OpenStack Swift TempAuth authentication prod usage
Question
Almost in every OpenStack Swift documentation is mentioned that TempAuth is a solution just for test non-prod environment (however it's fully functional).
The key reason to don't use this approach in prod that user-creds are stored in plain configuration file that decrease overall security for Object storage.
On the other hand if App is using Object Storage internally (so it's only stores files in the internal infrastructure) and authentication and authorization is provided by App itself it seems such approach might be suitable for production usage.
Could you please share any other drawbacks of TempAuth usage on prod environment taking into account that object storage is internal (or add additional arguments that it's ok :) )?
1 answers
solution1
0 2021-01-26 04:42:20
I think the problem with tempauth is that,it is built in module in the Swift, and cant be used as an external authentication module in distributed swift storage systems. but keystone can.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.