Add support to swift_auth for tokenless authz

* Updates keystone.middleware.swift_auth to allow token-less (unauthenticated) access for container sync (bug 954030) and permitted referrers (bug 924578). Change-Id: Ieccf458c44dfe55f546dc15c79704800dad59ac0
author: Maru Newby <mnewby@internap.com> 2012-03-20 22:19:36 -0700
committer: Maru Newby <mnewby@internap.com> 2012-03-30 17:26:54 -0700
commit: 6ec1782dcc13b77eba14d7ff1ace6c9bca997dc5 (patch)
tree: 8141670f61b3985bf90a25d6b72c8a7012ed327a /doc/source
parent: f9c787148747c75f739d9ca555fa26c541752344 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/source/configuringservices.rst b/doc/source/configuringservices.rst
index 3782f360..2b0a5d2c 100644
--- a/doc/source/configuringservices.rst
+++ b/doc/source/configuringservices.rst
@@ -201,6 +201,9 @@ rather than it's built in 'tempauth'.
 
     [filter:authtoken]
     paste.filter_factory = keystone.middleware.auth_token:filter_factory
+    # Delaying the auth decision is required to support token-less
+    # usage for anonymous referrers ('.r:*').
+    delay_auth_decision = true
     service_port = 5000
     service_host = 127.0.0.1
     auth_port = 35357
author	Maru Newby <mnewby@internap.com>	2012-03-20 22:19:36 -0700
committer	Maru Newby <mnewby@internap.com>	2012-03-30 17:26:54 -0700
commit	6ec1782dcc13b77eba14d7ff1ace6c9bca997dc5 (patch)
tree	8141670f61b3985bf90a25d6b72c8a7012ed327a /doc/source
parent	f9c787148747c75f739d9ca555fa26c541752344 (diff)