This is an automatically generated e-mail. To reply, visit:

(Updated April 14, 2016, 5:46 p.m.)

Review request for mesos, Greg Mann and Vinod Kone.


Review comments from Greg

Bugs: MESOS-3923

Repository: mesos


This change adds AuthN support for HTTP based frameworks.

We allow AuthZ without AuthN for `/scheduler` endpoint. Also,
we ensure that `FrameworkInfo.principal` (if present) equals
the authenticated principal. We also allow a framework to
omit specifying the `FrameworkInfo.principal` in case
it is not interested in authorization or if it is disabled.
We do log a warning for this cases similar to what driver
based frameworks already do.

Diffs (updated)

  src/master/http.cpp b8a83b58b60416f61610cad16fc6f70028a5ee10 
  src/master/master.hpp 1f480f03900a0dc2996c2ed3a9534dfa8036940f 
  src/master/master.cpp 781402c04fded159183e1ca28894e48355200f0c 
  src/master/validation.hpp d1f2323172cbf3bb052942a119b8531f9ccad48d 
  src/master/validation.cpp 13423436a4e6361fde6fa75133eebf5c02c8381f 

Diff: https://reviews.apache.org/r/46115/diff/


make check. Enabled AuthN for all the tests later in the chain.


Anand Mazumdar

Reply via email to