You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/03/14 19:54:00 UTC
[jira] [Commented] (NIFI-9796) Update Registry Spring Security Configuration to Avoid Warnings
[ https://issues.apache.org/jira/browse/NIFI-9796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17506503#comment-17506503 ]
ASF subversion and git services commented on NIFI-9796:
-------------------------------------------------------
Commit 36b3f184249c2184df7ae69a23c30144f5c2c2b2 in nifi's branch refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=36b3f18 ]
NIFI-9796 This closes #5866. Updated Registry Security Configuration to avoid warnings
- Replaced WebSecurity.ignoring().antMatchers() with HttpSecurity.authorizeRequests().antMatchers()
Signed-off-by: Joe Witt <jo...@apache.org>
> Update Registry Spring Security Configuration to Avoid Warnings
> ---------------------------------------------------------------
>
> Key: NIFI-9796
> URL: https://issues.apache.org/jira/browse/NIFI-9796
> Project: Apache NiFi
> Issue Type: Improvement
> Components: NiFi Registry
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Time Spent: 20m
> Remaining Estimate: 0h
>
> NiFi Registry relies on Spring Security to implement authentication and authorization. Recent versions of Spring Security added a warning message indicating a deprecated use of pattern-based path configuration. The NiFi Registry Spring Security configuration should be updated to avoid the following warning:
> {noformat}
> WARN [main] o.s.s.c.a.web.builders.WebSecurity You are asking Spring Security to ignore Ant [pattern='/access/token/identity-provider']. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead. {noformat}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)