Faking mcollective's caller id on client side
Quote from official mcollective's security overview: "The client embeds a caller structure in each request, if RSA decryption pass the rest of the MCollective agents, auditing etc can securely know who initiated a request. This caller is used later during Authorization and Auditing." But callerid could be easily faked by a client just by modifying security plug-in. And because of that it cannot be used for authorization purposes. Is it possible to define callerid only on server side by mapping client's certificate to login name?