auth problems
in keystoneauth.py
267 def _authorize_
268 """"
269 Perform authorization for access that does not require a
270 confirmed identity.
271
272 :returns: A boolean if authorization is granted or denied. None if
273 a determination could not be made.
274 """
275 # Allow container sync.
276 if (req.environ.
277 and (req.environ[
278 req.headers.
279 and 'x-timestamp' in req.headers):
280 log_msg = 'allowing proxy %s for container-sync' % req.remote_addr
281 self.logger.
282 return True
283
284 # Check if referrer is allowed.
285 if swift_acl.
286 if obj or '.rlistings' in roles:
287 log_msg = 'authorizing %s via referer ACL' % req.referrer
288 self.logger.
289 return True
290 return False
My question is in line 290, why return False here but not let this run follow authorizing check? This request may be allowed by other condition.
This is a case here: https:/
same codes in tempauth, so what's the design idea here?
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- clayg
- Solved:
- Last query:
- Last reply: