incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Prachi Damle" <prachi.da...@citrix.com>
Subject Re: Review Request: [EC2 Query API] Remove the registration step since query API does not require the certificate.
Date Thu, 31 Jan 2013 19:58:41 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8742/#review15971
-----------------------------------------------------------

Ship it!


This achieves user registration fidelity with AWS, important to have! Looks good.

- Prachi Damle


On Dec. 21, 2012, 1:04 p.m., Likitha Shetty wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/8742/
> -----------------------------------------------------------
> 
> (Updated Dec. 21, 2012, 1:04 p.m.)
> 
> 
> Review request for cloudstack, Prachi Damle, Chiradeep Vittal, and Sebastien Goasguen.
> 
> 
> Description
> -------
> 
> While checking if the user keys exists and also while retrieving the secret-key for signature
generation (Query API only), make a change to directly check in the 'cloud' DB instead of
the 'cloudbridge' DB.
> With this change user will not require to register the keys before making EC2 Query API
calls against CS. The registration process to make EC2 SOAP API calls will remain the same.
> 
> 
> This addresses bug CLOUDSTACK-695.
> 
> 
> Diffs
> -----
> 
>   awsapi/src/com/cloud/bridge/model/CloudStackUserVO.java PRE-CREATION 
>   awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDao.java PRE-CREATION 
>   awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java PRE-CREATION 
>   awsapi/src/com/cloud/bridge/service/EC2RestServlet.java 4f74873 
> 
> Diff: https://reviews.apache.org/r/8742/diff/
> 
> 
> Testing
> -------
> 
> Manual testing done
> 
> Changed 'enable.ec2.api' flag value to true
> Generated user api-key and secret-key using CS UI
> 
> 1) Using python boto client established a connection to CS AWSAPI 
> 1. using the right keys,
>     a. Made an ec2 api call - get_all_images() - Successfully returned the images
> 2. using the wrong api key, 
>     a. Made an ec2 api call - get_all_images() - Returned error 'No secret key found
for the access key'
> 3. using the the wrong secret key,
>     a. Made an ec2 api call - get_all_images() - Returned error 'Signature mismatch'

> 2) Encrypted the DB and tried the above steps - Obtained the same results
> 
> 3) Performed the registration required for SOAP calls using cloudstack-aws-api-register
script
>    Made ec2 soap api call - ec2_describe_images - Successfully returned the images
> 
> 
> Thanks,
> 
> Likitha Shetty
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message