[ 
https://issues.apache.org/jira/browse/NIFI-2757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15503995#comment-15503995
 ] 

ASF subversion and git services commented on NIFI-2757:
-------------------------------------------------------

Commit feaa4c9db82f6d29777d82df45beb43879be87cf in nifi's branch 
refs/heads/master from [~ijokarumawak]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=feaa4c9 ]

NIFI-2757: Site-to-Site with DN mapping

Added DN identity mapping pattern support to Site-to-Site client
authorization.

This closes #1010.

Signed-off-by: Bryan Bende <bbe...@apache.org>


> Site-to-Site Auth Breaks when using DN Identity Mapping Patterns
> ----------------------------------------------------------------
>
>                 Key: NIFI-2757
>                 URL: https://issues.apache.org/jira/browse/NIFI-2757
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>    Affects Versions: 1.0.0
>            Reporter: Peter Wicks
>            Assignee: Koji Kawamura
>             Fix For: 1.1.0
>
>
> If you setup a nifi.security.identity.mapping for DN's Site-to-Site won't be 
> able to authenticate against the server with identity mappings unless you 
> create two user accounts, one for the identity mapped one and another with 
> the full DN from the certificate.
> Maybe look at StandardRootGroupPort.java, 
> final CommunicationsSession commsSession = peer.getCommunicationsSession();
>         final String sourceDn = commsSession.getUserDn();
> ......
> final PortAuthorizationResult authorizationResult = 
> checkUserAuthorization(sourceDn);



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to