mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Till Toenshoff (JIRA)" <>
Subject [jira] [Assigned] (MESOS-2001) Authenticatee modules similar to Authenticator modules
Date Tue, 04 Nov 2014 18:28:34 GMT


Till Toenshoff reassigned MESOS-2001:

    Assignee: Till Toenshoff

> Authenticatee modules similar to Authenticator modules
> ------------------------------------------------------
>                 Key: MESOS-2001
>                 URL:
>             Project: Mesos
>          Issue Type: Epic
>          Components: modules
>            Reporter: Till Toenshoff
>            Assignee: Till Toenshoff
>              Labels: authentication, module
> For covering a complete modules based authentication, we will need to allow for authenticatee
modules just like we are with authenticator modules.
> h4.Motivation
> Allow for third parties to quickly develop and plug-in new authentication methods. The
modularized Authenticatee API will lower the barrier for the community to provide new methods
to Mesos. An example for such additional, next step module could be PAM (LDAP, MySQL, NIS,
UNIX) backed authentication. cyrus-sasl2 itself already offers more than a half a dozen mechanisms
via its standard plugins and these could be triggered by additional Authenticator / Authenticatee
modules. cyrus-sasl2 does support even more mechanisms when being custom built (about a full
dozen) but we do not want to bundle cyrus-sasl2 to enforce custom builds. Alternative authentication
(especially non-SASL based) methods may bring in new dependencies that we don't want to enforce
on all of our users. Mesos users may be required to use custom authentication techniques due
to strict security policies.

This message was sent by Atlassian JIRA

View raw message