You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Chris Sampson (Jira)" <ji...@apache.org> on 2022/11/13 20:53:00 UTC
[jira] [Assigned] (NIFI-10776) Add support for PKI Authentication in ElasticSearchClientServiceImpl
[ https://issues.apache.org/jira/browse/NIFI-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Sampson reassigned NIFI-10776:
------------------------------------
Assignee: Chris Sampson
> Add support for PKI Authentication in ElasticSearchClientServiceImpl
> --------------------------------------------------------------------
>
> Key: NIFI-10776
> URL: https://issues.apache.org/jira/browse/NIFI-10776
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Reporter: Nandor Soma Abonyi
> Assignee: Chris Sampson
> Priority: Major
> Labels: elasticsearch
>
> Also add NONE as an AuthenticationScheme option.
> By [~Chris S]:
> I'd probably stick with {{BASIC}} being the default as that would mean {{{}Username{}}}/{{{}Password{}}} remain available by default when adding the Processor to the canvas, which matches the current behaviour and therefore is backwards compatible.
> If the user selects {{NONE}} then I guess we'd be hiding the existing Username/Password and new {{{}API Key{}}}property inputs (via {{{}dependsOn{}}}).
> If the user selected {{PKI}} then it would be great if the {{SSLContext Controller}} become mandatory, but I don't think that's currently possible, so in effect this would have the same effect as {{NONE}} on the available processor properties (we don't want to hide {{SSL Context}} if something other than {{PKI}} is selected here, as {{{}https{}}}/{{{}TLS{}}}might very well still be needed even if it's not used for Auth in Elasticsearch).
> One option might be to use some {{customerValidation}} for this though - if the user has selected {{{}PKI{}}}, they {*}must{*}also specify an {{SSL Context}} in their processor configuration. Similarly, if {{NONE}} is selected, then we could validate that none of the Username/Password/API Key fields are provided?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)