You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Joseph Witt (JIRA)" <ji...@apache.org> on 2018/08/19 13:14:00 UTC
[jira] [Commented] (NIFI-5536) Add EL support for password on AMQP
processors
[ https://issues.apache.org/jira/browse/NIFI-5536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16585142#comment-16585142 ]
Joseph Witt commented on NIFI-5536:
-----------------------------------
password isnt included because there is no clear security model. The variable registry mechanism doesnt support sensitive (aka encrypted in all forms of storage and never exposed in plaintext again other than internal usage). Passing the property in via env variables of course also doesnt protect it to other sys users.
however, with versioned flows sensitive values are better handled. on first setup/import of a versioned flow you can set the value and it will be retained for that env going forward even as flow updates occur.
the ideal and longer term solution will be to make the var reg capability support sensitive values though.
> Add EL support for password on AMQP processors
> ----------------------------------------------
>
> Key: NIFI-5536
> URL: https://issues.apache.org/jira/browse/NIFI-5536
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Reporter: Corey Fritz
> Priority: Major
>
> NIFI-5489 added EL support to the host, port, virtual host, and user properties of AMQP processors. Not sure why password was not included. We have a use case where sensitive values (passwords) are set as environment variables on our Docker containers and then those variables are referenced by name using EL expressions in our processors and controller services. Flow authors then have no need or means to know what those sensitive values are.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)