mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernd Mathiske" <be...@mesosphere.io>
Subject Re: Review Request 37999: Implemented http::AuthenticatorManager
Date Fri, 06 Nov 2015 16:56:15 GMT


> On Nov. 6, 2015, 7:22 a.m., Bernd Mathiske wrote:
> > 3rdparty/libprocess/src/process.cpp, line 750
> > <https://reviews.apache.org/r/37999/diff/12/?file=1116827#file1116827line750>
> >
> >     Shouldn't we push the realm as challenge here already?
> >     
> >     If we do this below only if all challenges are empty, we are missing the case
where challenges are present some are and some are not.
> 
> Alexander Rojas wrote:
>     Well, as it is mentioned in the comment below either:
>     1. Authentication succeed, no need to add challenges, forward to the handler.
>     2. It is a multi-step authentication, the case is also handled in this block. If
there is at least one multi-step, we only send the headers corresponding to them (and they
come in the challenges part) in which case, challenges won't be null in the block below.
>     3. Authentication failed, we send all the challenges.
>     
>     So no, we don't push challenges here because we are still looking for at least one
multi-step mechanism.

Just to clarify: so we are not expecting the user to switch to another still available scheme
when there is a multi-step one? Why not advertise more choice to the user then?


- Bernd


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/37999/#review105421
-----------------------------------------------------------


On Nov. 5, 2015, 9:07 a.m., Alexander Rojas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/37999/
> -----------------------------------------------------------
> 
> (Updated Nov. 5, 2015, 9:07 a.m.)
> 
> 
> Review request for mesos, Adam B, Benjamin Hindman, Bernd Mathiske, and Till Toenshoff.
> 
> 
> Bugs: MESOS-3231
>     https://issues.apache.org/jira/browse/MESOS-3231
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Introduces the authenticator manager, which is a class which handles the actual authentication
procedure during the execution of `ProcessManager::handle()` and it also takes care of the
life cycle of instances of http::Authenticator.
> 
> No tests are added at this point since no public API is generated, the goal of this patch
is to implement the manager and verify nothing breaks afterwards. Authenticator manager tests
proper come in a latter patch.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/include/Makefile.am fcc62e99b92b9d2e7ab344e561a06dd6de1fef7e 
>   3rdparty/libprocess/include/process/authenticator.hpp PRE-CREATION 
>   3rdparty/libprocess/include/process/event.hpp 16ddbd77afa6efdf6bad201aa497ee102aa863ae

>   3rdparty/libprocess/include/process/http.hpp 90c9be122ee0c402b806d70fc818e3c03b15101a

>   3rdparty/libprocess/src/process.cpp a94712b9ac3b60fb047b3a5a4d84a56fa4d02313 
> 
> Diff: https://reviews.apache.org/r/37999/diff/
> 
> 
> Testing
> -------
> 
> make check
> 
> 
> Thanks,
> 
> Alexander Rojas
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message