Dell DX6004S DX Object Storage Administration Guide - Page 23
Using Override to Resolve, Authorization Specification Issues
View all Dell DX6004S manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 23 highlights
Option Protection Setting Domain Managers Description Domain naming rules are discussed in Section 4.5, "Domain Naming Rules". Renaming an existing domain is supported only using the Admin Console. All protection settings enable domain managers to maintain their own user list and the domain user list. The difference between protection settings is which realms can POST to the domain (that is, create buckets). Click one of the following: • All Users. No authentication required: Any user can create buckets in the domain without authenticating. Domain managers control their own user list and the domain user list. Application developers can enforce security on objects and buckets. • Only users in this domain: Enables users in this domain to post to the domain. • Only users in domain: Enables users in the specified domain to post to this domain. Each protection settings is specified as a CastorAuthorization header in the form: Castor-Authorization: domain-name/_administrators, post=domain-name, where domain-name is blank if you choose the "all users" protection setting. For more information about the Castor-Authorization header, see the DX Object Storage Application Guide. Domain managers have the ability to manage their own user list and user lists in the tenant's domain. To add a new administrator, click Add Domain Manager. To edit an existing manager, click Edit next to the administrator's manager. Note: Domain manager names can consist of ASCII characters only and cannot include a colon character (:). Note If Custom Policy displays for Protection Setting, a tenant administrator has altered the Castor-Authorization header for the _administrators bucket. If you are trying to troubleshoot an issue with users being able to access objects in a domain, try setting the protection setting back to its default. Examples of modifying the CastorAuthorization header are shown in Section 4.7.1.3, "Using Override to Resolve Authorization Specification Issues". 6. If you are adding or editing a domain manager, enter or edit the following information: Copyright © 2010 Caringo, Inc. All rights reserved 18 Version 5.0 December 2010