Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-2948

Generalize authorizer interface in order to allow for arbitrary Subjects, Actions and Objects

    XMLWordPrintableJSON

    Details

    • Epic Name:
      Generalize authorizer

      Description

      The current mesos::Authorizer API has one method for each of the actions supported (Register Framework, Launch Task and Shutdown Framework), and each of these actions themselves define the objects on which they operate.

      Currently, in case a new action needs to be authorized it is necessary to modify the mesos::Authorizer interface and all its implementations (currently only mesos::LocalAuthorizer), and add a new nested message to the ACL message in mesos.proto.

      An update to the API should allow for new actions and objects to be added without the need to change the mesos::Authorizer interface while encapsulating implementation details on how the authorization process is performed.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                arojas Alexander Rojas
                Reporter:
                arojas Alexander Rojas
                Shepherd:
                Vinod Kone
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: