> On March 16, 2017, 1:37 p.m., Vinod Kone wrote: > > src/slave/slave.cpp > > Lines 271-276 (patched) > > <https://reviews.apache.org/r/57671/diff/1/?file=1665871#file1665871line271> > > > > I know why you did it this way, but it seems a bit unfortunate that we > > are adding the JWT authenticator implicitly when only "basic" authenticator > > is specified in the flag (it's probably ok if the value is "basic" here > > because user didn't set anything and it is the default but we can't > > distinguish that). > > > > I'm wondering if it would be better to make the default flag value as > > "default" or "auto" with the flag help specifiying the behavior on what > > authenticators are picked ("basic" if executor auth is not specified, > > "basic,jwt" if executor auth is specified etc). > > > > WDYT?
As we discussed, made the `http_authenticators` flag optional, with the default behavior that we set either `basic` or `basic,JWT`, depending on the status of `--authenticate_http_executors`. - Greg ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57671/#review169141 ----------------------------------------------------------- On March 16, 2017, 7:07 p.m., Greg Mann wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57671/ > ----------------------------------------------------------- > > (Updated March 16, 2017, 7:07 p.m.) > > > Review request for mesos, Jan Schlicht and Vinod Kone. > > > Bugs: MESOS-6998 > https://issues.apache.org/jira/browse/MESOS-6998 > > > Repository: mesos > > > Description > ------- > > This patch updates the agent initialization code to make use > of the new `--authenticate_http_executors` flag. When the > flag is set, authentication is required on the executor realm > and the JWT authenticator is loaded. > > > Diffs > ----- > > src/common/http.hpp a3cfc5d8f0b2e453d5f6c3e485e92dbd643737a3 > src/common/http.cpp ce32ff36ee58b19f2cb11d80e69ab1ff007e75ef > src/slave/flags.hpp 2c4bd6ae628a272a4c6c2f02670baef011df4505 > src/slave/flags.cpp 4637ca62b257921c1e1f7019864d968f07fca8a1 > src/slave/slave.cpp a4f4a9ca80b726de8e07571fd6d93120947c278b > > > Diff: https://reviews.apache.org/r/57671/diff/2/ > > > Testing > ------- > > make check > > > Thanks, > > Greg Mann > >