Greg Mann created MESOS-4902:
--------------------------------
Summary: Add authentication to agent endpoints /files, /profiler,
and /logging
Key: MESOS-4902
URL: https://issues.apache.org/jira/browse/MESOS-4902
Project: Mesos
Issue Type: Improvement
Components: HTTP API
Reporter: Greg Mann
Adding HTTP authentication to these endpoints is a bit more complicated than is
the case for the existing authenticated endpoints. {{/profiler}} and
{{/logging}} endpoints are defined at the libprocess level, while {{/files}} is
defined in code that is shared by the master and agent.
While working on MESOS-4850, it became apparent that since our tests use the
same instance of libprocess for both master and agent, different default
authentication realms must be used for master/agent so that HTTP authentication
can be independently enabled/disabled for each.
We should establish a mechanism for making an endpoint authenticated that
allows us to:
1) Install an endpoint like {{/files}} with different authentication realms for
the master and agent
2) Avoid hard-coding a default authentication realm into libprocess, again to
permit the use of different authentication realms for the master and agent
Another option would be to use a single default authentication realm and always
enable or disable HTTP authentication for *both* the master and agent in tests.
However, this wouldn't allow us to test scenarios where HTTP authentication is
enabled on one but disabled on the other.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
