mesos-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Greg Mann (JIRA)" <j...@apache.org>
Subject [jira] [Created] (MESOS-5005) Make `ReservationInfo.principal` and `Persistence.principal` equivalent
Date Tue, 22 Mar 2016 18:36:25 GMT
Greg Mann created MESOS-5005:
--------------------------------

             Summary: Make `ReservationInfo.principal` and `Persistence.principal` equivalent
                 Key: MESOS-5005
                 URL: https://issues.apache.org/jira/browse/MESOS-5005
             Project: Mesos
          Issue Type: Bug
            Reporter: Greg Mann


Currently, we require that `ReservationInfo.principal` be equal to the principal provided
for authentication, which means that when HTTP authentication is disabled this field cannot
be set. Based on comments in 'mesos.proto', the original intention was to enforce this same
constraint for `Persistence.principal`, but it seems that we don't enforce it. This should
be changed to make the two fields equivalent.

This means that when HTTP authentication is disabled, requests to '/reserve' cannot set {{ReservationInfo.principal}},
while requests to `/create-volumes` can set any principal in {{Persistence.principal}}. One
solution would be to add the constraint to {{Persistence.principal}} when HTTP authentication
is enabled, and remove the constraint from {{ReservationInfo.principal}} when HTTP authentication
is disabled: this would allow us to track a reserver/creator principal when HTTP authentication
is disabled.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message