From c7027c1ff515641ab31a8491431bb991994d4a46 Mon Sep 17 00:00:00 2001 From: Jesse Pretorius Date: Fri, 17 Jun 2016 10:19:57 +0100 Subject: [PATCH] Update paste, policy and rootwrap configurations 2016-06-17 Change-Id: Ie5de79079318cd6d0e38e6d68d990ba544f2556c --- templates/glance-api-paste.ini.j2 | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/templates/glance-api-paste.ini.j2 b/templates/glance-api-paste.ini.j2 index 59451acd..bc9a57db 100644 --- a/templates/glance-api-paste.ini.j2 +++ b/templates/glance-api-paste.ini.j2 @@ -1,38 +1,38 @@ # Use this pipeline for no auth or image caching - DEFAULT [pipeline:glance-api] -pipeline = cors healthcheck versionnegotiation osprofiler unauthenticated-context rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp # Use this pipeline for image caching and no auth [pipeline:glance-api-caching] -pipeline = cors healthcheck versionnegotiation osprofiler unauthenticated-context cache rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp # Use this pipeline for caching w/ management interface but no auth [pipeline:glance-api-cachemanagement] -pipeline = cors healthcheck versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp # Use this pipeline for keystone auth [pipeline:glance-api-keystone] -pipeline = cors healthcheck versionnegotiation osprofiler authtoken context rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp # Use this pipeline for keystone auth with image caching [pipeline:glance-api-keystone+caching] -pipeline = cors healthcheck versionnegotiation osprofiler authtoken context cache rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp # Use this pipeline for keystone auth with caching and cache management [pipeline:glance-api-keystone+cachemanagement] -pipeline = cors healthcheck versionnegotiation osprofiler authtoken context cache cachemanage rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp # Use this pipeline for authZ only. This means that the registry will treat a # user as authenticated without making requests to keystone to reauthenticate # the user. [pipeline:glance-api-trusted-auth] -pipeline = cors healthcheck versionnegotiation osprofiler context rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp # Use this pipeline for authZ only. This means that the registry will treat a # user as authenticated without making requests to keystone to reauthenticate # the user and uses cache management [pipeline:glance-api-trusted-auth+cachemanagement] -pipeline = cors healthcheck versionnegotiation osprofiler context cache cachemanage rootapp +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp [composite:rootapp] paste.composite_factory = glance.api:root_app_factory @@ -85,3 +85,6 @@ enabled = yes #DEPRECATED paste.filter_factory = oslo_middleware.cors:filter_factory oslo_config_project = glance oslo_config_program = glance-api + +[filter:http_proxy_to_wsgi] +paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory