Zhitao Li created MESOS-5851:
--------------------------------
Summary: Create mechanism to allow authentication between
different HTTP endpoints
Key: MESOS-5851
URL: https://issues.apache.org/jira/browse/MESOS-5851
Project: Mesos
Issue Type: Bug
Reporter: Zhitao Li
All endpoints authentication is controlled by one single flag. We need this
flag to be on so that `/reserve` `/unreserve` can get a principal.
However, after 1.0, we cannot access important readonly endpoints
`/master/state/` and `/metric/snapshot/` anymore w/o a password. The latter is
detrimental on usability because many users don't have the supporting infra to
distribute such metrics into every metrics collecting process yet.
I'm looking towards a mechanism to at least allow unauthenticated access to
selective whitelisted endpoints while keep endpoints requiring AuthN/AuthZ
still protected.
quoting Joseph Wu, "we want a `--authenticate_http=true, but don't check`
option"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
