Comment 2 for bug 607512
Revision history for this message
| Vish Ishaya (vishvananda) wrote Re: Authorization not checked on objectstore | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Actually no.
The last paramater passed to authenticate is False, which tells authenticate not to check the signature. The reason for this from the legacy code is that authenticate was constructed to verify aws signatures and unfortunately s3 uses a completely different method for signing requests. Authenticate returns the proper user and project but does NOT currently check the signature for objectstore requests.
Authorize may need to reworked a bit because it needs a little more data for the s3 version, like content-type and md5. Docs here:
http://