You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by bbende <gi...@git.apache.org> on 2017/12/13 20:04:03 UTC
[GitHub] nifi-registry pull request #56: NIFIREG-71 Making JettyServer set wantClient...
GitHub user bbende opened a pull request:
https://github.com/apache/nifi-registry/pull/56
NIFIREG-71 Making JettyServer set wantClientAuth to true when needCli…
…entAuth is false
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/bbende/nifi-registry NIFIREG-71
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi-registry/pull/56.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #56
----
commit b2bf4862609ac942b5f7b5504da67f346e6320fd
Author: Bryan Bende <bb...@apache.org>
Date: 2017-12-13T20:02:30Z
NIFIREG-71 Making JettyServer set wantClientAuth to true when needClientAuth is false
----
---
[GitHub] nifi-registry issue #56: NIFIREG-71 Making JettyServer set wantClientAuth to...
Posted by kevdoran <gi...@git.apache.org>.
Github user kevdoran commented on the issue:
https://github.com/apache/nifi-registry/pull/56
Hey @bbende, I tried this out and it worked for me. Using a NiFi Registry server I had configured for LDAP login authentication, I was able to access the server using a certificate trusted by the server without a token generated from login credentials, which was pretty cool.
In testing different scenarios (e.g., could I still authenticate with a JWT based on LDAP credentials without providing a client cert), it was difficult for me to change the behavior of what my browser was doing. Chrome still wanted to send the certificate I had previously selected from my Mac's System Keychain and ultimately I had to delete that certificate there to force it to prompt me again. Likewise, once I selected no certificate, I had to delete the server's cert that I had previously. This is quite
---
[GitHub] nifi-registry issue #56: NIFIREG-71 Making JettyServer set wantClientAuth to...
Posted by bbende <gi...@git.apache.org>.
Github user bbende commented on the issue:
https://github.com/apache/nifi-registry/pull/56
Thanks! I'll go ahead and merge this
---
[GitHub] nifi-registry pull request #56: NIFIREG-71 Making JettyServer set wantClient...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/nifi-registry/pull/56
---