----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/46114/#review128730 -----------------------------------------------------------
src/master/master.cpp (lines 5939 - 5941) <https://reviews.apache.org/r/46114/#comment192194> The principal in HTTP based framework will be passed in the HTTP Authorization header. The FrameworkInfo.prinicipal is orthongoal to whether the framework is using a driver based API or HTTP API; it should be used in cases where framework doesn't want to authenticate but still want mesos to authorize its actions. Also, I was expecting the `authenticated` map to contain information about if a framework is authenticated or not irrespective of whether it's driver or HTTP based. The map will need to be updated to take either a PID or HTTP connection. I haven't seen the other reviews, but this is what I had in mind. src/master/master.cpp (lines 5944 - 5947) <https://reviews.apache.org/r/46114/#comment192195> We were discussing about this in another context this morning. I think we should just set FrameworkInfo.principal to Credential.principal (driver based) or AuthorizationHeader.principal (HTTP API) when framework has authenticated. This should be done by the master at the point of registration/subscription. Can you do that in a different review and make this review dependent on that? src/master/master.cpp (line 5958) <https://reviews.apache.org/r/46114/#comment192196> After the above changes, you can kill the above if else loop and change this to if (framework->info.has_principal()) { } - Vinod Kone On April 12, 2016, 10:25 p.m., Anand Mazumdar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/46114/ > ----------------------------------------------------------- > > (Updated April 12, 2016, 10:25 p.m.) > > > Review request for mesos and Vinod Kone. > > > Bugs: MESOS-3923 > https://issues.apache.org/jira/browse/MESOS-3923 > > > Repository: mesos > > > Description > ------- > > Currently, we never used to initialize the per principal metrics > that can be accessed by "frameworks/<principal>". Currently, it > only has two metrics that have no relevance for HTTP frameworks > i.e., `messages_received`, `messages_processed` but that might change > in the future if we add more such metrics. It also ensures that > HTTP->PID framework downgrades preserve the metrics and no > additional logic is needed to deal with this. (Previously > HTTP frameworks never had AuthN and no principal was passed > in `FrameworkInfo`, so this was never a concern). > > > Diffs > ----- > > src/master/master.cpp 781402c04fded159183e1ca28894e48355200f0c > > Diff: https://reviews.apache.org/r/46114/diff/ > > > Testing > ------- > > make check > > > Thanks, > > Anand Mazumdar > >
