You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Andy LoPresto (JIRA)" <ji...@apache.org> on 2018/05/17 16:58:00 UTC
[jira] [Created] (NIFI-5209) Remove toolkit migration without
password functionality
Andy LoPresto created NIFI-5209:
-----------------------------------
Summary: Remove toolkit migration without password functionality
Key: NIFI-5209
URL: https://issues.apache.org/jira/browse/NIFI-5209
Project: Apache NiFi
Issue Type: Improvement
Components: Tools and Build
Affects Versions: 1.7.0
Reporter: Andy LoPresto
Assignee: Andy LoPresto
In NIFI-4942, new functionality was added to allow Ambari clients to perform the encrypted configuration migration without providing the original password or key by using a secure hash of the original credential to demonstrate knowledge of that value. The Ambari team found another way on their end to perform this action, and rather than allow the {{./secure_hash.key}} behavior to be released and then removed at a later time, complicating our security posture and potentially creating difficult support cases, it is better to remove it completely before the 1.7.0 release.
However, it is not as simple as just backing out a few commits, as necessary refactoring of the tool code also occurred at that time. I will remove this feature while maintaining the improvements made to the toolkit.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)