diff options
| author | Pavlo Shchelokovskyy <shchelokovskyy@gmail.com> | 2018-06-12 08:52:29 +0000 |
|---|---|---|
| committer | Pavlo Shchelokovskyy <shchelokovskyy@gmail.com> | 2018-06-12 10:57:08 +0000 |
| commit | 63cf3761bebe24c56d40ad8a894b3c5ee73866e6 (patch) | |
| tree | 70d07e8b1db580c98beb969aef8fe7c75fda736e /etc/heat | |
| parent | 970bc3bdf44918728f5ad21460b2ab3fa3677407 (diff) | |
| download | heat-63cf3761bebe24c56d40ad8a894b3c5ee73866e6.tar.gz | |
Restore auth-less version negotiation
change Change-Id: I097bf70431a999a0f6aa56079ffb5743b50d4d7f
inadvertently started to require (keystone) authentication
when accessing API root to get the API version document.
This breaks standard version negotiation (that usually does not require
auth) and also some monitoring / loadbalancing that used to check
returns on GET to API root.
Change-Id: If8f13def196442e6f28616e88972f28f8ec23d0d
Story: 2002531
Task: 22072
Diffstat (limited to 'etc/heat')
| -rw-r--r-- | etc/heat/api-paste.ini | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/etc/heat/api-paste.ini b/etc/heat/api-paste.ini index 3a2324f6e..883f36dfc 100644 --- a/etc/heat/api-paste.ini +++ b/etc/heat/api-paste.ini @@ -1,7 +1,7 @@ # heat-api pipeline [pipeline:heat-api] -pipeline = cors request_id faultwrap authurl authtoken context http_proxy_to_wsgi versionnegotiation osprofiler apiv1app +pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authtoken context osprofiler apiv1app # heat-api pipeline for standalone heat # ie. uses alternative auth backend that authenticates users against keystone @@ -12,7 +12,7 @@ pipeline = cors request_id faultwrap authurl authtoken context http_proxy_to_wsg # flavor = standalone # [pipeline:heat-api-standalone] -pipeline = cors request_id faultwrap authurl authpassword context http_proxy_to_wsgi versionnegotiation apiv1app +pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app # heat-api pipeline for custom cloud backends # i.e. in heat.conf: @@ -31,12 +31,12 @@ pipeline = cors request_id faultwrap noauth context http_proxy_to_wsgi versionne # heat-api-cfn pipeline [pipeline:heat-api-cfn] -pipeline = cors request_id ec2authtoken authtoken context http_proxy_to_wsgi cfnversionnegotiation osprofiler apicfnv1app +pipeline = cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken authtoken context osprofiler apicfnv1app # heat-api-cfn pipeline for standalone heat # relies exclusively on authenticating with ec2 signed requests [pipeline:heat-api-cfn-standalone] -pipeline = cors request_id ec2authtoken context http_proxy_to_wsgi cfnversionnegotiation apicfnv1app +pipeline = cors request_id http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app [app:apiv1app] paste.app_factory = heat.common.wsgi:app_factory |