----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/44711/#review123304 -----------------------------------------------------------
Slow down, partner. Even after Greg's patch to add authn to basic agent HTTP endpoints, there are still a lot of unauthenticated endpoints. docs/authentication.md (line 12) <https://reviews.apache.org/r/44711/#comment185525> I wouldn't call it "most" yet. Maybe "many". By my count, we're still excluding all the agent endpoints, plus: /registrar(id)/registry /files/* /logging /metrics/snapshot /profiler/* /system/stats.json /help/* Can we also update the HTTP endpoint help to specify that authentication is required for endpoints when it is? (Maybe even base the answer on the actual --authenticate_http value) - Adam B On March 11, 2016, 8:48 a.m., Joerg Schad wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/44711/ > ----------------------------------------------------------- > > (Updated March 11, 2016, 8:48 a.m.) > > > Review request for mesos, Adam B and Greg Mann. > > > Bugs: MESOS-4844 > https://issues.apache.org/jira/browse/MESOS-4844 > > > Repository: mesos > > > Description > ------- > > Reflected default authentication of endpoints in documentation. > > > Diffs > ----- > > docs/authentication.md dd538b512c6f822cd742fc6e2f3d4f7fbffadc06 > > Diff: https://reviews.apache.org/r/44711/diff/ > > > Testing > ------- > > > Thanks, > > Joerg Schad > >