Object API Features and Middleware

SwiftStack provides several middleware options, which can be enabled in the SwiftStack Controller console. Once enabled, the selected middleware will be installed and set up in your SwiftStack cluster next time you Deploy Config.

../_images/available-middleware.png

Note

The lowest Swift version running in your cluster determines which middlewares are available. We always recommend you run the latest version of Swift.

The following middleware options are currently available:

SwiftStack Auth Always on, a fast flat-file is deployed on each node to authenticate users using hashed passwords.
Account Quotas This provides a system administrator the ability to limit how many bytes data can be stored in a Swift account. Swift version >= 1.8
Bulk Operations Enables uploading and deleting many objects with just one request. Swift version >= 1.8
Container Quotas This provides users the ability to limit how much data is stored in a single container. It provides a safety measure for public and dropbox-style containers. This gives users the ability to limit containers by total bytes stored or by the number of objects in the container. Swift version >= 1.8
Cross Domain Configures what domains client requests may originate from, and whether they must be secure. Swift version >= 1.8
Domain Remap Allows users to access accounts and containers using subdomains on the hostname. Swift version >= 1.8
Encryption Middleware Encryption middleware must be deployed in conjunction with the Keymaster middleware. Implements middleware for object encryption.
Keymaster Middleware Keymaster middleware must be deployed in conjunction with the Encryption middleware. Implements key management for object encryption.
KMIP Keymaster Middleware KMIP Keymaster middleware must be deployed in conjunction with the Encryption middleware. Implements key management for object encryption using and external KMS server.
FormPost Translates a browser form post into a regular Swift object PUT.
Keystone Auth Required for Keystone Authentication/Authorization (along with the "Keystone Auth Token Support" middleware).
Keystone Auth Token Required for Keystone Authentication/Authorization (along with the "Keystone Auth" middleware).
LDAP-based Authentication for SwiftStackAuth An extension to SwiftStack Auth which allows organizations to authenticate users against their internal LDAP based on individual or group membership.
Name Check A filter that disallows any paths that contain defined forbidden characters or that exceed a defined length.
Rate Limit Limit the number of write operations (PUT, DELETE) to an account.
Static Large Object Allows the user to upload many objects concurrently and afterwards download them as a single object. A user defined manifest of the object segments is used. Swift version >= 1.8
Static Web Web Server Gateway Interface (WSGI) middleware which serves container data as a static web site with index file and error file resolution and optional file listings. Static Web can be used both for anonymous and authenticated requests.
S3 API Support Access SwiftStack via the Amazon S3 API.
TempURL Allows URLs to be created to provide temporary access to objects. This may be handy when needing to provide download link for large objects from a Swift account which does not have public access.
Delegated Authorization Allows an external Permit webservice to disallow certain requests based on opaque headers provided by Swift clients.
Cross-Cluster Shunting Allow certain requests to be proxied to an existing Swift cluster while performing a migration Swift version >= 2.3.0.4
Auth Negotiation For Swift Shunt Allow certain requests to be proxied to an existing Swift cluster while performing a migration Swift version >= 2.3.0.4