OpenStack Compute (nova)

Merge lp:~rackspace-titan/nova/osapi-logging-lp752663 into lp:~hudson-openstack/nova/trunk

  1. osapi-logging-lp752663
  2. Merge into trunk
Proposed by Brian Lamar
Status: Merged
Approved by: Devin Carlen
Approved revision: 950
Merged at revision: 993
Proposed branch: lp:~rackspace-titan/nova/osapi-logging-lp752663
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 97 lines (+23/-2)
2 files modified
nova/api/openstack/auth.py (+18/-2)
nova/wsgi.py (+5/-0)
To merge this branch: bzr merge lp:~rackspace-titan/nova/osapi-logging-lp752663
Reviewer Review Type Date Requested Status
Devin Carlen (community) Approve
Jay Pipes (community) Approve
Brian Waldon (community) Approve
Review via email: mp+56633@code.launchpad.net

Commit message

Add additional logging for WSGI and OpenStack API authentication.

Description of the change

Add additional logging for WSGI and OpenStack API authentication.

To post a comment you must log in.
Revision history for this message
Brian Waldon (bcwaldon) wrote :

Looks good! This will definitely help with future API work.

27-28: This seems like a line that would be more useful through an HTTP response to the end user, not as a log.

review: Needs Information
Revision history for this message
Brian Lamar (blamar) wrote :

Took your suggestion and added message to 401 response.

Revision history for this message
Brian Waldon (bcwaldon) wrote :

Looks good.

review: Approve
Revision history for this message
Jay Pipes (jaypipes) wrote :

Much needed. Keep it up! :)

review: Approve
Revision history for this message
Devin Carlen (devcamcar) wrote :

nice

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'nova/api/openstack/auth.py'
2--- nova/api/openstack/auth.py 2011-03-17 18:03:18 +0000
3+++ nova/api/openstack/auth.py 2011-04-15 19:04:08 +0000
4@@ -55,6 +55,9 @@
5 user = self.get_user_by_authentication(req)
6 accounts = self.auth.get_projects(user=user)
7 if not user:
8+ token = req.headers["X-Auth-Token"]
9+ msg = _("%(user)s could not be found with token '%(token)s'")
10+ LOG.warn(msg % locals())
11 return faults.Fault(webob.exc.HTTPUnauthorized())
12
13 if accounts:
14@@ -66,6 +69,8 @@
15
16 if not self.auth.is_admin(user) and \
17 not self.auth.is_project_member(user, account):
18+ msg = _("%(user)s must be an admin or a member of %(account)s")
19+ LOG.warn(msg % locals())
20 return faults.Fault(webob.exc.HTTPUnauthorized())
21
22 req.environ['nova.context'] = context.RequestContext(user, account)
23@@ -82,12 +87,16 @@
24 # honor it
25 path_info = req.path_info
26 if len(path_info) > 1:
27- return faults.Fault(webob.exc.HTTPUnauthorized())
28+ msg = _("Authentication requests must be made against a version "
29+ "root (e.g. /v1.0 or /v1.1).")
30+ LOG.warn(msg)
31+ return faults.Fault(webob.exc.HTTPUnauthorized(explanation=msg))
32
33 try:
34 username = req.headers['X-Auth-User']
35 key = req.headers['X-Auth-Key']
36- except KeyError:
37+ except KeyError as ex:
38+ LOG.warn(_("Could not find %s in request.") % ex)
39 return faults.Fault(webob.exc.HTTPUnauthorized())
40
41 token, user = self._authorize_user(username, key, req)
42@@ -100,6 +109,7 @@
43 res.headers['X-CDN-Management-Url'] = token.cdn_management_url
44 res.content_type = 'text/plain'
45 res.status = '204'
46+ LOG.debug(_("Successfully authenticated '%s'") % username)
47 return res
48 else:
49 return faults.Fault(webob.exc.HTTPUnauthorized())
50@@ -139,6 +149,7 @@
51 try:
52 user = self.auth.get_user_from_access_key(key)
53 except exception.NotFound:
54+ LOG.warn(_("User not found with provided API key."))
55 user = None
56
57 if user and user.name == username:
58@@ -153,4 +164,9 @@
59 token_dict['user_id'] = user.id
60 token = self.db.auth_token_create(ctxt, token_dict)
61 return token, user
62+ elif user and user.name != username:
63+ msg = _("Provided API key is valid, but not for user "
64+ "'%(username)s'") % locals()
65+ LOG.warn(msg)
66+
67 return None, None
68
69=== modified file 'nova/wsgi.py'
70--- nova/wsgi.py 2011-04-06 21:26:50 +0000
71+++ nova/wsgi.py 2011-04-15 19:04:08 +0000
72@@ -43,6 +43,7 @@
73
74
75 FLAGS = flags.FLAGS
76+LOG = logging.getLogger('nova.wsgi')
77
78
79 class WritableLogger(object):
80@@ -346,6 +347,7 @@
81 arg_dict = req.environ['wsgiorg.routing_args'][1]
82 action = arg_dict['action']
83 method = getattr(self, action)
84+ LOG.debug("%s %s" % (req.method, req.url))
85 del arg_dict['controller']
86 del arg_dict['action']
87 if 'format' in arg_dict:
88@@ -361,6 +363,9 @@
89 response = webob.Response()
90 response.headers["Content-Type"] = content_type
91 response.body = body
92+ msg_dict = dict(url=req.url, status=response.status_int)
93+ msg = _("%(url)s returned with HTTP %(status)d") % msg_dict
94+ LOG.debug(msg)
95 return response
96 else:
97 return result