You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/03/28 13:48:00 UTC

[jira] [Resolved] (NIFI-6152) Allow OIDC authentication for nifi running behind a proxy server with SSL config

     [ https://issues.apache.org/jira/browse/NIFI-6152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Handermann resolved NIFI-6152.
------------------------------------
    Resolution: Won't Fix

Although requiring TLS for OIDC integration with with NiFi involves additional configuration, it is important to protect the transmission of tokens at all stages of HTTP request processing. If there are other ways to improve the configuration process, more evaluation could be done, but the TLS requirement should not be removed.

> Allow OIDC authentication for nifi running behind a proxy server with SSL config
> --------------------------------------------------------------------------------
>
>                 Key: NIFI-6152
>                 URL: https://issues.apache.org/jira/browse/NIFI-6152
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: nik gonzalez
>            Priority: Major
>
> org.apache.nifi.web.api.AccessResource.java first checks whether request.isSecure() before it proceeds with oidc authentication. This is a proposal to remove this restriction to allow oidc authentication when running nifi behind a reverse proxy (e.g., haproxy, nginx) configured with SSL.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)