You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/07/27 03:41:00 UTC
[jira] [Updated] (NIFI-10284) HTTP Request Log Missing Authenticated User
[ https://issues.apache.org/jira/browse/NIFI-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann updated NIFI-10284:
------------------------------------
Status: Patch Available (was: Open)
> HTTP Request Log Missing Authenticated User
> -------------------------------------------
>
> Key: NIFI-10284
> URL: https://issues.apache.org/jira/browse/NIFI-10284
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The framework HTTP {{nifi-request.log}} records the authenticated username, when available, for HTTP request that the Jetty server handles. The {{RequestAuthenticationFilter}} in the {{nifi-jetty}} module provides authenticated user integration for Jetty Requests based on a request attribute that a separate Spring Security filter provides.
> Changes to the Jetty Server filter configuration introduced a different Headers Writer filter, which wraps the {{HttpServletRequest}}. As a result of request wrapping, the {{RequestAuthenticationFilter}} is unable to set the authenticated user on the Jetty Request, which results in a null value being logged for all HTTP requests in {{nifi-request.log}}.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)