[
https://issues.apache.org/jira/browse/MESOS-5851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15382749#comment-15382749
]
Adam B commented on MESOS-5851:
-------------------------------
I'm still in favor of using realms instead of specific endpoints, since a) http
realms were intended for "protection spaces" [1] to scope authentication, and
b) it allows us to group common endpoints (/state and /state.json, or /reserve
and /unreserve). Perhaps Admin/User/Scheduler was too coarse, but per-endpoint
seems too fine-grained.
I like the idea of the permissive bit, plus an optional list of exceptions to
that default. If default=unauthenticated, then you would only need to list the
realms/endpoints you want authenticated. If default=authenticated, you list the
realms/endpoints to leave unauthenticated.
[1] https://tools.ietf.org/html/rfc7235#section-2.2
> Create mechanism to control authentication between different HTTP endpoints
> ---------------------------------------------------------------------------
>
> Key: MESOS-5851
> URL: https://issues.apache.org/jira/browse/MESOS-5851
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Affects Versions: 1.0.0
> Reporter: Zhitao Li
> Labels: mesosphere, security
>
> All endpoints authentication is controlled by one single flag. We need this
> flag to be on so that `/reserve` `/unreserve` can get a principal.
> However, after 1.0, we cannot access important readonly endpoints
> `/master/state/` and `/metric/snapshot/` anymore w/o a password. The latter
> is detrimental on usability because many users don't have the supporting
> infra to distribute such metrics into every metrics collecting process yet.
> I'm looking towards a mechanism to at least allow unauthenticated access to
> selective whitelisted endpoints while keep endpoints requiring AuthN/AuthZ
> still protected.
> quoting Joseph Wu, "we want a `--authenticate_http=true, but don't check`
> option"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
