You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Adam B (JIRA)" <ji...@apache.org> on 2016/05/27 06:52:12 UTC

[jira] [Comment Edited] (MESOS-5379) Authentication documentation for libprocess endpoints can be misleading.

    [ https://issues.apache.org/jira/browse/MESOS-5379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15303652#comment-15303652 ] 

Adam B edited comment on MESOS-5379 at 5/27/16 6:51 AM:
--------------------------------------------------------

Untargeting from 0.29, since we don't have time/assignee to work on it. Also downgraded from a Blocker, but I doubt it's even Critical. [~bbannier], can you explain why this is a "Blocker"? Or I guess [~alexr] upgraded it..


was (Author: adam-mesos):
Untargeting from 0.29, since we don't have time/assignee to work on it. Also downgraded from a Blocker, but I doubt it's even Critical. [~bbannier], can you explain why this is a "Blocker"?

> Authentication documentation for libprocess endpoints can be misleading.
> ------------------------------------------------------------------------
>
>                 Key: MESOS-5379
>                 URL: https://issues.apache.org/jira/browse/MESOS-5379
>             Project: Mesos
>          Issue Type: Bug
>          Components: documentation, libprocess
>    Affects Versions: 0.29.0
>            Reporter: Benjamin Bannier
>            Priority: Critical
>              Labels: mesosphere, tech-debt
>
> Libprocess exposes a number of endpoints (at least: {{/logging}}, {{/metrics}}, and {{/profiler}}). If libprocess was initialized with some realm these endpoints require authentication, and don't if not.
> To generate endpoint help we currently use the also function {{AUTHENTICATION}} which injects the following into the help string,
> {code}
> This endpoints requires authentication iff HTTP authentication is enabled.
> {code}
> with {{iff}} documenting a coupling stronger between required authentication and enabled authentication which might not be true for above libprocess endpoints -- it is e.g., true when these endpoints are exposed through mesos masters/agents, but possibly not if exposed through other executables.
> It seems for libprocess endpoint a less strong formulation like e.g.,
> {code}
> This endpoints supports authentication. If HTTP authentication is enabled, this endpoint may require authentication.
> {code}
> might make the generated help strings more reusable.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)