You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2021/03/10 18:51:11 UTC

[GitHub] [nifi] bbende commented on a change in pull request #4857: NIFI-8230 Removed default Sensitive Properties Key

bbende commented on a change in pull request #4857:
URL: https://github.com/apache/nifi/pull/4857#discussion_r591783286



##########
File path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-properties-loader/src/main/java/org/apache/nifi/properties/NiFiPropertiesLoader.java
##########
@@ -241,9 +241,54 @@ public NiFiProperties load(String path) {
      */
     public NiFiProperties get() {
         if (instance == null) {
-            instance = loadDefault();
+            instance = getDefaultProperties();
         }
 
         return instance;
     }
+
+    private NiFiProperties getDefaultProperties() {
+        NiFiProperties defaultProperties = loadDefault();
+        if (isKeyGenerationRequired(defaultProperties)) {
+            final File flowConfiguration = defaultProperties.getFlowConfigurationFile();
+            if (flowConfiguration.exists()) {
+                logger.error("Flow Configuration [{}] Found: Migration Required for blank Sensitive Properties Key [{}]", flowConfiguration, NiFiProperties.SENSITIVE_PROPS_KEY);
+                final String message = String.format("Sensitive Properties Key [%s] not found: %s", NiFiProperties.SENSITIVE_PROPS_KEY, MIGRATION_INSTRUCTIONS);
+                throw new SensitivePropertyProtectionException(message);
+            }
+            setSensitivePropertiesKey();

Review comment:
       If we are setting up a cluster, I assume that this call is going to generate a different random key on each node, which I think would mean that when a node receives a fingerprint or flow from the cluster coordinator, there would be an issue since they don't have the same key.
   
   Maybe it makes sense to also check if one of the clustering properties is set, and make it part of the error scenario above so that in a cluster, the user is required to enter a sensitive props key?
   
   @markap14 do you have any thoughts?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org