[
https://issues.apache.org/jira/browse/MESOS-2001?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14194059#comment-14194059
]
Till Toenshoff commented on MESOS-2001:
---------------------------------------
[~adam-mesos] need shepherd :)
> Authenticatee modules similar to Authenticator modules
> ------------------------------------------------------
>
> Key: MESOS-2001
> URL: https://issues.apache.org/jira/browse/MESOS-2001
> Project: Mesos
> Issue Type: Epic
> Components: modules
> Reporter: Till Toenshoff
>
> For covering a complete modules based authentication, we will need to allow
> for authenticatee modules just like we are with authenticator modules.
> h4.Motivation
> Allow for third parties to quickly develop and plug-in new authentication
> methods. The modularized Authenticatee API will lower the barrier for the
> community to provide new methods to Mesos. An example for such additional,
> next step module could be PAM (LDAP, MySQL, NIS, UNIX) backed authentication.
> cyrus-sasl2 itself already offers more than a half a dozen mechanisms via its
> standard plugins and these could be triggered by additional Authenticator /
> Authenticatee modules. cyrus-sasl2 does support even more mechanisms when
> being custom built (about a full dozen) but we do not want to bundle
> cyrus-sasl2 to enforce custom builds. Alternative authentication (especially
> non-SASL based) methods may bring in new dependencies that we don't want to
> enforce on all of our users. Mesos users may be required to use custom
> authentication techniques due to strict security policies.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
