Ask Your Question
0

Authentication Error using API on Grizzly

asked 2013-09-17 03:45:08 -0600

alessandro.portosa gravatar image

Hi guys, I'm trying to access to Nova using a REST client but everytime I got an "Authentication Required" response. My goal will be to access, foreach vServer, to its diagnostics info, but now I'm stucked far away from that. I'm using DevStack but I also tried with an another OpenStack manually installed.

My REST requests are (in order):

Method: POST, Url: http://172.16.0.1:5000/v2.0/tokens, Body: admin:password or demo:password

And i got a valid token.

Method: GET, Url: http://172.16.0.1:5000/v2.0/tenants, Header: X-Auth-Token:{token got previously}

And I got a list of tenants for that token; if I have understood right these tenants are the ones that I can handle with my token. Probably the are others but Keystone lists and gives me access only for the ones of which I have authority.

Method: GET, Url: http://172.16.0.1:8774/v2/{one_of_the_tenant_id_got_previously}/servers, Header: X-Auth-Token:{token got previously}

I'll expect to be able to get the lists of the servers but I'm not... When I try I got a response with this headers:

Status Code: 401 Unauthorized
Connection: keep-alive
Content-Length: 23
Content-Type: text/plain
Date: Mon, 16 Sep 2013 16:15:36 GMT
WWW-Authenticate: Keystone uri='http://172.16.0.1:35357'

And this body: Authentication required

I also tried to make the rest call with the command "cURL" instead of using the client but it's the same. Can someone please help me to figure it out?

Thanks

edit retag flag offensive close merge delete

Comments

Hi, did you check if the token is valid by trying any other request?

bvivek gravatar imagebvivek ( 2013-09-17 05:04:17 -0600 )edit

Well, in the first GET call the token is valid bacause I can get the list of the tenants (but I'm still asking to Keystone). I got the same error with others requests (a tried to use the Ceilometer API or Object Storage API)... Should I put anything into the request (header or body)?

alessandro.portosa gravatar imagealessandro.portosa ( 2013-09-17 08:44:13 -0600 )edit

I figured it out that I need to specify the tenantName when I want to obtain the token. But the API documentation says that the tenantName is OPTIONAL... it isn't in my case! Has anyone ever tried to obtain a token without specifying this parameter? Is it a bug or have I misunderstood something?

alessandro.portosa gravatar imagealessandro.portosa ( 2013-09-17 09:56:52 -0600 )edit

You should be able to authorize without a tenant so that you can get your tenants. You might have to authorize again with the tenant you want to use.

FreshPow gravatar imageFreshPow ( 2013-10-04 20:18:32 -0600 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-10-04 11:42:48 -0600

cloud gravatar image

Try sourcing this variable in the environment AUTH_TOKEN This did solve my error

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2013-09-17 03:45:08 -0600

Seen: 623 times

Last updated: Oct 04 '13

Related questions

Kilo install error: Create the service entity for the Identity service

problem in keystone token-get

Limiting VM access to admin_or_owner in Grizzly

'read_timeout' is an invalid keyword argument for this function

heat stack-list returns ERROR: Authentication required

Git-review error in sandbox [closed]

RuntimeError: Unable to create a new session key. It is likely that the cache is unavailable / Authorization failed. The request you have made requires authentication. from 10.0.0.11 [closed]

how to put a local file into instance in openstack?

Keystone authentication failure in a HA Setup

ERROR oslo.messaging._drivers.impl_rabbit [-] AMQP server on 192.168.0.106:5672 is unreachable: [Errno 111] ECONNREFUSED.