You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by bbende <gi...@git.apache.org> on 2017/12/13 20:04:03 UTC

[GitHub] nifi-registry pull request #56: NIFIREG-71 Making JettyServer set wantClient...

GitHub user bbende opened a pull request:

    https://github.com/apache/nifi-registry/pull/56

    NIFIREG-71 Making JettyServer set wantClientAuth to true when needCli…

    …entAuth is false

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/bbende/nifi-registry NIFIREG-71

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi-registry/pull/56.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #56
    
----
commit b2bf4862609ac942b5f7b5504da67f346e6320fd
Author: Bryan Bende <bb...@apache.org>
Date:   2017-12-13T20:02:30Z

    NIFIREG-71 Making JettyServer set wantClientAuth to true when needClientAuth is false

----


---

[GitHub] nifi-registry issue #56: NIFIREG-71 Making JettyServer set wantClientAuth to...

Posted by kevdoran <gi...@git.apache.org>.

Github user kevdoran commented on the issue:

    https://github.com/apache/nifi-registry/pull/56
  
    Hey @bbende, I tried this out and it worked for me. Using a NiFi Registry server I had configured for LDAP login authentication, I was able to access the server using a certificate trusted by the server without a token generated from login credentials, which was pretty cool.
    
    In testing different scenarios (e.g., could I still authenticate with a JWT based on LDAP credentials without providing a client cert), it was difficult for me to change the behavior of what my browser was doing. Chrome still wanted to send the certificate I had previously selected from my Mac's System Keychain and ultimately I had to delete that certificate there to force it to prompt me again. Likewise, once I selected no certificate, I had to delete the server's cert that I had previously. This is quite


---

[GitHub] nifi-registry issue #56: NIFIREG-71 Making JettyServer set wantClientAuth to...

Posted by bbende <gi...@git.apache.org>.

Github user bbende commented on the issue:

    https://github.com/apache/nifi-registry/pull/56
  
    Thanks! I'll go ahead and merge this


---

[GitHub] nifi-registry pull request #56: NIFIREG-71 Making JettyServer set wantClient...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/nifi-registry/pull/56


---