rgw: fix bucket logging AuthType field

author N Balachandran <nithya.balachandran@ibm.com>

Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)

committer N Balachandran <nithya.balachandran@ibm.com>

Tue, 8 Jul 2025 03:25:16 +0000 (08:55 +0530)
author N Balachandran <nithya.balachandran@ibm.com>
Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)
committer N Balachandran <nithya.balachandran@ibm.com>
Tue, 8 Jul 2025 03:25:16 +0000 (08:55 +0530)
diff --git a/doc/radosgw/bucket_logging.rst b/doc/radosgw/bucket_logging.rst

index 9a1ca46182a4ecad47bd18cf362f9b9e3803abee..09425ee55675c339814ce38f312aa5f172069d78 100644 (file)
--- a/doc/radosgw/bucket_logging.rst
+++ b/doc/radosgw/bucket_logging.rst
@@ -241,7 +241,7 @@ based on `AWS Logging Record Format`_.
    - host id taken from "x-amz-id-2" (or dash if empty)
    - signature version (or dash if empty)
    - cipher suite (or dash if empty)
-  - authentication type (or dash if empty)
+  - authentication type ("AuthHeader" for regular auth, "QueryString" for presigned URL or dash if unauthenticated)
    - host header (or dash if empty)
    - TLS version (or dash if empty)
    - access point ARN (not supported, always a dash)
diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc

index 8e243d89ce6ee4f423ce47a425f42927e62f2511..8de07e566c43454162c2229b262b22d371520a59 100644 (file)
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -1757,13 +1757,18 @@ void get_aws_version_and_auth_type(const req_state* s, string& aws_version, stri
        aws_version = "SigV2";
      }
    } else {
-    auth_type = "QueryString";
-    if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
+    if (!s->info.args.get("x-amz-credential").empty()) {
+      auth_type = "QueryString";
+      if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
        /* AWS v4 */
-      aws_version = "SigV4";
-    } else if (!s->info.args.get("AWSAccessKeyId").empty()) {
+       aws_version = "SigV4";
+      } else if (!s->info.args.get("AWSAccessKeyId").empty()) {
        /* AWS v2 */
-      aws_version = "SigV2";
+       aws_version = "SigV2";
+      }
+    } else {
+      // Unauthenticated
+      auth_type.clear();
      }
    }
  }
diff --git a/src/rgw/rgw_bucket_logging.cc b/src/rgw/rgw_bucket_logging.cc

index e96c71a808aa37a1bdea99702dc90c478b1f7119..1fadb903e2da407d782d6df7dab3a4803e404d1e 100644 (file)
--- a/src/rgw/rgw_bucket_logging.cc
+++ b/src/rgw/rgw_bucket_logging.cc
@@ -572,7 +572,7 @@ int log_record(rgw::sal::Driver* driver,
          s->info.x_meta_map.contains("x-amz-id-2") ? s->info.x_meta_map.at("x-amz-id-2") : "-",
          aws_version,
          s->info.env->get("SSL_CIPHER", "-"),
-        auth_type,
+        dash_if_empty(auth_type),
          dash_if_empty(fqdn),
          s->info.env->get("TLS_VERSION", "-"),
          "-", // no access point ARN
author	N Balachandran <nithya.balachandran@ibm.com>
	Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)
committer	N Balachandran <nithya.balachandran@ibm.com>
	Tue, 8 Jul 2025 03:25:16 +0000 (08:55 +0530)
doc/radosgw/bucket_logging.rst		patch \| blob \| history
src/rgw/rgw_auth_s3.cc		patch \| blob \| history
src/rgw/rgw_bucket_logging.cc		patch \| blob \| history