treehouselabs/swift-bundle

Implementation of the OpenStack Swift protocol. Can be used for an object-store.

Installs: 4 441

Dependents: 0

Suggesters: 1

Security: 0

Stars: 1

Watchers: 4

Forks: 0

Open Issues: 0

Type:symfony-bundle

v1.0.0 2015-04-28 08:15 UTC

This package is auto-updated.

Last update: 2024-11-12 23:20:19 UTC


README

Implementation of the OpenStack Swift protocol. Can be used for an object-store.

Build Status Scrutinizer Code Quality Code Coverage

Installation

Add dependency:

composer require treehouselabs/swift-bundle:~1.0

Enable bundles (the KeystoneBundle is a dependency for this bundle):

$bundles[] = new TreeHouse\KeystoneBundle\TreeHouseKeystoneBundle();
$bundles[] = new TreeHouse\SwiftBundle\TreeHouseSwiftBundle();

Configuration

If you haven't done so already, configure the KeystoneBundle. For more information check the documentation for that bundle. Then add the object store(s) to the Swift configuration.

# app/config/config.yml
tree_house_keystone:
  user_class: Acme\DemoBundle\Entity\User
  services:
    cdn:
      type: object-store
      endpoint: http://cdn.acme.org/

tree_house_swift:
  stores:
    cdn: tree_house.keystone.service.cdn

Enable the routing:

# app/config/routing.yml
cdn:
  resource: @TreeHouseSwiftBundle/Resources/config/routing.yml
  host:     cdn.acme.org

By default, all the routes are secured with the ROLE_USER expression, except for the head_object and get_object route. You can override this expression for each individual route if you want to, or you can set the default expression in the configuration:

# app/config/config.yml
tree_house_swift:
  expression: ROLE_CDN_USER

Configure a firewall for the object store if you want to use token-based authentication. The bundle does not do this automatically, you have to configure it yourself. Fortunately it's really easy to do:

# app/config/security.yml
security:
  firewalls:
    cdn:
      pattern:   ^/
      host:      cdn.acme.org
      anonymous: true
      stateless: true
      simple_preauth:
        authenticator: tree_house.keystone.token_authenticator

That's it, now all the object-store requests will try to authenticate using a token. By setting the firewall to allow anonymous users we ensure that you don't have to authenticate to request an object (which is kind of the point of an object-store).