You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/07/14 21:16:00 UTC

[jira] [Created] (NIFI-10233) Correct Anonymous Authentication for HTTP Access

David Handermann created NIFI-10233:
---------------------------------------

             Summary: Correct Anonymous Authentication for HTTP Access
                 Key: NIFI-10233
                 URL: https://issues.apache.org/jira/browse/NIFI-10233
             Project: Apache NiFi
          Issue Type: Bug
            Reporter: David Handermann
            Assignee: David Handermann


Refactoring the NiFi Spring Security configuration added a check to determine whether application properties allowed anonymous authentication. The {{nifi.security.allow.anoymous.authentication}} property is {{false}} in the default configuration, but the changing the property should not be necessary when configuring HTTP without TLS.

The Spring Security configuration should be adjusted to restore current behavior, which enables anonymous authentication when configuring unencrypted HTTP.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)