[jira] [Commented] (MESOS-1343) Authorize HTTP endpoints through ACLs
[ https://issues.apache.org/jira/browse/MESOS-1343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14088411#comment-14088411 ] Joe Smith commented on MESOS-1343: -- For 0.20.0, we either need to enable the ACLs, or remove the shutdown from http- as is, any framework's credentials can be used to shutdown other frameworks. Authorize HTTP endpoints through ACLs - Key: MESOS-1343 URL: https://issues.apache.org/jira/browse/MESOS-1343 Project: Mesos Issue Type: Story Reporter: Vinod Kone -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (MESOS-1343) Authorize HTTP endpoints through ACLs
[ https://issues.apache.org/jira/browse/MESOS-1343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14088432#comment-14088432 ] Joe Smith commented on MESOS-1343: -- Clarified with [~benjaminhindman]- these are gated via specific http-principals only. So a framework will not be able to use its principal to send requests via http- however these HTTP endpoints still need to have an ACL applied to them. Authorize HTTP endpoints through ACLs - Key: MESOS-1343 URL: https://issues.apache.org/jira/browse/MESOS-1343 Project: Mesos Issue Type: Story Reporter: Vinod Kone -- This message was sent by Atlassian JIRA (v6.2#6252)