You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/07/28 14:38:21 UTC

[jira] [Commented] (NIFI-2122) Users, Groups, Policies API handling of unsecure request

    [ https://issues.apache.org/jira/browse/NIFI-2122?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15397621#comment-15397621 ] 

ASF GitHub Bot commented on NIFI-2122:
--------------------------------------

GitHub user mcgilman opened a pull request:

    https://github.com/apache/nifi/pull/736

    Cleanup endpoints/UI when not running with a configurable authorizer

    NIFI-2122:
    - Merging responses for the current user and the flow configuration.
    - Returning whether NiFi is configured with a policy based authorizer in the flow configuration.
    - Only showing the users and policy icons when configured with a policy based authorizer.
    - Failing faster when invoking the users or policies endpoint when not configured with a configurable authorizer.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mcgilman/nifi NIFI-2122

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/736.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #736
    
----
commit 47a842bf9a481916449f31d4cb1c5191122a75a1
Author: Matt Gilman <ma...@gmail.com>
Date:   2016-07-28T14:37:00Z

    NIFI-2122:
    - Merging responses for the current user and the flow configuration.
    - Returning whether NiFi is configured with a policy based authorizer in the flow configuration.
    - Only showing the users and policy icons when configured with a policy based authorizer.
    - Failing faster when invoking the users or policies endpoint when not configured with a configurable authorizer.

----


> Users, Groups, Policies API handling of unsecure request
> --------------------------------------------------------
>
>                 Key: NIFI-2122
>                 URL: https://issues.apache.org/jira/browse/NIFI-2122
>             Project: Apache NiFi
>          Issue Type: Sub-task
>          Components: Core Framework
>            Reporter: Matt Gilman
>            Assignee: Matt Gilman
>            Priority: Minor
>             Fix For: 1.0.0
>
>
> When the users, groups, or policies endpoint receives an unsecure request we should fail fast likely with an IllegalStateException as using the users, groups, and policies endpoints require HTTPS. Only HTTP the user is always authenticated as an anonymous user.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)