36 lines
1.2 KiB
INI
36 lines
1.2 KiB
INI
# Use this pipeline for no auth - DEFAULT
|
|
[pipeline:glance-registry]
|
|
#pipeline = osprofiler unauthenticated-context registryapp
|
|
pipeline = authtoke context registryapp
|
|
|
|
# Use this pipeline for keystone auth
|
|
[pipeline:glance-registry-keystone]
|
|
pipeline = osprofiler authtoken context registryapp
|
|
|
|
# Use this pipeline for authZ only. This means that the registry will treat a
|
|
# user as authenticated without making requests to keystone to reauthenticate
|
|
# the user.
|
|
[pipeline:glance-registry-trusted-auth]
|
|
pipeline = osprofiler context registryapp
|
|
|
|
[app:registryapp]
|
|
paste.app_factory = glance.registry.api:API.factory
|
|
|
|
[filter:context]
|
|
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
|
|
|
|
[filter:unauthenticated-context]
|
|
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
|
|
|
[filter:authtoken]
|
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
|
identity_uri = http://{{ keystone_ip }}:{{ keystone_admin_port }}
|
|
admin_user = {{ keystone_admin_user }}
|
|
admin_tenant_name = {{ keystone_admin_tenant }}
|
|
admin_password = {{ keystone_admin_password }}
|
|
|
|
[filter:osprofiler]
|
|
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
|
hmac_keys = SECRET_KEY
|
|
enabled = yes
|