[nifi] branch main updated: NIFI-10233 Corrected Anonymous Authentication for HTTP Access

Thu, 14 Jul 2022 20:51:08 -0700 

This is an automated email from the ASF dual-hosted git repository.

thenatog pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 047b3611bf NIFI-10233 Corrected Anonymous Authentication for HTTP 
Access
047b3611bf is described below

commit 047b3611bf411fb0398591df73f1798020c4efab
Author: exceptionfactory <[email protected]>
AuthorDate: Thu Jul 14 16:17:28 2022 -0500

    NIFI-10233 Corrected Anonymous Authentication for HTTP Access
    
    - Enabled Standard Anonymous Authentication Filter when unencrypted HTTP is 
enabled
    
    Signed-off-by: Nathan Gough <[email protected]>
    
    This closes #6209.
---
 .../src/main/java/org/apache/nifi/util/NiFiProperties.java       | 9 +++++++++
 .../org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java     | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git 
a/nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
 
b/nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
index e620475c79..ec6385fe6c 100644
--- 
a/nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
+++ 
b/nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
@@ -696,6 +696,15 @@ public class NiFiProperties extends ApplicationProperties {
         return sslPort;
     }
 
+    /**
+     * Is HTTP without TLS enabled based on configuring nifi.web.http.port 
property
+     *
+     * @return HTTP enabled status
+     */
+    public boolean isHttpEnabled() {
+        return getPort() != null;
+    }
+
     public boolean isHTTPSConfigured() {
         return getSslPort() != null;
     }
diff --git 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java
 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java
index 53f7be935c..a1b366c091 100644
--- 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java
+++ 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java
@@ -128,7 +128,7 @@ public class NiFiWebApiSecurityConfiguration {
             http.addFilterBefore(knoxAuthenticationFilter, 
AnonymousAuthenticationFilter.class);
         }
 
-        if (properties.isAnonymousAuthenticationAllowed()) {
+        if (properties.isAnonymousAuthenticationAllowed() || 
properties.isHttpEnabled()) {
             http.addFilterAfter(anonymousAuthenticationFilter, 
AnonymousAuthenticationFilter.class);
         }

Reply via email to