[jira] [Comment Edited] (MESOS-5379) Authentication documentation for libprocess endpoints can be misleading.

Thu, 26 May 2016 23:52:24 -0700 

    [ 
https://issues.apache.org/jira/browse/MESOS-5379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15303652#comment-15303652
 ] 

Adam B edited comment on MESOS-5379 at 5/27/16 6:51 AM:
--------------------------------------------------------

Untargeting from 0.29, since we don't have time/assignee to work on it. Also 
downgraded from a Blocker, but I doubt it's even Critical. [~bbannier], can you 
explain why this is a "Blocker"? Or I guess [~alexr] upgraded it..


was (Author: adam-mesos):
Untargeting from 0.29, since we don't have time/assignee to work on it. Also 
downgraded from a Blocker, but I doubt it's even Critical. [~bbannier], can you 
explain why this is a "Blocker"?

> Authentication documentation for libprocess endpoints can be misleading.
> ------------------------------------------------------------------------
>
>                 Key: MESOS-5379
>                 URL: https://issues.apache.org/jira/browse/MESOS-5379
>             Project: Mesos
>          Issue Type: Bug
>          Components: documentation, libprocess
>    Affects Versions: 0.29.0
>            Reporter: Benjamin Bannier
>            Priority: Critical
>              Labels: mesosphere, tech-debt
>
> Libprocess exposes a number of endpoints (at least: {{/logging}}, 
> {{/metrics}}, and {{/profiler}}). If libprocess was initialized with some 
> realm these endpoints require authentication, and don't if not.
> To generate endpoint help we currently use the also function 
> {{AUTHENTICATION}} which injects the following into the help string,
> {code}
> This endpoints requires authentication iff HTTP authentication is enabled.
> {code}
> with {{iff}} documenting a coupling stronger between required authentication 
> and enabled authentication which might not be true for above libprocess 
> endpoints -- it is e.g., true when these endpoints are exposed through mesos 
> masters/agents, but possibly not if exposed through other executables.
> It seems for libprocess endpoint a less strong formulation like e.g.,
> {code}
> This endpoints supports authentication. If HTTP authentication is enabled, 
> this endpoint may require authentication.
> {code}
> might make the generated help strings more reusable.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to