[
https://issues.apache.org/jira/browse/NIFI-1274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15188311#comment-15188311
]
Andy LoPresto commented on NIFI-1274:
-------------------------------------
Sorry, haven't been good about documenting here. I have been working on this as
follows:
Research:
* [Hadoop and Kerberos: The Madness Beyond the
Gate](https://www.gitbook.com/book/steveloughran/kerberos_and_hadoop/details)
* [Best Practices for Integrating Kerberos into Your
Application](http://www.kerberos.org/software/appskerberos.pdf)
* [The Moron's Guide to
Kerberos](https://4knowledge.sharepoint.com/Shared%20Documents/moron%20guide%20to%20kerberos%20brian_security_kerberos.pdf)
* [Kerberos Protocol Tutorial](http://www.kerberos.org/software/tutorial.html)
* [Kerberos
Explained](https://technet.microsoft.com/en-us/library/bb742516.aspx)
* [Explain Like I'm 5:
Kerberos](http://www.roguelynn.com/words/explain-like-im-5-kerberos/)
* [Setting Up a Kerberos Test
Environment](http://www.roguelynn.com/words/setting-up-a-kerberos-test-environment/)
* [Fedora Documentation -
KDC](https://docs.fedoraproject.org/en-US/Fedora/17/html/FreeIPA_Guide/ipa-linux-services.html#Kerberos_KDC)
* [Client/Server Hello World in Kerberos, Java and
GSS](http://thejavamonkey.blogspot.com/2008/04/clientserver-hello-world-in-kerberos.html)
* [Oracle Introduction to JAAS and Java GSS-API
Tutorials](http://docs.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/index.html)
* [Active Directory and Kerberos Service Principal
Names](http://thejavamonkey.blogspot.com/2008/03/active-directory-and-kerberos-service.html)
* [Single Sign-on Using Kerberos in
Java](http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/single-signon.html)
* [GitHub Spring Security
Kerberos](https://github.com/spring-projects/spring-security-kerberos)
* [Ubuntu Kerberos Help](https://help.ubuntu.com/community/Kerberos)
* [Designing an Authentication System: a Dialogue in Four
Scenes](http://web.mit.edu/Kerberos/dialogue.html)
* [Securing Kafka
Blog](http://www.confluent.io/blog/apache-kafka-security-authorization-authentication-encryption)
* [Common Kerberos Errors and
Solutions](https://community.hortonworks.com/articles/4755/common-kerberos-errors-and-solutions.html)
* [Java Authentication and Authorization Service (JAAS) Reference Guide]
(http://docs.oracle.com/javase/7/docs/technotes/guides/security/jaas/JAASRefGuide.html)
Resources:
* [FreeIPA](http://www.freeipa.org/page/Main_Page)
* [GNU Shishi](http://www.gnu.org/software/shishi/)
* [GNU SASL Library - libgsasl](http://www.gnu.org/software/gsasl/)
* [Heimdal](http://www.h5l.org)
My plan is to use the Spring Security Kerberos plugin to provide authentication
through a new `KerberosProvider` implementation of `LoginIdentityProvider`.
I hope to have a working demo for early next week.
> Kerberos based authentication
> -----------------------------
>
> Key: NIFI-1274
> URL: https://issues.apache.org/jira/browse/NIFI-1274
> Project: Apache NiFi
> Issue Type: New Feature
> Components: Extensions
> Reporter: Matt Gilman
> Assignee: Andy LoPresto
> Labels: authentication, security
> Fix For: 0.6.0
>
>
> Add support for Kerberos based authentication.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
