Re: why cant nifi perform user authentication overhttp?

Mon, 24 Jul 2017 20:03:49 -0700 

Hello Kevin,

   Your answers helps me a lot.  Now i am trying to modify nifi`s sourcecode to 
enable http authentication, because the platform where i am using nifi is not 
that sensitive about security, and we use ldap as login-identity-providers 
whitch password is already encrypted by an unique key. 
    But i find it difficult to modify it`s sourceCode. there so many places 
that limit login and authentication from http, and i have to edit all of it, 
which will certainly take a lot of time to find them.  
    Do you have any idea on how to modify nifi`s code more efficiently, or if 
there are  some other way to get what i want.
   
    As you can see my English is poor, thanks for you patience. 

Thanks for your reply.
Best Regards
YuNing


On 2017-07-21 19:07 (+0800), Kevin Doran <[email protected]> wrote: 
> Hi,
> 
> You are correct, NiFi requires an encrypted connection for user 
> authentication. This is because client identity is established in one of two 
> ways:
> 
> - user name & password, which should not be sent over a non-encrypted 
> connection
> - client certificate in a two-way TLS (HTTPS) connection
> 
> I hope this answers your question. If HTTPS is suitable for your needs, here 
> are some resources to help you get started:
> 
> - NiFi System Administration Guide, specifically sections on User 
> Authentication [1] and Multi-Tenant Authorization [2]
> - Bryan Bende's blog post on NiFi Authorization and Multi-Tenancy [3]
> 
> I hope this helps! If you have any questions you can post back to this thread.
> 
> Regards,
> Kevin
> 
> [1] 
> https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication
>  
> [2] 
> https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#multi-tenant-authorization
>  
> [3] 
> http://bryanbende.com/development/2016/08/17/apache-nifi-1-0-0-authorization-and-multi-tenancy
>  
> 
> 
> On 7/21/17, 02:02, "[email protected]" <[email protected]> wrote:
> 
>     
>         Hello, I am a developer from china, i recently want to apply 
> multi-tenant authorization on nifi, but find that nifi doesn't support 
> authorization over http. can you tell me the reason, and can i enable 
> authentication over http by modify it's source code.
>         
>     Thanks for your early reply.
>     Best Regards
>         
>     
>     
> 
> 
>

Reply via email to