[
https://issues.apache.org/jira/browse/AURORA-351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14135040#comment-14135040
]
Ben McCann commented on AURORA-351:
-----------------------------------
I'm currently investigating Marathon & Aurora as solutions to setup a cluster.
I've noticed that neither currently has the auth support that I'd like and I
investigated for quite awhile how to implement auth in Marathon. I also arrived
at Shiro as probably the best solution for providing user configurable
authentication and actually just submitted a pull request to add Shiro auth
support to Marathon here: https://github.com/mesosphere/chaos/pull/15. Having
just dug into Shiro quite a bit I can perhaps answer some questions about it if
you have any.
Can you get the ServletContext from
JettyHttpServerDispatch.getRootContext().getServletContext()?
I'm looking to use SAML for SSO instead of SPNEGO. Shiro integrates with the
pac4j authentication library via buji-pac4j, so SAML is already supported for
me. If you wanted to add SPNEGO support then adding it to pac4j may be a good
way to do that (actually I see that pac4j has an NtlmAuthenticationHandler, but
I'm guessing you're wanting Kerberos).
> Consider using Apache Shiro for scheduler Authentication and Authorization
> --------------------------------------------------------------------------
>
> Key: AURORA-351
> URL: https://issues.apache.org/jira/browse/AURORA-351
> Project: Aurora
> Issue Type: Story
> Components: Scheduler, Security
> Reporter: Kevin Sweeney
> Assignee: Kevin Sweeney
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
