[
https://issues.apache.org/jira/browse/MESOS-5005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15214597#comment-15214597
]
Adam B commented on MESOS-5005:
-------------------------------
[~greggomann], I can shepherd if you have time to work on it this sprint.
> Make `ReservationInfo.principal` and `Persistence.principal` equivalent
> -----------------------------------------------------------------------
>
> Key: MESOS-5005
> URL: https://issues.apache.org/jira/browse/MESOS-5005
> Project: Mesos
> Issue Type: Bug
> Reporter: Greg Mann
> Labels: mesosphere, persistent-volumes, reservations
>
> Currently, we require that `ReservationInfo.principal` be equal to the
> principal provided for authentication, which means that when HTTP
> authentication is disabled this field cannot be set. Based on comments in
> 'mesos.proto', the original intention was to enforce this same constraint for
> `Persistence.principal`, but it seems that we don't enforce it. This should
> be changed to make the two fields equivalent.
> This means that when HTTP authentication is disabled, requests to '/reserve'
> cannot set {{ReservationInfo.principal}}, while requests to `/create-volumes`
> can set any principal in {{Persistence.principal}}. One solution would be to
> add the constraint to {{Persistence.principal}} when HTTP authentication is
> enabled, and remove the constraint from {{ReservationInfo.principal}} when
> HTTP authentication is disabled: this would allow us to track a
> reserver/creator principal when HTTP authentication is disabled.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
