[
https://issues.apache.org/jira/browse/NIFI-7657?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17162759#comment-17162759
]
ASF subversion and git services commented on NIFI-7657:
-------------------------------------------------------
Commit 78d88b46ef36da1b587882a2e1ff296babbc3095 in nifi's branch
refs/heads/main from Andy LoPresto
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=78d88b4 ]
NIFI-7657 Introduced AccessTokenUnnecessaryException for authentication calls
to HTTP NiFi server.
Added exception mapper.
NIFI-7657 Renamed exception & exception mapper to reflect scope of
authentication not supported.
Registered exception mapper.
Signed-off-by: Pierre Villard <[email protected]>
This closes #4418.
> Lower log severity of expected exception for authentication on unsecured
> instance
> ---------------------------------------------------------------------------------
>
> Key: NIFI-7657
> URL: https://issues.apache.org/jira/browse/NIFI-7657
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.11.4
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Major
> Labels: error, log, security
> Time Spent: 40m
> Remaining Estimate: 0h
>
> All unsecured instances report an INFO log at startup and on additional
> requests due to the Kerberos authentication mechanism being unavailable. This
> log severity should be lowered and the message suppressed by default as it is
> an expected scenario but causes concern for many users.
> {code}
> 2020-07-17 11:37:38,023 INFO [NiFi Web Server-18]
> o.a.n.w.m.IllegalStateExceptionMapper java.lang.IllegalStateException: Access
> tokens are only issued over HTTPS. Returning Conflict response.
> {code}
> A follow-on Jira should address removing the unnecessary request entirely.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
