You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Greg Mann (JIRA)" <ji...@apache.org> on 2017/03/07 22:06:37 UTC
[jira] [Commented] (MESOS-7003) Introduce a 'Principal' type
[ https://issues.apache.org/jira/browse/MESOS-7003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15900260#comment-15900260 ]
Greg Mann commented on MESOS-7003:
----------------------------------
{code}
commit 072638d252bff6df6d89c2d3d0cf2220c98e677f
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:40:11 2017 -0800
Added default parameter value to master validation function.
The master's validation function for RESERVE operations previously
did not set a default parameter value for its final optional
parameter, requiring callsites to explicitly specify `None()`. This
patch adds the default value.
Review: https://reviews.apache.org/r/57158/
{code}
{code}
commit 17ef4ddf9b10ec0e86782489bf8dcbb1b47f020b
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:40:06 2017 -0800
Updated Mesos tests to use the 'Principal' type.
This patch updates the Mesos tests to use authenticated
handlers which accept the `Principal` type instead of an
`Option<string> principal`.
Review: https://reviews.apache.org/r/56621/
{code}
{code}
commit e71f957a15c2d4e126e987bacfe64aae7f37a7dd
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:40:01 2017 -0800
Added a new libprocess test for invalid principals.
This patch adds `HttpAuthenticationTest.InvalidPrincipal` to
libprocess to verify that requests return a 500 status code
when the authenticator fails to return a valid principal.
Review: https://reviews.apache.org/r/57298/
{code}
{code}
commit 602c9db732faa85d73987f3f51ab0e376ba3d18f
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:55 2017 -0800
Updated libprocess tests to use the 'Principal' type.
This patch updates the HTTP-related libprocess
tests to use authenticated handlers which accept
the `Principal` type instead of an
`Option<string> principal`.
Review: https://reviews.apache.org/r/56624/
{code}
{code}
commit da47646e22d5294ce48de57424bfa9b6562a6896
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:45 2017 -0800
Updated master handlers to use the 'Principal' type.
This patch updates the HTTP endpoint handlers in the
master process to accept the `Principal` type instead
of an `Option<string>& principal`.
Review: https://reviews.apache.org/r/56813/
{code}
{code}
commit 8da4d6ff4adfd72dc33d56302af1eeb0d13e83f1
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:29 2017 -0800
Updated agent handlers to use the 'Principal' type.
This patch updates the HTTP endpoint handlers in the
agent process to accept the `Principal` type instead
of an `Option<string>& principal`.
Review: https://reviews.apache.org/r/56812/
{code}
{code}
commit a7a84a87ff4fef8e3062b72bf795fa9540ab5325
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:25 2017 -0800
Updated 'Files' handlers to use the 'Principal' type.
This patch updates the HTTP endpoint handlers in the
Mesos `Files` process to accept the `Principal` type
instead of an `Option<string>& principal`.
Review: https://reviews.apache.org/r/56619/
{code}
{code}
commit dc202578a6ba8dd096a1f0a6ad9f3af4d6247819
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:20 2017 -0800
Removed unnecessary 'using' statement in master HTTP code.
`MetricsProcess` was previously declared in 'src/master/http.cpp',
but it is not currently used in that file. This patch removes the
declaration.
Review: https://reviews.apache.org/r/57153/
{code}
{code}
commit 30cbe95ca3739d88fd2b6e969b30ff7481452f20
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:13 2017 -0800
Fixed a bug in master and agent handler authorization logic.
This patch fixes a bug where endpoint handlers would not
correctly handle the case in which authorization is enabled
when authentication is disabled. In this case, the handlers
would send a default-constructed `authorization::Subject` to
the authorizer, leading to an empty-string principal being
evaluated as the subject.
This patch updates the handlers to correctly send `NONE` as
the subject in this case.
Review: https://reviews.apache.org/r/57054/
{code}
{code}
commit 91d0ce45dfb9f97130d99e4bff90044fe2225033
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:09 2017 -0800
Updated master validation code to use the 'Principal' type.
This patch updates master validation code to
make use of the `Principal` type instead of an
`Option<string> principal`.
Review: https://reviews.apache.org/r/56901/
{code}
{code}
commit 1b4f33fa2cdc0cfeab4cba1795e9d89e4bdae71e
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:04 2017 -0800
Updated common Mesos code to use the 'Principal' type.
This patch updates common Mesos HTTP-related helpers,
as well as the `authorization::Subject` protobuf
message, to make use of the `Principal` type instead
of an `Option<string> principal`.
Review: https://reviews.apache.org/r/56618/
{code}
{code}
commit 66193c882356c03f2cb8342b4cab98644dfa46a2
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:39:00 2017 -0800
Updated libprocess handlers to use the 'Principal' type.
This patch updates the HTTP endpoint handlers in libprocess
to make use of the `Principal` type instead of an
`Option<string>& principal`.
Review: https://reviews.apache.org/r/56617/
{code}
{code}
commit 81cbc395295fe9922473b12b1c966d01fe298341
Author: Greg Mann <gr...@mesosphere.io>
Date: Mon Mar 6 12:38:52 2017 -0800
Implemented the 'Principal' type in libprocess.
This patch adds a new struct, `Principal`, to libprocess
to represent an authenticated entity in the system.
The new type contains a string `value` and a map containing
arbitrary key-value pairs.
Review: https://reviews.apache.org/r/56623/
{code}
> Introduce a 'Principal' type
> ----------------------------
>
> Key: MESOS-7003
> URL: https://issues.apache.org/jira/browse/MESOS-7003
> Project: Mesos
> Issue Type: Task
> Components: executor, security
> Reporter: Greg Mann
> Assignee: Greg Mann
> Labels: executor, security
> Fix For: 1.3.0
>
>
> We will introduce a new type to represent the identity of an authenticated entity in Mesos: the {{Principal}}. To accomplish this, the following should be done:
> * Add the new {{Principal}} type
> * Update the {{AuthenticationResult}} to use {{Principal}}
> * Update all authenticated endpoint handlers to handle this new type
> * Update the default authenticator modules to use the new type
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)