Viewing all changes in revision 1921.
- Committer: Tarmac
- Date: 2013-10-02 06:01:06 UTC
- mfrom: (1850.4.6 null-provider-storage-auth)
- Revision ID: tarmac-20131002060106-f82qybntd1vrxr53
[r=axwalk] Wire up authenticating httpstorage
There are two things happening here:
- httpstorage authentication changes
- wiring up to null provider/localstorage worker.
The httpstorage authentication mechanism has
changed to use an auth key (randomly generated
as part of the boilerplate), rather than client
certificates. This gives us more options for
using the storage, since now you don't need the
client to share the CA key.
Also, when serving HTTPS, HTTP is *also* provided,
but only for non-modifying operations. This allows
wget et al. to fetch files from the storage without
bypassing certificate validation. The HTTP interface
disallows modifying operations if there is an HTTPS
interface backing it. To get an HTTPS URL, a HEAD
request may be performed on the HTTP interface.
https://codereview.appspot.com/14011044/
There are two things happening here:
- httpstorage authentication changes
- wiring up to null provider/localstorage worker.
The httpstorage authentication mechanism has
changed to use an auth key (randomly generated
as part of the boilerplate), rather than client
certificates. This gives us more options for
using the storage, since now you don't need the
client to share the CA key.
Also, when serving HTTPS, HTTP is *also* provided,
but only for non-modifying operations. This allows
wget et al. to fetch files from the storage without
bypassing certificate validation. The HTTP interface
disallows modifying operations if there is an HTTPS
interface backing it. To get an HTTPS URL, a HEAD
request may be performed on the HTTP interface.
https://codereview.appspot.com/14011044/
- files added:
- worker/localstorage/config_test.go
- files modified:
- environs/httpstorage/backend.go
expand all
collapse all
added
removed
