Dell DX6004S DX Object Storage Application Guide - Page 55
Managing Security for Application, Developers
View all Dell DX6004S manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 55 highlights
Chapter 13. Managing Security for Application Developers This chapter discusses specific security-related tasks that must be performed by application developers. Before you continue, make sure you review the information discussed in Chapter 12, Introduction to Object Security. For more information about managing security for named objects, see the following topics: • Section 13.1, "What Application Developers Need to Know" • Section 13.4, "Examples of Creating Buckets and Named Objects" 13.1. What Application Developers Need to Know Your role is the application developer; for more information about all security roles, see Section 12.1, "About Security Roles". As an application developer, you need to know the following information before you create buckets and objects: • The name of your domain and whether or not it is the default cluster domain. Get this information from your cluster administrator. If your domain is the default cluster domain, you do not need to specify the domain name as the Host in your SCSP requests. • Whether or not your user account can create buckets in the domain, and any other restrictions on your user account. You can find this information yourself or you can get it from your domain manager. Note To determine whether a particular SCSP operation succeeds, DX Storage examines the following in order: 1. The admin query argument which, if present, bypasses other authorization methods. For more information about the admin query argument, see Section 17.2, "Administrative Override". 2. The operations allowed by the Allow header. For more information about the Allow header, see Chapter 17, Using the Allow Metadata Header. 3. The operations allowed to the realm specified in the Castor-Authorization header. 13.2. About Bucket Authorization To enable security on a bucket, you must append the bucket name to both the authorization specification and to the cluster node IP address. Copyright © 2010 Caringo, Inc. All rights reserved 50 Version 5.0 December 2010