[
https://issues.apache.org/jira/browse/NIFI-2730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15465594#comment-15465594
]
Bryan Bende commented on NIFI-2730:
-----------------------------------
If NiFi is configured with one-way SSL, and has no other identity provider
configured, should we even be performing authorization?
At that point we have no way of authenticating users, and TLS/SSL is just being
used to encrypt the communication and verify the identity of NiFI.
> File Authorizer - Support configurable anonymous access
> -------------------------------------------------------
>
> Key: NIFI-2730
> URL: https://issues.apache.org/jira/browse/NIFI-2730
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Extensions
> Reporter: Matt Gilman
> Fix For: 1.1.0
>
>
> In 1.0.0 a delegated authorization model is used to make access decisions.
> Whether or not an anonymous user is allowed would be a function of the
> authorizer.
> Additionally, may need a framework property to indicate if we want to
> authenticate anonymous users.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
