[ https://issues.apache.org/jira/browse/MESOS-5851?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15385307#comment-15385307 ]
Zhitao Li edited comment on MESOS-5851 at 7/20/16 4:38 AM: ----------------------------------------------------------- [~adam-mesos] I'll start to work on RR drafts from master side. About `\-\-http_authenticators` flag change: do we expect people use different authenticator implementations between `READ_ONLY` and `READ_WRITE`? It seems very strange anyone would actually do that. If not, we can probably reduce the changes we need for this. (If you think it's definitely necessary, then I propose we make the flags symmetric to `\-\-authenticate_http_readonly` by adding `--http_authenticators_readonly`) was (Author: zhitao): [~adam-mesos] I'll start to work on RR drafts from master side. About `--http_authenticators` flag change: do we expect people use different authenticator implementations between `READ_ONLY` and `READ_WRITE`? It seems very strange anyone would actually do that. If not, we can probably reduce the changes we need for this. (If you think it's definitely necessary, then I propose we make the flags symmetric to `--authenticate_http_readonly` by adding `--http_authenticators_readonly`) > Create mechanism to control authentication between different HTTP endpoints > --------------------------------------------------------------------------- > > Key: MESOS-5851 > URL: https://issues.apache.org/jira/browse/MESOS-5851 > Project: Mesos > Issue Type: Bug > Components: libprocess > Affects Versions: 1.0.0 > Reporter: Zhitao Li > Assignee: Zhitao Li > Labels: mesosphere, security > Fix For: 1.0.0 > > > All endpoints authentication is controlled by one single flag. We need this > flag to be on so that `/reserve` `/unreserve` can get a principal. > However, after 1.0, we cannot access important readonly endpoints > `/master/state/` and `/metric/snapshot/` anymore w/o a password. The latter > is detrimental on usability because many users don't have the supporting > infra to distribute such metrics into every metrics collecting process yet. > I'm looking towards a mechanism to at least allow unauthenticated access to > selective whitelisted endpoints while keep endpoints requiring AuthN/AuthZ > still protected. > quoting Joseph Wu, "we want a `--authenticate_http=true, but don't check` > option" > Proposed endpoint to realm grouping by [~zhitao] > {quote} > ///////////// > // Common realms shared by both master and agent > //////////// > FLAGS > - /flags > > FILES > - /files/browse > - /files/browse.json > - /files/debug > - /files/debug.json > - /files/download > - /files/download.json > - /files/read > - /files/read.json > > LOGGING > - /logging/toggle > > METRICS > - /metrics/snapshot > > PROFILER > - /profiler/start > - /profiler/stop > > SYSTEMS > - /system/stats.json > > VERSIONS > - /version > > ///////////////// > // Additional master only realms > //////////////// > MAINTENANCE > - /machine/down > - /machine/up > - /maintenance/schedule > - /maintenance/status > > OPERATORS > - /api/v1 > > SCHEDULERS > - /api/v1/scheduler > > REGISTRARS > - /registrar(id)/registry > > RESERVATIONS > - /reserve > - /unreserve > - /quota > - /weights > > TEARDOWN > - /teardown > > VIEWS > - /frameworks > - /roles > - /roles.json > - /slaves > - /state > - /state-summary > - /state.json > - /tasks > - /tasks.json > > VOLUMES > - /create-volumes > - /destroy-volumes > > UNAUTHENTICATED > - /health > - /redirect > > //////////////// > // Additional agent realms > //////////////// > > OPERATORS > - /api/v1 > > VIEWS > - /containers > - /monitor/statistics > - /monitor/statistics.json > - /state > - /state.json > > UNAUTHENTICATED > - /api/v1/executor > - /health > {quote} -- This message was sent by Atlassian JIRA (v6.3.4#6332)