rgw: fix bucket logging AuthType field

author N Balachandran <nithya.balachandran@ibm.com>

Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)

committer N Balachandran <nithya.balachandran@ibm.com>

Thu, 17 Jul 2025 10:44:59 +0000 (16:14 +0530)
author N Balachandran <nithya.balachandran@ibm.com>
Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)
committer N Balachandran <nithya.balachandran@ibm.com>
Thu, 17 Jul 2025 10:44:59 +0000 (16:14 +0530)
diff --git a/doc/radosgw/bucket_logging.rst b/doc/radosgw/bucket_logging.rst

index 05f082f2f10f9d51277bc5215ec035c063766065..58e4189deb7d84fdf033bce032074cd0585a586c 100644 (file)
--- a/doc/radosgw/bucket_logging.rst
+++ b/doc/radosgw/bucket_logging.rst
@@ -241,7 +241,7 @@ based on `AWS Logging Record Format`_.
    - host id taken from "x-amz-id-2" (or dash if empty)
    - signature version (or dash if empty)
    - cipher suite (or dash if empty)
-  - authentication type (or dash if empty)
+  - authentication type ("AuthHeader" for regular auth, "QueryString" for presigned URL or dash if unauthenticated)
    - host header (or dash if empty)
    - TLS version (or dash if empty)
    - access point ARN (not supported, always a dash)
diff --git a/src/rgw/rgw_auth_s3.cc b/src/rgw/rgw_auth_s3.cc

index a60aebd480720315f3f97df94530af7d6ace6879..7cfb4ea64ec01b0291376d52bb4dcf4aaa16a961 100644 (file)
--- a/src/rgw/rgw_auth_s3.cc
+++ b/src/rgw/rgw_auth_s3.cc
@@ -1759,13 +1759,18 @@ void get_aws_version_and_auth_type(const req_state* s, string& aws_version, stri
        aws_version = "SigV2";
      }
    } else {
-    auth_type = "QueryString";
-    if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
+    if (!s->info.args.get("x-amz-credential").empty()) {
+      auth_type = "QueryString";
+      if (s->info.args.get("x-amz-algorithm") == AWS4_HMAC_SHA256_STR) {
        /* AWS v4 */
-      aws_version = "SigV4";
-    } else if (!s->info.args.get("AWSAccessKeyId").empty()) {
+       aws_version = "SigV4";
+      } else if (!s->info.args.get("AWSAccessKeyId").empty()) {
        /* AWS v2 */
-      aws_version = "SigV2";
+       aws_version = "SigV2";
+      }
+    } else {
+      // Unauthenticated
+      auth_type.clear();
      }
    }
  }
diff --git a/src/rgw/rgw_bucket_logging.cc b/src/rgw/rgw_bucket_logging.cc

index e96c71a808aa37a1bdea99702dc90c478b1f7119..1fadb903e2da407d782d6df7dab3a4803e404d1e 100644 (file)
--- a/src/rgw/rgw_bucket_logging.cc
+++ b/src/rgw/rgw_bucket_logging.cc
@@ -572,7 +572,7 @@ int log_record(rgw::sal::Driver* driver,
          s->info.x_meta_map.contains("x-amz-id-2") ? s->info.x_meta_map.at("x-amz-id-2") : "-",
          aws_version,
          s->info.env->get("SSL_CIPHER", "-"),
-        auth_type,
+        dash_if_empty(auth_type),
          dash_if_empty(fqdn),
          s->info.env->get("TLS_VERSION", "-"),
          "-", // no access point ARN
author	N Balachandran <nithya.balachandran@ibm.com>
	Fri, 4 Jul 2025 10:51:01 +0000 (16:21 +0530)
committer	N Balachandran <nithya.balachandran@ibm.com>
	Thu, 17 Jul 2025 10:44:59 +0000 (16:14 +0530)
doc/radosgw/bucket_logging.rst		patch \| blob \| history
src/rgw/rgw_auth_s3.cc		patch \| blob \| history
src/rgw/rgw_bucket_logging.cc		patch \| blob \| history