[jira] [Created] (NIFI-10776) Add support for PKI Authentication in ElasticSearchClientServiceImpl

["Nandor Soma Abonyi (Jira)" <ji...@apache.org>]

Nandor Soma Abonyi created NIFI-10776:
-----------------------------------------

             Summary: Add support for PKI Authentication in ElasticSearchClientServiceImpl
                 Key: NIFI-10776
                 URL: https://issues.apache.org/jira/browse/NIFI-10776
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Extensions
            Reporter: Nandor Soma Abonyi


Also add NONE as an AuthenticationScheme option.


By [~Chris S]:

I'd probably stick with {{BASIC}} being the default as that would mean {{{}Username{}}}/{{{}Password{}}} remain available by default when adding the Processor to the canvas, which matches the current behaviour and therefore is backwards compatible.

If the user selects {{NONE}} then I guess we'd be hiding the existing Username/Password and new {{{}API Key{}}}property inputs (via {{{}dependsOn{}}}).

If the user selected {{PKI}} then it would be great if the {{SSLContext Controller}} become mandatory, but I don't think that's currently possible, so in effect this would have the same effect as {{NONE}} on the available processor properties (we don't want to hide {{SSL Context}} if something other than {{PKI}} is selected here, as {{{}https{}}}/{{{}TLS{}}}might very well still be needed even if it's not used for Auth in Elasticsearch).

One option might be to use some {{customerValidation}} for this though - if the user has selected {{{}PKI{}}}, they {*}must{*}also specify an {{SSL Context}} in their processor configuration. Similarly, if {{NONE}} is selected, then we could validate that none of the Username/Password/API Key fields are provided?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)