Versions Compared

Old Version 3

changes.mady.by.user Kyle Miller

Saved on

compared with

New Version 4

changes.mady.by.user Kyle Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This section describes how to adapt native Swarm storage applications to use Content Gateway.

Table of Contents

Requirements

  • Supply storage domain name in all requests

  • Use HTTP basic authentication instead of digest

  • Use Gateway ACL system instead of native Swarm auth/auth

  • Do not use Integrity Seal hash-type upgrade through Gateway

Info
title

Tip

When integrating with Gateway, applications do not need to handle the HTTP 100-continue or redirect semantics that Swarm clients must include: the Gateway operates as a reverse proxy and will correctly use 100-continue when communicating with Swarm and hides all redirects from the upstream client.

Domains

Because Gateway is performing access control and validation for all operations, every content request must identify the storage domain for which the request is destined. The order of precedence for specifying the storage domain is:

  1. Query argument: domain=X, else

  2. HTTP X-Forwarded-Host header, else

  3. HTTP request Host header value.

While some native integrations with Swarm are rigorous in specifying the storage domain, Swarm is permissive of requests that do not specify one. Swarm also has additional precedence rules for assigning the storage domain; these are not compatible with requests handled through Gateway. When using Gateway, an application must specify the storage domain explicitly using one of the listed methods.

Authentication

Because It is common to require client applications to authenticate requests because Gateway is often deployed in access-controlled environments, it is common to require client applications to authenticate their requests. While applications that previously integrated with Swarm may not have chosen to include provisions for authenticating their requests, it is required to provide for HTTP basic authentication when integrating with the Content Gateway.

title
Info

Deprecated

The native Swarm auth/auth feature is deprecated and will be removed after June 2017. If you are using Swarm's native auth/auth for your applications, you must add security.noauth = False now in order to continue using the native auth/auth.

...