[GitHub] [nifi] exceptionfactory commented on pull request #6662: NIFI-10776 add NONE and PKI AuthorizationSchemes for ElasticSearchClientService

[GitBox <gi...@apache.org>]

exceptionfactory commented on PR #6662:
URL: https://github.com/apache/nifi/pull/6662#issuecomment-1315875952

   Thanks for the reply @ChrisSamo632, good points. Of course this would have been more logical if the Scheme property had been there since the beginning, but adding it later does make it a little more challenging.
   
   As it stands, the default `BASIC` value shows the `Username` and `Password`, but since they are optional, the effective behavior is `NONE`.
   
   Given the complexity of the validation code, I'm not as inclined to add it for informational purposes. Adding `NONE` might be helpful, as it would effectively hide the `Username` and `Password` properties, without the need for custom validation. `PKI` is tricky because the `SSL Context Service` may or may not be used for authentication.
   
   Taking a step back, the `Authorization Scheme` property description does indicate that it is used for authenticating with the `HTTP Authorization header`, which is not applicable to `PKI`. I could go either way on `NONE`. Perhaps just updating the description of the property would be helpful?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org