You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Benjamin Bannier (JIRA)" <ji...@apache.org> on 2016/05/13 09:06:12 UTC

[jira] [Created] (MESOS-5379) Authentication documentation for libprocess endpoints can be misleading

Benjamin Bannier created MESOS-5379:
---------------------------------------

             Summary: Authentication documentation for libprocess endpoints can be misleading
                 Key: MESOS-5379
                 URL: https://issues.apache.org/jira/browse/MESOS-5379
             Project: Mesos
          Issue Type: Bug
          Components: documentation, libprocess
    Affects Versions: 0.29.0
            Reporter: Benjamin Bannier


Libprocess exposes a number of endpoints (at least: {{/logging}}, {{/metrics}}, and {{/profiler}}). If libprocess was initialized with some realm these endpoints require authentication, and don't if not.

To generate endpoint help we currently use the also function {{AUTHENTICATION}} which injects the following into the helpstring,
{code}
This endpoints requires authentication iff HTTP authentication is enabled.
{code}
with {{iff}} documenting a coupling stronger between required authentication and enabled authentication which might not be true for above libprocess endpoints -- it is e.g., true when these endpoints are exposed through mesos masters/agents, but possibly not if exposed through other actors.

It seems for libprocess endpoint a less strong formulation like e.g.,
{code}
This endpoints supports authentication. If HTTP authentication is enabled, this endpoint may require authentication.`
{code}
might make the generated helpstrings more reusable.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)