-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56474/#review165328
-----------------------------------------------------------
So now I remembered why originally it didn't support multiple authenticators.
In my original design I favored composition of authenticators, in facto, I
think one of the first iteration of the patches included an `AndAuthenticator`
and an `OrAuthenticator`. Just consider that instead of implementing this
inside libprocess, Mesos implement a combiner authenticator which works more or
less like this:
```c++
class CombinedAuthenticator : public Authenticator
{
public:
CombinedAuthenticator(const std::string &realm, const
std::vector<Authenticator*> &authenticators);
virtual Future<AuthenticationResult> authenticate(const Request& request)
override;
private:
std::vector<Owned<Authenticator>> authenticators_;
std::string realm_;
};
CombinedAuthenticator::CombinedAuthenticator(const std::string &realm, const
std::vector<Authenticator*> &authenticators)
: authenticators_(), realm_(realm)
{
for (const Authenticator* authenticator, authenticators) {
authenticators_.push_back(Owned<Authenticator>(authenticator));
}
}
Future<AuthenticationResult> CombinedAuthenticator::authenticate(const Request&
request)
{
// ... The code inside AuthenticatorManagerProcess::authenticate()
}
```
I personally would prefer this approach since it keeps the separation of
[mechanism and
policy](https://en.wikipedia.org/wiki/Separation_of_mechanism_and_policy),
leaving users of libprocess to decide exactly how to perform authentication
while the library itself only cares about a single interface.
This is however just a peek in the considerations I had when I designed the
multiple authenticators problem and I would suggest to only giving it a thought.
- Alexander Rojas
On Feb. 11, 2017, 1:44 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56474/
> -----------------------------------------------------------
>
> (Updated Feb. 11, 2017, 1:44 a.m.)
>
>
> Review request for mesos, Alexander Rojas, Jan Schlicht, Till Toenshoff, and
> Vinod Kone.
>
>
> Bugs: MESOS-7004
> https://issues.apache.org/jira/browse/MESOS-7004
>
>
> Repository: mesos
>
>
> Description
> -------
>
> This patch updates the `AuthenticatorManager` to allow
> multiple authenticators to be set for a single realm.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/src/authenticator_manager.cpp
> a22acd026a001788dc39b8005a56577e33c6800b
>
> Diff: https://reviews.apache.org/r/56474/diff/
>
>
> Testing
> -------
>
> Testing information can be found in the subsequent patch in this chain.
>
>
> Thanks,
>
> Greg Mann
>
>
