Comment # 1 on bug 1061707 from Neil Rickert

In my opinion, it is a bug in NetworkManager together with unfortunate defaults
in KDE.

My understanding is that NetworkManager specifies the particular policy that
polkit will enforce.  And it is using the policy for shared connections.  It
should, instead, use the policy for setting up a single connection.

In any case, there's a workaround.  Go into the connection editor in KDE.  Edit
this connection.  Go to the security tab.  Look at the field where you enter
the connection key.  There should be two icons to the right.  One icon looks
like an eye.  The other looks like a diskette.  Click on the diskette icon. 
There should be a choice for where the encryption key is saved.  As I recall,
the three choices are: save for single user (that's kdewallet), save
unencrypted in a file, and enter the key each time.  What you want is to save
unencrypted in a file.  The actual file where it is save is managed by
NetworkManager, and readable only by root.  So it isn't as risky as it sounds.

You will need the root password to make these changes.   But, once changed, you
should not need the root password to connect in the future.