You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Benno Evers (JIRA)" <ji...@apache.org> on 2017/09/27 09:09:00 UTC
[jira] [Created] (MESOS-8023) Warn users trying to use HTTP Basic
Authentication over non-secure channels
Benno Evers created MESOS-8023:
----------------------------------
Summary: Warn users trying to use HTTP Basic Authentication over non-secure channels
Key: MESOS-8023
URL: https://issues.apache.org/jira/browse/MESOS-8023
Project: Mesos
Issue Type: Improvement
Reporter: Benno Evers
Since the Basic authentication submits passwords and usernames in plain text, it should only be used when the connection is already secured through another layer, e.g. when using HTTPS.
Since many users are not aware of this fact, Mesos should try to detect warn about this situation where possible, to prevent accidental leaking of passwords.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)