treehouselabs / swift-bundle
Implementation of the OpenStack Swift protocol. Can be used for an object-store.
Installs: 4 441
Dependents: 0
Suggesters: 1
Security: 0
Stars: 1
Watchers: 4
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: >=5.5
- symfony/symfony: ~2.6
- treehouselabs/keystone-bundle: ~1.0
Requires (Dev)
- phpunit/phpunit: ~4.1
This package is auto-updated.
Last update: 2024-11-12 23:20:19 UTC
README
Implementation of the OpenStack Swift protocol. Can be used for an object-store.
Installation
Add dependency:
composer require treehouselabs/swift-bundle:~1.0
Enable bundles (the KeystoneBundle is a dependency for this bundle):
$bundles[] = new TreeHouse\KeystoneBundle\TreeHouseKeystoneBundle(); $bundles[] = new TreeHouse\SwiftBundle\TreeHouseSwiftBundle();
Configuration
If you haven't done so already, configure the KeystoneBundle. For more information check the documentation for that bundle. Then add the object store(s) to the Swift configuration.
# app/config/config.yml tree_house_keystone: user_class: Acme\DemoBundle\Entity\User services: cdn: type: object-store endpoint: http://cdn.acme.org/ tree_house_swift: stores: cdn: tree_house.keystone.service.cdn
Enable the routing:
# app/config/routing.yml cdn: resource: @TreeHouseSwiftBundle/Resources/config/routing.yml host: cdn.acme.org
By default, all the routes are secured with the ROLE_USER
expression, except for the head_object
and get_object
route.
You can override this expression for each individual route if you want to, or you can set the default expression in the
configuration:
# app/config/config.yml tree_house_swift: expression: ROLE_CDN_USER
Configure a firewall for the object store if you want to use token-based authentication. The bundle does not do this automatically, you have to configure it yourself. Fortunately it's really easy to do:
# app/config/security.yml security: firewalls: cdn: pattern: ^/ host: cdn.acme.org anonymous: true stateless: true simple_preauth: authenticator: tree_house.keystone.token_authenticator
That's it, now all the object-store requests will try to authenticate using a token. By setting the firewall to allow anonymous users we ensure that you don't have to authenticate to request an object (which is kind of the point of an object-store).