Till Toenshoff created MESOS-8059:
-------------------------------------
Summary: Support for multiple authentication schemes via HTTP.
Key: MESOS-8059
URL: https://issues.apache.org/jira/browse/MESOS-8059
Project: Mesos
Issue Type: Improvement
Components: libprocess
Reporter: Till Toenshoff
As per [RFC7230|https://tools.ietf.org/html/rfc7230#section-3.2.2], HTTP
authentication does support using multiple schemes in a single
{{Authorization}} header. Our current implementations do not seem to support
this; namely the libprocess basic authenticator does assume a single scheme.
The above RFC also says explicitly that we must never have multiple
{{Authorization}} headers in the same request but must combine them.
[RFC2617|http://www.ietf.org/rfc/rfc2617.txt] then has additional information
on how to properly react upon multiple authentication schemes (also via proxy
auth).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
