Put staticweb middleware after keystoneauth in proxy pipeline

The staticweb middleware needs to be put after authentication
middlewares to ensure correct functionality as documented in
http://docs.openstack.org/developer/swift/middleware.html#staticweb

Without this Swift sends a HTML response even if the request was done
using a X-Auth-Token. This might result in a faulty handling of the response on
the client side; for example, "swift stat containername" would report an empty,
private container, while the container might actually be public readable with
data stored in it.

Closes-bug: 1494896
Change-Id: Id48840e0041f8d272e08def292fbedfaf76bbfbb
Co-Authored-By: Christian Schwede <cschwede@redhat.com>

diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 4b8711d..3c5697e 100644 (file)
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -51,9 +51,9 @@ swift::proxy::pipeline:
   - 'ratelimit'
   - 'tempurl'
   - 'formpost'
-  - 'staticweb'
   - 'authtoken'
   - 'keystone'
+  - 'staticweb'
   - 'proxy-logging'
   - 'proxy-server'