[
https://issues.apache.org/jira/browse/MESOS-907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14697476#comment-14697476
]
Vinod Kone commented on MESOS-907:
----------------------------------
The beta version of the scheduler API is slated to land in 0.24.0 (ETA of
release ~week). So it's probably worthwhile to just add GSSAPI support to HTTP
instead of the current SASL base auth. This would be a good carrot for
frameworks to move to the new API.
That said the old api (scheduler driver and SASL) is probably going to stick
around for a while. So, if you want existing driver based frameworks to get
Kerberos support sooner then it's fine to add support. Especially, if pieces of
it can be re-used for HTTP Kerberos.
> Add Kerberos Authentication support
> -----------------------------------
>
> Key: MESOS-907
> URL: https://issues.apache.org/jira/browse/MESOS-907
> Project: Mesos
> Issue Type: Story
> Components: general
> Reporter: Adam B
> Labels: security, twitter
>
> MESOS-704 added basic authentication support using CRAM-MD5 through SASL. Now
> we should integrate Kerberos authentication using GSS-API, which is already
> supported by SASL. Kerberos is a widely-used industry standard authentication
> service, and integration with Mesos will make it easier for customers to
> integrate their existing security process with Mesos.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
