You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by kevdoran <gi...@git.apache.org> on 2018/01/30 16:50:36 UTC

[GitHub] nifi-registry pull request #96: NIFIREG-131 Surface auth failure details

GitHub user kevdoran opened a pull request:

    https://github.com/apache/nifi-registry/pull/96

    NIFIREG-131 Surface auth failure details

    Adds logging of root cause for exceptions passed to
    AuthenticationEntryPoint.
    
    AuthenticationEntryPoint writes exception message to response body.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/kevdoran/nifi-registry NIFIREG-131

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi-registry/pull/96.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #96
    
----
commit cd478f5a0cd4a38e4ea67cf115c2a9528bd2bdda
Author: Kevin Doran <kd...@...>
Date:   2018-01-30T16:47:49Z

    NIFIREG-131 Surface auth failure details
    
    Adds logging of root cause for exceptions passed to
    AuthenticationEntryPoint.
    
    AuthenticationEntryPoint writes exception message to response body.

----


---

[GitHub] nifi-registry issue #96: NIFIREG-131 Surface auth failure details

Posted by bbende <gi...@git.apache.org>.

Github user bbende commented on the issue:

    https://github.com/apache/nifi-registry/pull/96
  
    Reviewing...


---

[GitHub] nifi-registry issue #96: NIFIREG-131 Surface auth failure details

Posted by bbende <gi...@git.apache.org>.

Github user bbende commented on the issue:

    https://github.com/apache/nifi-registry/pull/96
  
    +1 Verified I got back the untrusted proxy error on the client side, and also saw it in the logs on registry server side, going to merge, thanks!


---

[GitHub] nifi-registry pull request #96: NIFIREG-131 Surface auth failure details

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/nifi-registry/pull/96


---

[GitHub] nifi-registry issue #96: NIFIREG-131 Surface auth failure details

Posted by kevdoran <gi...@git.apache.org>.

Github user kevdoran commented on the issue:

    https://github.com/apache/nifi-registry/pull/96
  
    This change results in the following responses when testing a composite file+ldap authorizer and accessing and endpoint that requires authentication:
    
    ---
    
    _No credentials:_
    
    ```
    HTTP/1.1 401 Unauthorized
    ...
    
    An Authentication object was not found in the SecurityContext. Contact the system administrator.
    ```
    
    _Bad credentials:_
    
    ```
    HTTP/1.1 401 Unauthorized
    ...
    
    Unable to validate the access token. Contact the system administrator.
    
    ```
    
    _Untrusted Proxy:_ 
    
    ```
    HTTP/1.1 403 Forbidden
    ...
    
    Untrusted proxy [CN=user1, OU=nifi]. Contact the system administrator.
    ```
    
    ---
    
    Logging for the root cause exception has also been added to the AuthenticationEntryPoint bean.


---