You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Alex R (Jira)" <ji...@apache.org> on 2020/01/30 15:45:00 UTC

[jira] [Assigned] (MESOS-8322) Authorization failure message from the master should include the subject.

     [ https://issues.apache.org/jira/browse/MESOS-8322?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alex R reassigned MESOS-8322:
-----------------------------

    Assignee:     (was: Alex R)

> Authorization failure message from the master should include the subject.
> -------------------------------------------------------------------------
>
>                 Key: MESOS-8322
>                 URL: https://issues.apache.org/jira/browse/MESOS-8322
>             Project: Mesos
>          Issue Type: Improvement
>          Components: master
>    Affects Versions: 1.5.0
>            Reporter: Till Toenshoff
>            Priority: Minor
>              Labels: security
>
> When trying to run a task owned by a framework principal that lacks specific rights for the task-user in question, it would be much more helpful if the Mesos master would actually supply the framework principal (aka Subject) within the error message.
> Currently what I see is reason strings like this:
> {{Not authorized to launch as user 'nobody'}}
> Whereas I think it would be much more helpful if we included the subject like this:
> {{SUBJECT is not authorized to launch tasks as user 'OBJECT'}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)