You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Benjamin Bannier (JIRA)" <ji...@apache.org> on 2016/07/07 12:56:10 UTC

[jira] [Commented] (MESOS-5343) Behavior of custom HTTP authenticators with disabled HTTP authentication is inconsistent between master and agent

    [ https://issues.apache.org/jira/browse/MESOS-5343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15366054#comment-15366054 ] 

Benjamin Bannier commented on MESOS-5343:
-----------------------------------------

Had a brief stab at this. Aligning the master with the agent behavior does require at least two changes:

1) just copying the agent authn flag validation code to the master, and
2) fix all tests setting these master flags inconsistently.

1) is trivial, while 2) might require either adjusting default flags used in fixtures, or making tests authn-aware, all on a case-by-case basis. I updated this ticket with a (rather ambitious) estimate reflecting that complexity.

> Behavior of custom HTTP authenticators with disabled HTTP authentication is inconsistent between master and agent
> -----------------------------------------------------------------------------------------------------------------
>
>                 Key: MESOS-5343
>                 URL: https://issues.apache.org/jira/browse/MESOS-5343
>             Project: Mesos
>          Issue Type: Bug
>    Affects Versions: 1.0.0
>            Reporter: Benjamin Bannier
>            Assignee: Benjamin Bannier
>            Priority: Minor
>              Labels: mesosphere, security
>
> When setting a custom authenticator with {{http_authenticators}} and also specifying {{authenticate_http=false}} currently agents refuse to start with
> {code}
> A custom HTTP authenticator was specified with the '--http_authenticators' flag, but HTTP authentication was not enabled via '--authenticate_http'
> {code}
> Masters on the other hand accept this setting.
> Having differing behavior between master and agents is confusing, and we should decide on whether we want to accept these settings or not, and make the implementations consistent.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)