You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Curtis Ruck (JIRA)" <ji...@apache.org> on 2018/08/07 14:23:00 UTC

[jira] [Created] (NIFI-5493) Reverse Proxy & OIDC

Curtis Ruck created NIFI-5493:
---------------------------------

             Summary: Reverse Proxy & OIDC
                 Key: NIFI-5493
                 URL: https://issues.apache.org/jira/browse/NIFI-5493
             Project: Apache NiFi
          Issue Type: Bug
          Components: Security
    Affects Versions: 1.7.1, 1.7.0
         Environment: Reverse Proxy w/ SSL Client Auth between Nifi and Reverse Proxy
            Reporter: Curtis Ruck


In my environment we have a reverse proxy that (httpd) that does SSL Client Auth to authenticate the TLS session between reverse proxy and application servers.

When trying to configure OIDC authentication, the reverse proxy's SSL Client Auth certificate is "authenticated" prior to triggering the OIDC redirect for authentication.

Ideally, I believe there should be a mechanism to disable NiFi Client Auth, or enabling a priority between authentication mechanisms.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)