[
https://issues.apache.org/jira/browse/MESOS-3947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018212#comment-15018212
]
Marco Massenzio edited comment on MESOS-3947 at 11/20/15 4:13 PM:
------------------------------------------------------------------
This makes obviously a lot of sense (although, I'm not sure why the {{GET}}
should not be authenticated, so it'd be great if you could elaborate that
point).
However, I believe, this should be part of a broader activity involving *all*
endpoints, within the scope of the {{HttpAuthenticator}} effort.
Please see MESOS-2297 for more details.
was (Author: marco-mesos):
This makes obviously a lot of sense (although, I'm not sure why the {{GET}}
should not be authenticated, so it'd be great if you could elaborate that
point).
However, I believe, this should be part of a broader activity involving *all*
endpoints, within the scope of the {{HttpAuthorizer}} effort.
Please see MESOS-2297 for more details.
> Authenticate /roles request
> ---------------------------
>
> Key: MESOS-3947
> URL: https://issues.apache.org/jira/browse/MESOS-3947
> Project: Mesos
> Issue Type: Task
> Reporter: Yong Qiao Wang
> Assignee: Yong Qiao Wang
>
> /roles requests except GET method need to be authenticated.
> This ticket will authenticate /roles requests using credentials provided by
> the `Authorization` field of the HTTP request. This is similar to how
> authentication is implemented in `Master::Http`.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
