Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-7222

Load authenticator modules as singletons

    XMLWordPrintableJSON

Details

    Description

      The Mesos master/agent code currently loads separate instances of an authenticator module for each realm that the module is installed into. initializeHttpAuthenticators() is called multiple times, and each invocation creates an instance of the module.

      It would be better to create a singleton of each authenticator module. These could be stored in a map, indexed by the module name. Note that libprocess's setAuthenticator() helper currently accepts an Owned<Authenticator> and takes ownership of each module instance. In order to pass ownership of authenticator singletons to libprocess, setAuthenticator() could be changed to something like the following:

      Future<Nothing> setAuthenticator(
    const map<string, Owned<Authenticator>> authenticators,
    const map<string, string> authenticatorRealms);

      Note that the current situation would cause a legitimate bug in the case of a stateful authenticator module which is dynamically updated at runtime. This could lead to inconsistent state across the module instances, when the author intended for them to share a single global state.

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. MESOS-7004 Enable multiple HTTP authenticator modules

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              greggomann Greg Mann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: