[ https://issues.apache.org/jira/browse/MESOS-3947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15018212#comment-15018212 ]
Marco Massenzio edited comment on MESOS-3947 at 11/20/15 4:13 PM: ------------------------------------------------------------------ This makes obviously a lot of sense (although, I'm not sure why the {{GET}} should not be authenticated, so it'd be great if you could elaborate that point). However, I believe, this should be part of a broader activity involving *all* endpoints, within the scope of the {{HttpAuthenticator}} effort. Please see MESOS-2297 for more details. was (Author: marco-mesos): This makes obviously a lot of sense (although, I'm not sure why the {{GET}} should not be authenticated, so it'd be great if you could elaborate that point). However, I believe, this should be part of a broader activity involving *all* endpoints, within the scope of the {{HttpAuthorizer}} effort. Please see MESOS-2297 for more details. > Authenticate /roles request > --------------------------- > > Key: MESOS-3947 > URL: https://issues.apache.org/jira/browse/MESOS-3947 > Project: Mesos > Issue Type: Task > Reporter: Yong Qiao Wang > Assignee: Yong Qiao Wang > > /roles requests except GET method need to be authenticated. > This ticket will authenticate /roles requests using credentials provided by > the `Authorization` field of the HTTP request. This is similar to how > authentication is implemented in `Master::Http`. -- This message was sent by Atlassian JIRA (v6.3.4#6332)