You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/07/01 22:56:11 UTC
[jira] [Updated] (MESOS-5379) Authentication documentation for
libprocess endpoints can be misleading.
[ https://issues.apache.org/jira/browse/MESOS-5379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Adam B updated MESOS-5379:
--------------------------
Component/s: security
> Authentication documentation for libprocess endpoints can be misleading.
> ------------------------------------------------------------------------
>
> Key: MESOS-5379
> URL: https://issues.apache.org/jira/browse/MESOS-5379
> Project: Mesos
> Issue Type: Bug
> Components: documentation, libprocess, security
> Affects Versions: 1.0.0
> Reporter: Benjamin Bannier
> Priority: Critical
> Labels: mesosphere, tech-debt
> Fix For: 1.0.0
>
>
> Libprocess exposes a number of endpoints (at least: {{/logging}}, {{/metrics}}, and {{/profiler}}). If libprocess was initialized with some realm these endpoints require authentication, and don't if not.
> To generate endpoint help we currently use the also function {{AUTHENTICATION}} which injects the following into the help string,
> {code}
> This endpoints requires authentication iff HTTP authentication is enabled.
> {code}
> with {{iff}} documenting a coupling stronger between required authentication and enabled authentication which might not be true for above libprocess endpoints -- it is e.g., true when these endpoints are exposed through mesos masters/agents, but possibly not if exposed through other executables.
> It seems for libprocess endpoint a less strong formulation like e.g.,
> {code}
> This endpoints supports authentication. If HTTP authentication is enabled, this endpoint may require authentication.
> {code}
> might make the generated help strings more reusable.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)