You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Chris Sampson (Jira)" <ji...@apache.org> on 2022/11/14 20:58:00 UTC

[jira] [Updated] (NIFI-10776) Add support for PKI Authentication in ElasticSearchClientServiceImpl

     [ https://issues.apache.org/jira/browse/NIFI-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Chris Sampson updated NIFI-10776:
---------------------------------
    Status: Patch Available  (was: In Progress)

> Add support for PKI Authentication in ElasticSearchClientServiceImpl
> --------------------------------------------------------------------
>
>                 Key: NIFI-10776
>                 URL: https://issues.apache.org/jira/browse/NIFI-10776
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>            Reporter: Nandor Soma Abonyi
>            Assignee: Chris Sampson
>            Priority: Major
>              Labels: elasticsearch
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Also add NONE as an AuthenticationScheme option.
> By [~Chris S]:
> I'd probably stick with {{BASIC}} being the default as that would mean {{{}Username{}}}/{{{}Password{}}} remain available by default when adding the Processor to the canvas, which matches the current behaviour and therefore is backwards compatible.
> If the user selects {{NONE}} then I guess we'd be hiding the existing Username/Password and new {{{}API Key{}}}property inputs (via {{{}dependsOn{}}}).
> If the user selected {{PKI}} then it would be great if the {{SSLContext Controller}} become mandatory, but I don't think that's currently possible, so in effect this would have the same effect as {{NONE}} on the available processor properties (we don't want to hide {{SSL Context}} if something other than {{PKI}} is selected here, as {{{}https{}}}/{{{}TLS{}}}might very well still be needed even if it's not used for Auth in Elasticsearch).
> One option might be to use some {{customerValidation}} for this though - if the user has selected {{{}PKI{}}}, they {*}must{*}also specify an {{SSL Context}} in their processor configuration. Similarly, if {{NONE}} is selected, then we could validate that none of the Username/Password/API Key fields are provided?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)