diff options
| author | Steve Martinelli <stevemar@ca.ibm.com> | 2015-09-18 03:13:43 -0400 |
|---|---|---|
| committer | Steve Martinelli <stevemar@ca.ibm.com> | 2015-09-18 11:51:55 -0400 |
| commit | 1bac1dfb0a71de4f28ca6aba36a39b1e4ca284d8 (patch) | |
| tree | 10af354a0cf55d55f3a1084907cd0c150184675d | |
| parent | 64f1de2c66495a8bd24e7cbd4b87782eabaa19f8 (diff) | |
| download | keystone-1bac1dfb0a71de4f28ca6aba36a39b1e4ca284d8.tar.gz | |
check if tokenless auth is configured before validating
we could reduce the amount of logging that the tokenless
validation performs by simply checking if there are any
trusted issuers before proceeding.
Change-Id: Idcbddf7bf87ada18ee44ae31878201f41c499c7c
Closes-Bug: #1497132
| -rw-r--r-- | keystone/middleware/core.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/keystone/middleware/core.py b/keystone/middleware/core.py index c065997e4..75be5b274 100644 --- a/keystone/middleware/core.py +++ b/keystone/middleware/core.py @@ -262,6 +262,9 @@ class AuthContextMiddleware(wsgi.Middleware): :returns: True if client_issuer is trusted; otherwise False """ + if not CONF.tokenless_auth.trusted_issuer: + return False + client_issuer = env.get(CONF.tokenless_auth.issuer_attribute) if not client_issuer: msg = _LI('Cannot find client issuer in env by the ' |