You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/07/22 15:47:00 UTC
[jira] [Commented] (NIFI-8931) Remove One-time Password
Authentication
[ https://issues.apache.org/jira/browse/NIFI-8931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17385623#comment-17385623 ]
ASF subversion and git services commented on NIFI-8931:
-------------------------------------------------------
Commit 0ba9f0dc216387b6748f1a0cdf84a5804241029c in nifi's branch refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0ba9f0d ]
NIFI-8931 Removed OTP Authentication
- Removed download-token and ui-extension-token REST resources
- Removed getAccessToken functions from JavaScript components
Signed-off-by: Nathan Gough <th...@gmail.com>
This closes #5235.
> Remove One-time Password Authentication
> ---------------------------------------
>
> Key: NIFI-8931
> URL: https://issues.apache.org/jira/browse/NIFI-8931
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Security
> Affects Versions: 1.15.0
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Labels: JWT, OTP, cookies, security
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The introduction of HTTP Cookies to pass JSON Web Tokens in NIFI-7870 resolved issues retrieving static resources and also removed the need for One-time Password authentication.
> Eliminating OTP authentication and associated REST endpoints for generating tokens will simplify the overall NiFi web security configuration.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)