> On Feb. 13, 2017, 3:01 p.m., Alexander Rojas wrote:
> > So now I remembered why originally it didn't support multiple
> > authenticators. In my original design I favored composition of
> > authenticators, in facto, I think one of the first iteration of the patches
> > included an `AndAuthenticator` and an `OrAuthenticator`. Just consider that
> > instead of implementing this inside libprocess, Mesos implement a combiner
> > authenticator which works more or less like this:
> >
> > ```c++
> > class CombinedAuthenticator : public Authenticator
> > {
> > public:
> > CombinedAuthenticator(const std::string &realm, const
> > std::vector<Authenticator*> &authenticators);
> >
> > virtual Future<AuthenticationResult> authenticate(const Request& request)
> > override;
> >
> > private:
> > std::vector<Owned<Authenticator>> authenticators_;
> > std::string realm_;
> > };
> >
> > CombinedAuthenticator::CombinedAuthenticator(const std::string &realm,
> > const std::vector<Authenticator*> &authenticators)
> > : authenticators_(), realm_(realm)
> > {
> > for (const Authenticator* authenticator, authenticators) {
> > authenticators_.push_back(Owned<Authenticator>(authenticator));
> > }
> > }
> >
> > Future<AuthenticationResult> CombinedAuthenticator::authenticate(const
> > Request& request)
> > {
> > // ... The code inside AuthenticatorManagerProcess::authenticate()
> > }
> > ```
> >
> > I personally would prefer this approach since it keeps the separation of
> > [mechanism and
> > policy](https://en.wikipedia.org/wiki/Separation_of_mechanism_and_policy),
> > leaving users of libprocess to decide exactly how to perform authentication
> > while the library itself only cares about a single interface.
> >
> > This is however just a peek in the considerations I had when I designed the
> > multiple authenticators problem and I would suggest to only giving it a
> > thought.
I like this approach - I'll update the review chain to reflect it. Thanks
Alexander!!!
- Greg
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56474/#review165328
-----------------------------------------------------------
On Feb. 11, 2017, 12:44 a.m., Greg Mann wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56474/
> -----------------------------------------------------------
>
> (Updated Feb. 11, 2017, 12:44 a.m.)
>
>
> Review request for mesos, Alexander Rojas, Jan Schlicht, Till Toenshoff, and
> Vinod Kone.
>
>
> Bugs: MESOS-7004
> https://issues.apache.org/jira/browse/MESOS-7004
>
>
> Repository: mesos
>
>
> Description
> -------
>
> This patch updates the `AuthenticatorManager` to allow
> multiple authenticators to be set for a single realm.
>
>
> Diffs
> -----
>
> 3rdparty/libprocess/src/authenticator_manager.cpp
> a22acd026a001788dc39b8005a56577e33c6800b
>
>
> Diff: https://reviews.apache.org/r/56474/diff/2/
>
>
> Testing
> -------
>
> Testing information can be found in the subsequent patch in this chain.
>
>
> Thanks,
>
> Greg Mann
>
>
