You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/10/18 13:15:05 UTC
[jira] [Commented] (NIFI-1042) ListenHTTP should add property with
the remote IP submitting data
[ https://issues.apache.org/jira/browse/NIFI-1042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14962298#comment-14962298 ]
ASF GitHub Bot commented on NIFI-1042:
--------------------------------------
GitHub user trixpan opened a pull request:
https://github.com/apache/nifi/pull/105
Adds restlistener.remote.source.ip attribute to ListenHTTP dataflows
Adds restlistener.remote.source.ip attribute (representing the source IP of the
original http request) to dataflow.
Closes NIFI-1042
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/trixpan/nifi master
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/105.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #105
----
commit 6c6dc9301e6289577aac9f219826a0c30a5ea582
Author: Andre F de Miranda <tr...@users.noreply.github.com>
Date: 2015-10-18T10:53:39Z
Adds restlistener.remote.source.ip attribute (representing the source IP of the original http request to dataflow
Closes NIFI-1042
----
> ListenHTTP should add property with the remote IP submitting data
> -----------------------------------------------------------------
>
> Key: NIFI-1042
> URL: https://issues.apache.org/jira/browse/NIFI-1042
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 0.3.0, 0.2.0, 0.1.0, 0.0.2, 0.0.1, 0.2.1
> Reporter: Mike de Rhino
> Fix For: 0.4.0
>
>
> Dataflows created by the ListenHTTP processor lack a "source IP attribute". Source DNs are great but they do not prove data provenance in isolation (after all one could copy an unprotected x509 certificate and submit from a separate machine).
> Ideally data provenance should include both the source DN (if available) and the source IP. Not perfect (as the IP could still be spoofed / MiTM/ etc) but better than relying on certificates only.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)