[
https://issues.apache.org/jira/browse/MESOS-5343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15376612#comment-15376612
]
Benjamin Bannier commented on MESOS-5343:
-----------------------------------------
[~adam-mesos]: I do not plan to spend a lot of time on this in the next week. I
published a RR for enforcing the existing agent flag semantics also in the
master,
https://reviews.apache.org/r/50024/
but before this can be committed we will need to spend some time cleaning up
tests.
Currently we specify e.g., master {{credentials}}, often pretty low in the
testing infrastructure, but do not enable authn in all cases. Having default
credentials is useful, but so is being able to test code paths not using authn.
We will need to decide on a case by case basis what behavior a test should have
before changing it.
> Behavior of custom HTTP authenticators with disabled HTTP authentication is
> inconsistent between master and agent
> -----------------------------------------------------------------------------------------------------------------
>
> Key: MESOS-5343
> URL: https://issues.apache.org/jira/browse/MESOS-5343
> Project: Mesos
> Issue Type: Bug
> Affects Versions: 1.0.0
> Reporter: Benjamin Bannier
> Assignee: Benjamin Bannier
> Priority: Minor
> Labels: mesosphere, security
>
> When setting a custom authenticator with {{http_authenticators}} and also
> specifying {{authenticate_http=false}} currently agents refuse to start with
> {code}
> A custom HTTP authenticator was specified with the '--http_authenticators'
> flag, but HTTP authentication was not enabled via '--authenticate_http'
> {code}
> Masters on the other hand accept this setting.
> Having differing behavior between master and agents is confusing, and we
> should decide on whether we want to accept these settings or not, and make
> the implementations consistent.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
