You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Marco Massenzio (JIRA)" <ji...@apache.org> on 2015/11/20 17:12:11 UTC

[jira] [Commented] (MESOS-3947) Authenticate /roles request

    [ https://issues.apache.org/jira/browse/MESOS-3947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018212#comment-15018212 ] 

Marco Massenzio commented on MESOS-3947:
----------------------------------------

This makes obviously a lot of sense (although, I'm not sure why the {{GET}} should not be authenticated, so it'd be great if you could elaborate that point).

However, I believe, this should be part of a broader activity involving *all* endpoints, within the scope of the {{HttpAuthorizer}} effort.

Please see MESOS-2297 for more details.

> Authenticate /roles request
> ---------------------------
>
>                 Key: MESOS-3947
>                 URL: https://issues.apache.org/jira/browse/MESOS-3947
>             Project: Mesos
>          Issue Type: Task
>            Reporter: Yong Qiao Wang
>            Assignee: Yong Qiao Wang
>
> /roles requests except GET method need to be authenticated.
> This ticket will authenticate /roles requests using credentials provided by the `Authorization` field of the HTTP request. This is similar to how authentication is implemented in `Master::Http`.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)