See also https://github.com/openstack/keystone for the standard OpenStack auth service.
Be sure to review the docs at: https://swauth.readthedocs.io/
Install Swauth with
sudo python setup.py installor
sudo python setup.py developor via whatever packaging system you may be using.
Alter your proxy-server.conf pipeline to have swauth instead of tempauth:
[pipeline:main] pipeline = catch_errors cache tempauth proxy-server
[pipeline:main] pipeline = catch_errors cache swauth proxy-server
Add to your proxy-server.conf the section for the Swauth WSGI filter:
[filter:swauth] use = egg:swauth#swauth set log_name = swauth super_admin_key = swauthkey
Be sure your proxy server allows account management:
[app:proxy-server] ... allow_account_management = true
Restart your proxy server
swift-init proxy reload
Initialize the Swauth backing store in Swift
swauth-prep -K swauthkey
Add an account/user
swauth-add-user -A http://127.0.0.1:8080/auth/ -K swauthkey -a test tester testing
Ensure it works
swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat -v
Web Admin Install
If you installed from packages, you'll need to cd to the webadmin directory the package installed. This is
/usr/share/doc/python-swauth/webadminwith the Lucid packages. If you installed from source, you'll need to cd to the webadmin directory in the source directory.
Upload the Web Admin files with
swift -A http://127.0.0.1:8080/auth/v1.0 -U .super_admin:.super_admin -K swauthkey upload .webadmin .
http://127.0.0.1:8080/auth/in your browser.
Swift3 Middleware Compatibility
Swift3 middleware can be used with
auth_type in swauth is configured to be Plaintext (default).
[pipeline:main] pipeline = catch_errors cache swift3 swauth proxy-server
It can be used with
auth_type set to Sha1/Sha512 too but with certain caveats
and security concern. Hence, s3 support is disabled by default and you have to
explicitly enable it in your configuration.
Refer to swift3 compatibility section
in documentation for further details