Dell DX6000 Application Manual
Download Application manual of Dell DX6000 Desktop, Server for Free or View it Online on All-Guides.com.
Brand: Dell
Category: Desktop , Server , Software , Storage
Type: Application manual
Model: Dell DX6000 , Dell DX6004S , Dell DX6012S
Pages: 81 (0.65 Mb)
Copyright © 2010 Caringo, Inc.
All rights reserved 48
Version 5.0
December 2010
5. If the search returns no realms,DX Storage continues to execute the method without further
authentication or authorization.
If the search finds a security realm:
1. DX Storage examines the request headers (not the object metadata) to determine if the request
headers include an HTTP Authorization header.
2. If the same privilege is granted to two realms, the first realm specified is granted the privilege.
3. If the search finds a realm against which to authorize, DX Storage immediately attempts to
validate the credentials found in the Castor-Authorization header against one of the users
and credentials found in that realm.
If no user credentials are included in the client request, DX Storage challenges the client with a
WWW-Authenticate header as discussed in RFC 2617. Any other issues with authorization must
be resolved by your cluster administrator.
12.6. Creating Realms
This section discusses how to create a realm and associate it with a bucket in the cluster. Before
continuing, make sure you review the information discussed in Section 12.2, “Security Realm
Overview”.
A realm is a collection of user credentials, each of which includes an MD5 hash. It is computed
from the string username:realm:password. You can compute the realm using a programming
language, or a utility like Apache htdigest or md5sum.
htdigest is provided as part of the Apache distribution.
Note
User names cannot contain a colon character (:). Realm names cannot contain a colon
character (:) or a comma character (,).
An example of creating a bucket realm follows:
htdigest -c cluster_example_com_bucket cluster.example.com/bucket
fred.jones
New password:
Re-type new password:
htdigest cluster_example_com_bucket cluster.example.com/bucket sarah.smith
New password:
Re-type new password:
The preceding command creates a password file named cluster_example_com_mybucket with
the following contents:
fred.jones:cluster.example.com/mybucket:2424db9aa9a308b53f914176d9d14676
sarah.smith:cluster.example.com/mybucket:edaf3c313de4af2877bf08546856242b