Hi All,

Correct me if I am wrong but I don't think you can configure the Keystone 
policy.json to allow public access to an API function, as far as I can tell you 
can allow access to any authenticated user regardless of role assignments but 
not public access.

My use case is a client which allows users to query for a list of supported 
identity providers / protocols so that the user can then select which provider 
to authenticate with - as the user is unauthenticated at the time of the query 
the request needs to allow public access to the 'List Identity Providers' API 
function.

I can remove the protected decorator from the required functions but this is a 
nasty hack.

I suggest that it should be possible to configure this kind of access rule on a 
deployment by deployment basis and I was just hoping to get some thoughts on 
this.

Many thanks,
Kristy
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to