[jira] [Issue Comment Deleted] (MESOS-5286) Add authorization to libprocess HTTP endpoints

Greg Mann (JIRA) Fri, 06 May 2016 14:23:02 -0700

     [ 
https://issues.apache.org/jira/browse/MESOS-5286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Greg Mann updated MESOS-5286:
-----------------------------
    Comment: was deleted

(was: I've posted patches which authorize {{/metrics/snapshot}} and 
{{/logging/toggle}}. It's not yet decided if we will authorize the other 
libprocess-level endpoints at this time.

Reviews here:
https://reviews.apache.org/r/46866/
https://reviews.apache.org/r/46867/
https://reviews.apache.org/r/46868/
https://reviews.apache.org/r/46883/
https://reviews.apache.org/r/46869/
https://reviews.apache.org/r/46870/
https://reviews.apache.org/r/46876/
https://reviews.apache.org/r/46880/
https://reviews.apache.org/r/46881/
https://reviews.apache.org/r/46882/)

> Add authorization to libprocess HTTP endpoints
> ----------------------------------------------
>
>                 Key: MESOS-5286
>                 URL: https://issues.apache.org/jira/browse/MESOS-5286
>             Project: Mesos
>          Issue Type: Improvement
>          Components: libprocess
>            Reporter: Greg Mann
>            Assignee: Greg Mann
>              Labels: mesosphere
>             Fix For: 0.29.0
>
>
> Now that the libprocess-level HTTP endpoints have had authentication added to 
> them in MESOS-4902, we can add authorization to them as well. As a first 
> step, we can implement a "coarse-grained" approach, in which a principal is 
> granted or denied access to a given endpoint. We will likely need to register 
> an authorizer with libprocess.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Issue Comment Deleted] (MESOS-5286) Add authorization to libprocess HTTP endpoints

Reply via email to