You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Nurullah Çalışkan (Jira)" <ji...@apache.org> on 2022/12/13 11:46:00 UTC
[jira] [Commented] (NIFI-7246) JWT Generated by a node in the cluster is not honored by other nodes in the cluster.
[ https://issues.apache.org/jira/browse/NIFI-7246?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646587#comment-17646587 ]
Nurullah Çalışkan commented on NIFI-7246:
-----------------------------------------
I would like to mention one thing here. Our problem is this: even if we are using sticky session. If one of the nodes is down, we will have the token I received from it and requests that will go to the server that is down, in this case all the requests we have sent with the token will give an invalid token error. In order to prevent this, the token we receive from any node must be valid on all nodes. Thus, even if the node drops, we will still be able to send requests with tokens.
We also talked about this topic in this slack thread, I would like to continue the thread for possible issues.
https://apachenifi.slack.com/archives/C0L9VCD47/p1669881981704059
> JWT Generated by a node in the cluster is not honored by other nodes in the cluster.
> ------------------------------------------------------------------------------------
>
> Key: NIFI-7246
> URL: https://issues.apache.org/jira/browse/NIFI-7246
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Security
> Reporter: Shreyas KC
> Priority: Major
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> In an externally load balanced cluster without sticky session, it is not possible to currently share the JWT generated by one node with the rest of the nodes in the cluster.
> Hence we need a mechanism where we can introduce static key in the nifi.properties in its chosen by the cluster administrator.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)