OpenStack Object Storage (swift)

Write an object into a Public-readable container's object with another user credentials is raising 403(Forbidden) exception, what should be the correct exception

Asked by Harika Vakadi

After making a container public readable , I am trying to create an object with in the same container, this action is raising 403(Forbidden) exception , here I have a doubt regarding the excepted exception, should it be 403 or 401?

Please confirm, ASAP.

Thanks in advance,
Harika

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Object Storage (swift) Edit question
Assignee:
No assignee Edit question
Solved by:
Samuel Merritt
Solved:
Last query:
Last reply:
Revision history for this message
Best Samuel Merritt (torgomatic) said : 		#1

From RFC 2616:

    10.4.2 401 Unauthorized

       The request requires user authentication. The response MUST include a
       WWW-Authenticate header field (section 14.47) containing a challenge
       applicable to the requested resource. The client MAY repeat the
       request with a suitable Authorization header field (section 14.8) [...]

That's not right. The request is already authenticated; you said you're using another user's credentials.

    10.4.4 403 Forbidden

       The server understood the request, but is refusing to fulfill it.
       Authorization will not help and the request SHOULD NOT be repeated.

Swift knows what you're trying to do, but access control doesn't allow it. You're already authenticated, so there's nothing else to do. The request is not allowed, hence 403.

Revision history for this message
Harika Vakadi (harika-vakadi) said : 		#2

Thanks Samuel Merritt, that solved my question.