From fe3e3f88762df7cc57df76fe4d2a10602a3daa73 Mon Sep 17 00:00:00 2001
From: mguetlein <martin.guetlein@gmail.com>
Date: Tue, 3 Jan 2012 13:20:18 +0100
Subject: GET and POST should not be free-requests by default (enabling of A&A
 does nothing until moved to authorize-requests)

---
 aa-local.yaml  | 5 ++---
 aa-server.yaml | 5 ++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/aa-local.yaml b/aa-local.yaml
index 260c72e..fe86a2e 100644
--- a/aa-local.yaml
+++ b/aa-local.yaml
@@ -3,15 +3,14 @@
 :authorization:
   :server: AA
   :free_request: #request-method not controlled by A&A
-    - "GET"
-    - "POST"
     - "HEAD"
     - "DELETE"
     - "PUT"
   :authenticate_request: #only for authenticated user
     - ""
   :authorize_request:  #only for authenticated and authorizeduser
-    - ""
+    - "GET"
+    - "POST"
 # Exceptions:
   :free_uris: #request-method for uri not controlled by A&A
     ? - :GET
diff --git a/aa-server.yaml b/aa-server.yaml
index 260c72e..fe86a2e 100644
--- a/aa-server.yaml
+++ b/aa-server.yaml
@@ -3,15 +3,14 @@
 :authorization:
   :server: AA
   :free_request: #request-method not controlled by A&A
-    - "GET"
-    - "POST"
     - "HEAD"
     - "DELETE"
     - "PUT"
   :authenticate_request: #only for authenticated user
     - ""
   :authorize_request:  #only for authenticated and authorizeduser
-    - ""
+    - "GET"
+    - "POST"
 # Exceptions:
   :free_uris: #request-method for uri not controlled by A&A
     ? - :GET
-- 
cgit v1.2.3