Domain Remap¶
Allows users to access accounts and containers using subdomains on the hostname. Available on Swift version 1.8 and greater.
While Domain Remap can be used with curl, it cannot be used with either the swift command line tool or the swiftclient library. It was designed for use only in situations that do not require authentication/authorization, for example with Container ACLs or TempURL middleware.
Browsers can convert a host header to lowercase, so with Swift 2.3.0.3 or later installed, the middleware compares the items in the reseller_prefixes config option to the found prefix. If they match except for case, the item from reseller_prefixes will be used instead of the found reseller prefix. When none match, the default reseller prefix is used. When no default reseller prefix is configured, any request with an account prefix not in that list will be ignored by this middleware.
Configuration¶
Click on the Domain Remap link on the Manage Cluster page Middleware tab to enable and configure the Domain Remap middleware.
storage_domain
Should be set to the same domain name as the Cluster API Hostname without including potential account and container names.
reseller_prefixes
A comma separated list of authentication types allowed to use this feature.
AUTH - for SwiftStack AuthLDAP - for LDAP-based Authentication for SwiftStackAuth (or value configured on its middleware page)KEY - for Keystone Auth (or the value configured on its middleware page)
default_reseller_prefix
A default reseller prefix to use when none of the configured reseller_prefixes match the host header in question.
Domain Remap with Container ACL¶
Set up Container ACLs.
curl -i https://AUTH-<account>.<api hostname>/<container>/<object>
$curl 'http://AUTH-bob.example.com/acl_container/contents.txt/' -H "Host: AUTH-bob.example.com" -i
HTTP/1.1 200 OK
Content-Length: 21
Accept-Ranges: bytes
Last-Modified: Mon, 23 Sep 2013 19:47:41 GMT
Etag: 097a3de0a7b21a03d5162125cb5cb7a0
X-Timestamp: 1379965661.25170
Content-Type: text/plain
X-Trans-Id: txf89f2debcdf7494abb8f1-0052409af3
Date: Mon, 23 Sep 2013 19:48:03 GMT
this is some contents
curl -i https://<container>.AUTH-<account>.<api hostname>/<object>
$curl 'http://acl_container.AUTH-bob.example.com/contents.txt/' -H "Host: acl_container.AUTH-bob.example.com" -i
HTTP/1.1 200 OK
Content-Length: 21
Accept-Ranges: bytes
Last-Modified: Mon, 23 Sep 2013 19:47:41 GMT
Etag: 097a3de0a7b21a03d5162125cb5cb7a0
X-Timestamp: 1379965661.25170
Content-Type: text/plain
X-Trans-Id: tx7d6ec305f42640ae9818f-0052409af3
Date: Mon, 23 Sep 2013 19:48:03 GMT
this is some contents
Domain Remap with TempURL¶
See Generating a URL for getting the TempURL. Be aware that you need to send the path with all of the parts, including the account and container. TempURL is evaluated after Domain Remap moves things from the host to the uri. Discard the output before the ? to get the query string.
curl -i https://AUTH-<account>.<api hostname>/<container>/<object><query string> --data-binary @<filename>
$curl 'http://AUTH-bob.example.com/tempurl_container/contents.txt?temp_url_sig=a2fc8874eedbc077cb8570e543a1dab851450b81&temp_url_expires=1379965990' -H "Host: AUTH-bob.example.com" -i
HTTP/1.1 200 OK
Content-Length: 21
Accept-Ranges: bytes
Last-Modified: Mon, 23 Sep 2013 19:47:41 GMT
Etag: 097a3de0a7b21a03d5162125cb5cb7a0
X-Timestamp: 1379965661.14964
Content-Type: text/plain
Content-Disposition: attachment; filename="contents.txt"
X-Trans-Id: tx64f6c7f9d6354004aebab-0052409af8
Date: Mon, 23 Sep 2013 19:48:08 GMT
this is some contents
curl -i -https://<container>.AUTH-<account>.<api hostname>/<object><query string> --data-binary @<filename>
$curl 'http://tempurl_container.AUTH-bob.example.com/contents.txt?temp_url_sig=a2fc8874eedbc077cb8570e543a1dab851450b81&temp_url_expires=1379965990' -H "Host: tempurl_container.AUTH-bob.example.com" -i
HTTP/1.1 200 OK
Content-Length: 21
Accept-Ranges: bytes
Last-Modified: Mon, 23 Sep 2013 19:47:41 GMT
Etag: 097a3de0a7b21a03d5162125cb5cb7a0
X-Timestamp: 1379965661.14964
Content-Type: text/plain
Content-Disposition: attachment; filename="contents.txt"
X-Trans-Id: txb06662bb1ec94a6c84975-0052409af8
Date: Mon, 23 Sep 2013 19:48:08 GMT
this is some contents
Note
The Hosts header must be present in the request. curl and most browsers do this automatically but it may not occur by default with all tools.
