[
https://issues.apache.org/jira/browse/NIFI-2757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15503992#comment-15503992
]
ASF GitHub Bot commented on NIFI-2757:
--------------------------------------
Github user bbende commented on the issue:
https://github.com/apache/nifi/pull/1010
+1 looks good, verified this fixes the problem when using identity mapping
with RAW site-to-site, thanks!
> Site-to-Site Auth Breaks when using DN Identity Mapping Patterns
> ----------------------------------------------------------------
>
> Key: NIFI-2757
> URL: https://issues.apache.org/jira/browse/NIFI-2757
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.0.0
> Reporter: Peter Wicks
> Assignee: Koji Kawamura
> Fix For: 1.1.0
>
>
> If you setup a nifi.security.identity.mapping for DN's Site-to-Site won't be
> able to authenticate against the server with identity mappings unless you
> create two user accounts, one for the identity mapped one and another with
> the full DN from the certificate.
> Maybe look at StandardRootGroupPort.java,
> final CommunicationsSession commsSession = peer.getCommunicationsSession();
> final String sourceDn = commsSession.getUserDn();
> ......
> final PortAuthorizationResult authorizationResult =
> checkUserAuthorization(sourceDn);
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
