You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/07/27 03:41:00 UTC

[jira] [Updated] (NIFI-10284) HTTP Request Log Missing Authenticated User

     [ https://issues.apache.org/jira/browse/NIFI-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Handermann updated NIFI-10284:
------------------------------------
    Status: Patch Available  (was: Open)

> HTTP Request Log Missing Authenticated User
> -------------------------------------------
>
>                 Key: NIFI-10284
>                 URL: https://issues.apache.org/jira/browse/NIFI-10284
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> The framework HTTP {{nifi-request.log}} records the authenticated username, when available, for HTTP request that the Jetty server handles. The {{RequestAuthenticationFilter}} in the {{nifi-jetty}} module provides authenticated user integration for Jetty Requests based on a request attribute that a separate Spring Security filter provides.
> Changes to the Jetty Server filter configuration introduced a different Headers Writer filter, which wraps the {{HttpServletRequest}}. As a result of request wrapping, the {{RequestAuthenticationFilter}} is unable to set the authenticated user on the Jetty Request, which results in a null value being logged for all HTTP requests in {{nifi-request.log}}.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)