As we saw in the previous sections, in order to access containers and objects, a valid auth token has to be sent in the X-Auth-Token
header with each request. Otherwise, an authorization failure code will be returned. In certain cases, access needs to be provided to other clients and applications for certain containers. Access can be provided by setting a metadata element for the container, called X-Container-Read
. The following paragraphs cover the setting of this Access Control List (ACL) for the cities
container.
First, let's list the container status that shows the lack of ACL. Run the following command with admin privileges (the admin user will have the permissions to run this command):
swift stat cities
The values of Read ACL
and Write ACL
in the following response indicate the lack of ACL:
Account: AUTH_8e43ee201cbc4b70bd8bb2f8ae10f025 Container: cities Objects: 3 Read ACL: Write ACL: Sync To:
When the tenant1:user1
user, who does not have access to this container, tries...