[
https://issues.apache.org/jira/browse/NIFI-2757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15503995#comment-15503995
]
ASF subversion and git services commented on NIFI-2757:
-------------------------------------------------------
Commit feaa4c9db82f6d29777d82df45beb43879be87cf in nifi's branch
refs/heads/master from [~ijokarumawak]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=feaa4c9 ]
NIFI-2757: Site-to-Site with DN mapping
Added DN identity mapping pattern support to Site-to-Site client
authorization.
This closes #1010.
Signed-off-by: Bryan Bende <[email protected]>
> Site-to-Site Auth Breaks when using DN Identity Mapping Patterns
> ----------------------------------------------------------------
>
> Key: NIFI-2757
> URL: https://issues.apache.org/jira/browse/NIFI-2757
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.0.0
> Reporter: Peter Wicks
> Assignee: Koji Kawamura
> Fix For: 1.1.0
>
>
> If you setup a nifi.security.identity.mapping for DN's Site-to-Site won't be
> able to authenticate against the server with identity mappings unless you
> create two user accounts, one for the identity mapped one and another with
> the full DN from the certificate.
> Maybe look at StandardRootGroupPort.java,
> final CommunicationsSession commsSession = peer.getCommunicationsSession();
> final String sourceDn = commsSession.getUserDn();
> ......
> final PortAuthorizationResult authorizationResult =
> checkUserAuthorization(sourceDn);
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
