Ask Your Question
0

Account HEAD failed: 401 Unauthorized [closed]

asked 2014-05-07 10:26:27 -0600

Deeptanshu gravatar image

updated 2014-08-19 12:39:46 -0600

briancline gravatar image

HI,

We have configured SWIFT as an object storage with HAVANA. All the services is working fine but we are not able to authenticate is with keystone. It is showing the below error. We have checked all the configuration but not able to figure out the issue.

Please help in providing the solution.

root@Storage:/etc/swift# swift stat Account HEAD failed: http://Storage.abc.com:8080/v1/AUTH_c.. . 401 Unauthorized

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by SamYaple
close date 2014-08-19 13:12:48.018591

Comments

There are 2 tokens involved. One is the user token and other is the service token. Easy way to debug is to hit keystone directly and find out which token is failing. Since all your services are fine, most probably the service token is the one that is failing.

Service user/ service tenant/ service password are in the swift.conf ( middleware configuration ). Check them

Haneef Ali gravatar imageHaneef Ali ( 2014-05-07 11:05:48 -0600 )edit

Hi,

Swift.conf only contain the below details. As per the docs there is no middleware configuration in the swift.conf.

========================================================================= [swift-hash]

random unique string that can never change (DO NOT LOSE)

swift_hash_path_suffix = fLIbertYgibbitZ

Deeptanshu gravatar imageDeeptanshu ( 2014-05-08 02:09:41 -0600 )edit
Which version  have you migrated from?  Once upon a time swift used to use swiauth which is different from keystone auth.  Was it using swauth before?

Don't you have something like this in your swfit configuration file?   If you have this, then there is a username/password defiend that needs to be validated. 

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = true

# cache directory for signing certificate
signing_dir = /etc/swift/keystone-signing

# auth_* settings refer to the Keystone server
auth_protocol = http
auth_host = <keystoen_host>
auth_port = 35357

# the service tenant and swift username and password created in Keystone
admin_tenant_name = service
admin_user = swift
admin_password = swift

Haneef Ali gravatar imageHaneef Ali ( 2014-05-08 09:32:25 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-05-13 03:58:44 -0600

Deeptanshu gravatar image

Hi,

Issue is resolved. There was some issue with the hostname resolution in case of proxy on swift.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-05-07 10:26:27 -0600

Seen: 2,308 times

Last updated: Aug 19 '14