You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/07/22 15:47:00 UTC

[jira] [Commented] (NIFI-8931) Remove One-time Password Authentication

    [ https://issues.apache.org/jira/browse/NIFI-8931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17385623#comment-17385623 ] 

ASF subversion and git services commented on NIFI-8931:
-------------------------------------------------------

Commit 0ba9f0dc216387b6748f1a0cdf84a5804241029c in nifi's branch refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0ba9f0d ]

NIFI-8931 Removed OTP Authentication

- Removed download-token and ui-extension-token REST resources
- Removed getAccessToken functions from JavaScript components

Signed-off-by: Nathan Gough <th...@gmail.com>

This closes #5235.


> Remove One-time Password Authentication
> ---------------------------------------
>
>                 Key: NIFI-8931
>                 URL: https://issues.apache.org/jira/browse/NIFI-8931
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Security
>    Affects Versions: 1.15.0
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Major
>              Labels: JWT, OTP, cookies, security
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> The introduction of HTTP Cookies to pass JSON Web Tokens in NIFI-7870 resolved issues retrieving static resources and also removed the need for One-time Password authentication.
> Eliminating OTP authentication and associated REST endpoints for generating tokens will simplify the overall NiFi web security configuration.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)