GET and POST should not be free-requests by default (enabling of A&A does nothing until moved to authorize-requests)

author: mguetlein <martin.guetlein@gmail.com> 2012-01-03 13:20:18 +0100
committer: mguetlein <martin.guetlein@gmail.com> 2012-01-03 13:20:18 +0100
commit: fe3e3f88762df7cc57df76fe4d2a10602a3daa73 (patch)
tree: c57a37d74d6096d6a5225573b615aa8125f8c8f0
parent: a63be20d3b5df30a7ed51153831b4aaefb791611 (diff)
2 files changed, 4 insertions, 6 deletions
diff --git a/aa-local.yaml b/aa-local.yaml
index 260c72e..fe86a2e 100644
--- a/aa-local.yaml
+++ b/aa-local.yaml
@@ -3,15 +3,14 @@
 :authorization:
   :server: AA
   :free_request: #request-method not controlled by A&A
-    - "GET"
-    - "POST"
     - "HEAD"
     - "DELETE"
     - "PUT"
   :authenticate_request: #only for authenticated user
     - ""
   :authorize_request:  #only for authenticated and authorizeduser
-    - ""
+    - "GET"
+    - "POST"
 # Exceptions:
   :free_uris: #request-method for uri not controlled by A&A
     ? - :GET
diff --git a/aa-server.yaml b/aa-server.yaml
index 260c72e..fe86a2e 100644
--- a/aa-server.yaml
+++ b/aa-server.yaml
@@ -3,15 +3,14 @@
 :authorization:
   :server: AA
   :free_request: #request-method not controlled by A&A
-    - "GET"
-    - "POST"
     - "HEAD"
     - "DELETE"
     - "PUT"
   :authenticate_request: #only for authenticated user
     - ""
   :authorize_request:  #only for authenticated and authorizeduser
-    - ""
+    - "GET"
+    - "POST"
 # Exceptions:
   :free_uris: #request-method for uri not controlled by A&A
     ? - :GET
author	mguetlein <martin.guetlein@gmail.com>	2012-01-03 13:20:18 +0100
committer	mguetlein <martin.guetlein@gmail.com>	2012-01-03 13:20:18 +0100
commit	fe3e3f88762df7cc57df76fe4d2a10602a3daa73 (patch)
tree	c57a37d74d6096d6a5225573b615aa8125f8c8f0
parent	a63be20d3b5df30a7ed51153831b4aaefb791611 (diff)