You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2020/12/14 00:15:59 UTC

[GitHub] [nifi] mark-weghorst commented on a change in pull request #4508: NIFI-6576 add basic auth to confluent schema registry service

mark-weghorst commented on a change in pull request #4508:
URL: https://github.com/apache/nifi/pull/4508#discussion_r542039470



##########
File path: nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/client/RestSchemaRegistryClient.java
##########
@@ -68,14 +69,21 @@
     private static final String SCHEMA_REGISTRY_CONTENT_TYPE = "application/vnd.schemaregistry.v1+json";
 
 
-    public RestSchemaRegistryClient(final List<String> baseUrls, final int timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
+    public RestSchemaRegistryClient(final List<String> baseUrls, final String authType, final String authUser,
+                                    final String authPass, final int timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
         this.baseUrls = new ArrayList<>(baseUrls);
 
         final ClientConfig clientConfig = new ClientConfig();
         clientConfig.property(ClientProperties.CONNECT_TIMEOUT, timeoutMillis);
         clientConfig.property(ClientProperties.READ_TIMEOUT, timeoutMillis);
         client = WebUtils.createClient(clientConfig, sslContext);
 
+        if (!authUser.isEmpty() && !authType.isEmpty()) {
+            if (authType.equals("BASIC")) {
+                client.register(HttpAuthenticationFeature.basic(authUser, authPass));

Review comment:
       I went ahead and re-worked the validator to generate warnings when using schema registry without TLS encyption.  
   
   As for the null password, while it is in fact RFC compliant the Confluent Schema registry does not list this as supported in their documentation.  
   
   100% of the examples they give for configuration include a username/passsword combination.  So I've kept the requirement that both the username and password be set. 




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org