Till Toenshoff created MESOS-2482: ------------------------------------- Summary: Authentication failure / refusal needs to properly be acted upon. Key: MESOS-2482 URL: https://issues.apache.org/jira/browse/MESOS-2482 Project: Mesos Issue Type: Improvement Reporter: Till Toenshoff
The current state of the authentication implementation will retry authentication once an error was received without even validating the underlying failure - possibly causing pointless, infinite retry loops. Authentication may fail due to multiple reasons, among them are things like "authentication refused" (e.g. user/password mismatch), "authentication error" (e.g. packet loss), etc ... We need to make sure the authenticatee (or its host; slave / framework) is properly informed about such errors and may then act accordingly with retries or failures. Retries should e.g. not get triggered by authentication refusal. Retries should also possibly get limited in count and / or by throttling / delays. Additionally, given that we do allow authentication on an optional level ("--authenticate_slaves", "--authenticate" both disabled). Once authentication is optional, a valid fallback on a failed authentication may actually be a registration without authentication. -- This message was sent by Atlassian JIRA (v6.3.4#6332)