[
https://issues.apache.org/jira/browse/MESOS-1889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Till Toenshoff updated MESOS-1889:
----------------------------------
Description:
h4. Motivation
Allow for third parties to quickly develop and plug-in new authentication
methods. The modularized Authenticator API will lower the barrier for the
community to provide new methods to Mesos. An example for such additional, next
step module could be PAM (LDAP, MySQL, NIS, UNIX) backed authentication.
cyrus-sasl2 itself already offers more than a half a dozen mechanisms via its
standard plugins and these could be triggered by additional Authenticator /
Authenticatee modules. cyrus-sasl2 does support even more mechanisms when being
custom built (about a full dozen) but we do not want to bundle cyrus-sasl2 to
enforce custom builds. Alternative authentication (especially non-SASL based)
methods may bring in new dependencies that we don't want to enforce on all of
our users. Mesos users may be required to use custom authentication techniques
due to strict security policies.
h4. Breakdown
- [Interface Design|https://issues.apache.org/jira/browse/MESOS-1891]
- [Location and Naming|https://issues.apache.org/jira/browse/MESOS-1893]
- [Tests|https://issues.apache.org/jira/browse/MESOS-1894]
was:
Breaking this down into several tickets for allowing dedicated discussions
where needed.
- [Interface Design|https://issues.apache.org/jira/browse/MESOS-1891]
- [Location and Naming|https://issues.apache.org/jira/browse/MESOS-1893]
- [Tests|https://issues.apache.org/jira/browse/MESOS-1894]
> Create an Authenticator Module
> ------------------------------
>
> Key: MESOS-1889
> URL: https://issues.apache.org/jira/browse/MESOS-1889
> Project: Mesos
> Issue Type: Improvement
> Components: modules
> Reporter: Till Toenshoff
>
> h4. Motivation
> Allow for third parties to quickly develop and plug-in new authentication
> methods. The modularized Authenticator API will lower the barrier for the
> community to provide new methods to Mesos. An example for such additional,
> next step module could be PAM (LDAP, MySQL, NIS, UNIX) backed authentication.
> cyrus-sasl2 itself already offers more than a half a dozen mechanisms via its
> standard plugins and these could be triggered by additional Authenticator /
> Authenticatee modules. cyrus-sasl2 does support even more mechanisms when
> being custom built (about a full dozen) but we do not want to bundle
> cyrus-sasl2 to enforce custom builds. Alternative authentication (especially
> non-SASL based) methods may bring in new dependencies that we don't want to
> enforce on all of our users. Mesos users may be required to use custom
> authentication techniques due to strict security policies.
> h4. Breakdown
> - [Interface Design|https://issues.apache.org/jira/browse/MESOS-1891]
> - [Location and Naming|https://issues.apache.org/jira/browse/MESOS-1893]
> - [Tests|https://issues.apache.org/jira/browse/MESOS-1894]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
