From 6b532096f6c72627dccb32fa49e8045d6afbdc6d Mon Sep 17 00:00:00 2001 From: Ziad Sawalha Date: Tue, 24 Jan 2012 13:03:32 -0600 Subject: Use Keystone Extension Syntax for EC2 Creds - Syntax is OS-KSEC2:ec2Credentials (not ec2Credentials) - adds to fix for bug 917408 - Syntax also requires a call to /tokens instead of /ec2tokens - Changes are compatible (old syntax supported) - Warning will be issued to log if URL syntax is old Change-Id: I5ff9d1643122de2f383517e60f15852720c54490 --- Authors | 1 + nova/api/ec2/__init__.py | 29 +++++++++++++++++++++-------- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/Authors b/Authors index 85cd5d751..ef89231cf 100644 --- a/Authors +++ b/Authors @@ -170,3 +170,4 @@ Yuriy Taraday Zed Shaw Zhixue Wu Zhongyue Luo +Ziad Sawalha diff --git a/nova/api/ec2/__init__.py b/nova/api/ec2/__init__.py index dfcddbc4e..3ee89c9c2 100644 --- a/nova/api/ec2/__init__.py +++ b/nova/api/ec2/__init__.py @@ -185,14 +185,27 @@ class EC2Token(wsgi.Middleware): # Not part of authentication args auth_params.pop('Signature') - # Authenticate the request. - creds = {'ec2Credentials': {'access': access, - 'signature': signature, - 'host': req.host, - 'verb': req.method, - 'path': req.path, - 'params': auth_params, - }} + if "ec2" in FLAGS.keystone_ec2_url: + LOG.warning("Configuration setting for keystone_ec2_url needs " + "to be updated to /tokens only. The /ec2 prefix is " + "being deprecated") + # Authenticate the request. + creds = {'ec2Credentials': {'access': access, + 'signature': signature, + 'host': req.host, + 'verb': req.method, + 'path': req.path, + 'params': auth_params, + }} + else: + # Authenticate the request. + creds = {'auth': {'OS-KSEC2:ec2Credentials': {'access': access, + 'signature': signature, + 'host': req.host, + 'verb': req.method, + 'path': req.path, + 'params': auth_params, + }}} creds_json = utils.dumps(creds) headers = {'Content-Type': 'application/json'} -- cgit