Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 1ce2ffd15fbb9423cd5f705e10d34dee5e23a4d5^! / .
commit1ce2ffd15fbb9423cd5f705e10d34dee5e23a4d5[log] [tgz]
authorJoe H. Rahme <joe.hakim.rahme@enovance.com>Tue Oct 22 15:19:09 2013 +0200
committerJoe H. Rahme <joe.hakim.rahme@enovance.com>Fri Oct 25 17:26:47 2013 +0200
tree3254fe6e3ad3ccea81710c2ed5c9f769c974cc1c
parentff38d464e41db3d8f83c2b85b48f983e424f3a23 [diff]
Enables Swift crossdomain middleware by default

This step is needed to enable its testing in Tempest. The patch adds a
variable SWIFT_EXTRAS_MIDDLEWARE_NO_AUTH that holds a list of
middlewares inserted in the pipeline before authentication middlewares
(tempauth, keystoneauth, ...).

Change-Id: I1927103feff997a354ccf82ccf12aa77db083ad3

diff --git a/lib/swift b/lib/swift
index 6ab43c4..2b23e44 100644
--- a/lib/swift
+++ b/lib/swift

@@ -72,6 +72,10 @@
 # the end of the pipeline.
 SWIFT_EXTRAS_MIDDLEWARE_LAST=${SWIFT_EXTRAS_MIDDLEWARE_LAST}
 
+# Set ``SWIFT_EXTRAS_MIDDLEWARE_NO_AUTH`` to extras middlewares that need to be at
+# the beginning of the pipeline, before authentication middlewares.
+SWIFT_EXTRAS_MIDDLEWARE_NO_AUTH=${SWIFT_EXTRAS_MIDDLEWARE_NO_AUTH:-crossdomain}
+
 # The ring uses a configurable number of bits from a path’s MD5 hash as
 # a partition index that designates a device. The number of bits kept
 # from the hash is known as the partition power, and 2 to the partition
@@ -210,7 +214,7 @@
 
 # configure_swift() - Set config files, create data dirs and loop image
 function configure_swift() {
-    local swift_pipeline=" "
+    local swift_pipeline="${SWIFT_EXTRAS_MIDDLEWARE_NO_AUTH}"
     local node_number
     local swift_node_config
     local swift_log_dir
@@ -271,7 +275,7 @@
     # tempauth would be prefixed with the reseller_prefix setting TEMPAUTH_ the
     # token for keystoneauth would have the standard reseller_prefix AUTH_
     if is_service_enabled swift3;then
-        swift_pipeline=" swift3 s3token "
+        swift_pipeline+=" swift3 s3token "
     fi
     swift_pipeline+=" authtoken keystoneauth tempauth "
     sed -i "/^pipeline/ { s/tempauth/${swift_pipeline} ${SWIFT_EXTRAS_MIDDLEWARE}/ ;}" ${SWIFT_CONFIG_PROXY_SERVER}
@@ -283,6 +287,9 @@
     iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth reseller_prefix
     iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth reseller_prefix "TEMPAUTH"
 
+    # Configure Crossdomain
+    iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:crossdomain use "egg:swift#crossdomain"
+
     # Configure Keystone
     sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
     iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_host $KEYSTONE_AUTH_HOST