You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Marco Massenzio (JIRA)" <ji...@apache.org> on 2015/11/20 17:12:11 UTC
[jira] [Commented] (MESOS-3947) Authenticate /roles request
[ https://issues.apache.org/jira/browse/MESOS-3947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018212#comment-15018212 ]
Marco Massenzio commented on MESOS-3947:
----------------------------------------
This makes obviously a lot of sense (although, I'm not sure why the {{GET}} should not be authenticated, so it'd be great if you could elaborate that point).
However, I believe, this should be part of a broader activity involving *all* endpoints, within the scope of the {{HttpAuthorizer}} effort.
Please see MESOS-2297 for more details.
> Authenticate /roles request
> ---------------------------
>
> Key: MESOS-3947
> URL: https://issues.apache.org/jira/browse/MESOS-3947
> Project: Mesos
> Issue Type: Task
> Reporter: Yong Qiao Wang
> Assignee: Yong Qiao Wang
>
> /roles requests except GET method need to be authenticated.
> This ticket will authenticate /roles requests using credentials provided by the `Authorization` field of the HTTP request. This is similar to how authentication is implemented in `Master::Http`.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)