You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Gavin (JIRA)" <ji...@apache.org> on 2019/04/29 09:28:09 UTC
[jira] [Issue Comment Deleted] (MESOS-4847) Agent HTTP
Authentication
[ https://issues.apache.org/jira/browse/MESOS-4847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gavin updated MESOS-4847:
-------------------------
Comment: was deleted
(was: www.rtat.net)
> Agent HTTP Authentication
> -------------------------
>
> Key: MESOS-4847
> URL: https://issues.apache.org/jira/browse/MESOS-4847
> Project: Mesos
> Issue Type: Epic
> Components: agent, security
> Reporter: Adam B
> Assignee: Greg Mann
> Priority: Major
> Labels: authentication, mesosphere, security
> Fix For: 1.0.0
>
>
> Now that the master has set a standard for http authentication, the agents should join the fun. Since a user must access the agent node to get to sandbox data, it and the rest of the endpoints should be configurable to require authentication, to prevent rogue users from viewing/modifying agent settings/data.
> This will involve adding agent flags like `--authenticate_http --http_authenticators="basic"`
> and even the equivalent of `--credentials` (maybe renamed)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)