI component, Cache TempAuth, and many more... Can the experts explain if these many are really required? How many totally authentications we have for Swift. I have found a few in proxy server setups... Your answer would be highly appreciated

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2013-06-27 23:03:43 -0600

creiht gravatar image

Swift has been around for quite a while, and has a legacy of supporting several auth systems. The beauty of a plugable system, is that you only have to use the one that suits your needs.

TempAuth: This is an overly simple auth system used primarily for development and trying out swift for the first time. It is not at all meant to be used for a production deployment. It only supports the V1 auth contract and only works for swift.

Swauth: This is an auth system that runs on top of swift. It was built to be a more scalable auth system that could be used for certain production workloads. It was built before an official Openstack auth system (Keystone) existed. It only supports the V1 auth contract and only works for swift.

Swift3: The swift3 middleware and associated auth pieces are made availabe to povide an S3 compatible interface on top of Swift. Amazon's auth protocol is very different from Openstack's and thus requires a different set of auth middleware.

Keystone: Keystone is the official Openstack auth solution that works across products. It has many backends and auth schemes, but I wouldn't be the person that could adequately describe them all. This is the recommended solution to use if you are using swift along with the rest of the Openstack suite.

Custom: Last but not least, it is very easy to write custom auth middleware. While swift is an integral part of Openstack, it is also deployed in many places outside of Openstack, and those deployments have their own custom auth middleware that integrates swift into their current systems.

I hope this helps.

edit flag offensive delete link more


Thank you. I had read that 14 types of Auths are available for swift. However you have briefed a few of the important auth methods. Keystone is the identity service that is primarily used across openstack systems.

raghavendra gravatar imageraghavendra ( 2013-06-28 00:47:48 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2013-06-26 09:54:28 -0600

Seen: 765 times

Last updated: Jun 27 '13