[
https://issues.apache.org/jira/browse/MINIFI-303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Doran updated MINIFI-303:
-------------------------------
Description:
The property {{nifi.security.need.ClientAuth=false}} has no effect (ie, the
application will operate as if {{nifi.security.need.ClientAuth=true}}
Steps to reproduce:
In conf/minifi.properties, set:
{noformat}
nifi.security.need.ClientAuth=false
{noformat}
At runtime, observe in minifi-app.log.txt:
{noformat}
[2017-05-08 11:21] [minifi log] [error] Certificate and Private Key PEM file
not configured, error: Undefined error: 0.
{noformat}
At a quick glance, it looks like this is a bug in the logic in
nifi-minifi-cpp/libminifi/src/io/tls/TLSSocket.cpp. In that file, back tracing
from the error string, it appears the conditional that gates loading the
Certificate and Private Key PEM file properties is incorrect when
nifi.security.need.ClientAuth=false.
Should be a simple fix, and it's not clear to me if there is even any
functionality impact, ie, its possible that trying and failing to authenticate
the client results in the same end state as not trying to authenticate the
client (aside from the confusing error message).
was:
The property {{nifi.security.need.ClientAuth=false}} has no effect (ie, the
application will operate as if {{nifi.security.need.ClientAuth=true}}
Steps to reproduce:
In {{conf/minifi.properties}}, set:
{noformat}
nifi.security.need.ClientAuth=false
{noformat}
At runtime, observe in {{minifi-app.log.txt}}:
{noformat}
[2017-05-08 11:21] [minifi log] [error] Certificate and Private Key PEM file
not configured, error: Undefined error: 0.
{noformat}
At a quick glance, it looks like this is a bug in the logic in
{{nifi-minifi-cpp/libminifi/src/io/tls/TLSSocket.cpp}}. In that file, back
tracing from the error string, it appears the conditional that gates loading
the Certificate and Private Key PEM file properties is incorrect when
{{nifi.security.need.ClientAuth=false}}.
Should be a simple fix, and it's not clear to me if there is even any
functionality impact, ie, its possible that trying and failing to authenticate
the client results in the same end state as not trying to authenticate the
client (aside from the confusing error message).
> MiNiFi nifi.security.need.ClientAuth property not working when set to false
> ---------------------------------------------------------------------------
>
> Key: MINIFI-303
> URL: https://issues.apache.org/jira/browse/MINIFI-303
> Project: Apache NiFi MiNiFi
> Issue Type: Bug
> Components: Agent Configuration/Installation, C++
> Reporter: Kevin Doran
> Assignee: Kevin Doran
> Priority: Minor
>
> The property {{nifi.security.need.ClientAuth=false}} has no effect (ie, the
> application will operate as if {{nifi.security.need.ClientAuth=true}}
> Steps to reproduce:
> In conf/minifi.properties, set:
> {noformat}
> nifi.security.need.ClientAuth=false
> {noformat}
> At runtime, observe in minifi-app.log.txt:
> {noformat}
> [2017-05-08 11:21] [minifi log] [error] Certificate and Private Key PEM file
> not configured, error: Undefined error: 0.
> {noformat}
> At a quick glance, it looks like this is a bug in the logic in
> nifi-minifi-cpp/libminifi/src/io/tls/TLSSocket.cpp. In that file, back
> tracing from the error string, it appears the conditional that gates loading
> the Certificate and Private Key PEM file properties is incorrect when
> nifi.security.need.ClientAuth=false.
> Should be a simple fix, and it's not clear to me if there is even any
> functionality impact, ie, its possible that trying and failing to
> authenticate the client results in the same end state as not trying to
> authenticate the client (aside from the confusing error message).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
