[ https://issues.apache.org/jira/browse/MESOS-5851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15385247#comment-15385247 ]
Adam B edited comment on MESOS-5851 at 7/20/16 3:19 AM: -------------------------------------------------------- I like it. As for the flags, here's my suggestion: `\-\-authenticate_http` will become a deprecated alias for `\-\-authenticate_http_readwrite` (since the old behavior applied to reserve/unreserve, create/destroy, and teardown). `\-\-authenticate_http_readonly` will be a new boolean flag for the VIEWS. Note that `\-\-authenticate_http_frameworks` already exists for `/v1/scheduler`. `/v1/` represents the operator API, and counts as readwrite. `\-\-http_authenticators` needs to be updated as well, either to `\-\-http_readwrite_authenticator` and `\-\-http_readonly_authenticator`, or to handle a json blob specifying which authenticator to use for each realm. We must continue to support the previous format as well, if specified, although we'd probably error out if `\-\-authenticate_http_readonly` is set and `\-\-http_authenticators` uses the old format. was (Author: adam-mesos): I like it. As for the flags, here's my suggestion: `--authenticate_http` will become a deprecated alias for `--authenticate_http_readwrite` (since the old behavior applied to reserve/unreserve, create/destroy, and teardown). `--authenticate_http_readonly` will be a new boolean flag for the VIEWS. Note that `--authenticate_http_frameworks` already exists for `/v1/scheduler`. `/v1/` represents the operator API, and counts as readwrite. `--http_authenticators` needs to be updated as well, either to `--http_readwrite_authenticator` and `--http_readonly_authenticator`, or to handle a json blob specifying which authenticator to use for each realm. We must continue to support the previous format as well, if specified, although we'd probably error out if `--authenticate_http_readonly` is set and `--http_authenticators` uses the old format. > Create mechanism to control authentication between different HTTP endpoints > --------------------------------------------------------------------------- > > Key: MESOS-5851 > URL: https://issues.apache.org/jira/browse/MESOS-5851 > Project: Mesos > Issue Type: Bug > Components: libprocess > Affects Versions: 1.0.0 > Reporter: Zhitao Li > Labels: mesosphere, security > Fix For: 1.0.0 > > > All endpoints authentication is controlled by one single flag. We need this > flag to be on so that `/reserve` `/unreserve` can get a principal. > However, after 1.0, we cannot access important readonly endpoints > `/master/state/` and `/metric/snapshot/` anymore w/o a password. The latter > is detrimental on usability because many users don't have the supporting > infra to distribute such metrics into every metrics collecting process yet. > I'm looking towards a mechanism to at least allow unauthenticated access to > selective whitelisted endpoints while keep endpoints requiring AuthN/AuthZ > still protected. > quoting Joseph Wu, "we want a `--authenticate_http=true, but don't check` > option" > Proposed endpoint to realm grouping by [~zhitao] > {quote} > ///////////// > // Common realms shared by both master and agent > //////////// > FLAGS > - /flags > > FILES > - /files/browse > - /files/browse.json > - /files/debug > - /files/debug.json > - /files/download > - /files/download.json > - /files/read > - /files/read.json > > LOGGING > - /logging/toggle > > METRICS > - /metrics/snapshot > > PROFILER > - /profiler/start > - /profiler/stop > > SYSTEMS > - /system/stats.json > > VERSIONS > - /version > > ///////////////// > // Additional master only realms > //////////////// > MAINTENANCE > - /machine/down > - /machine/up > - /maintenance/schedule > - /maintenance/status > > OPERATORS > - /api/v1 > > SCHEDULERS > - /api/v1/scheduler > > REGISTRARS > - /registrar(id)/registry > > RESERVATIONS > - /reserve > - /unreserve > - /quota > - /weights > > TEARDOWN > - /teardown > > VIEWS > - /frameworks > - /roles > - /roles.json > - /slaves > - /state > - /state-summary > - /state.json > - /tasks > - /tasks.json > > VOLUMES > - /create-volumes > - /destroy-volumes > > UNAUTHENTICATED > - /health > - /redirect > > //////////////// > // Additional agent realms > //////////////// > > OPERATORS > - /api/v1 > > VIEWS > - /containers > - /monitor/statistics > - /monitor/statistics.json > - /state > - /state.json > > UNAUTHENTICATED > - /api/v1/executor > - /health > {quote} -- This message was sent by Atlassian JIRA (v6.3.4#6332)