-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46114/#review128730
-----------------------------------------------------------




src/master/master.cpp (lines 5939 - 5941)
<https://reviews.apache.org/r/46114/#comment192194>

    The principal in HTTP based framework will be passed in the HTTP 
Authorization header. The FrameworkInfo.prinicipal is orthongoal to whether the 
framework is using a driver based API or HTTP API; it should be used in cases 
where framework doesn't want to authenticate but still want mesos to authorize 
its actions.
    
    Also, I was expecting the `authenticated` map to contain information about 
if a framework is authenticated or not irrespective of whether it's driver or 
HTTP based. The map will need to be updated to take either a PID or HTTP 
connection.
    
    I haven't seen the other reviews, but this is what I had in mind.



src/master/master.cpp (lines 5944 - 5947)
<https://reviews.apache.org/r/46114/#comment192195>

    We were discussing about this in another context this morning. I think we 
should just set FrameworkInfo.principal to Credential.principal (driver based) 
or AuthorizationHeader.principal (HTTP API) when framework has authenticated. 
This should be done by the master at the point of registration/subscription. 
Can you do that in a different review and make this review dependent on that?



src/master/master.cpp (line 5958)
<https://reviews.apache.org/r/46114/#comment192196>

    After the above changes, you can kill the above if else loop and change 
this to
    
    if (framework->info.has_principal()) {
    
    }


- Vinod Kone


On April 12, 2016, 10:25 p.m., Anand Mazumdar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46114/
> -----------------------------------------------------------
> 
> (Updated April 12, 2016, 10:25 p.m.)
> 
> 
> Review request for mesos and Vinod Kone.
> 
> 
> Bugs: MESOS-3923
>     https://issues.apache.org/jira/browse/MESOS-3923
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Currently, we never used to initialize the per principal metrics
> that can be accessed by "frameworks/<principal>". Currently, it
> only has two metrics that have no relevance for HTTP frameworks
> i.e., `messages_received`, `messages_processed` but that might change
> in the future if we add more such metrics. It also ensures that
> HTTP->PID framework downgrades preserve the metrics and no
> additional logic is needed to deal with this. (Previously
> HTTP frameworks never had AuthN and no principal was passed
> in `FrameworkInfo`, so this was never a concern).
> 
> 
> Diffs
> -----
> 
>   src/master/master.cpp 781402c04fded159183e1ca28894e48355200f0c 
> 
> Diff: https://reviews.apache.org/r/46114/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Anand Mazumdar
> 
>

Reply via email to