[
https://issues.apache.org/jira/browse/NIFI-8220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17342777#comment-17342777
]
David Handermann commented on NIFI-8220:
----------------------------------------
Sub-task NIFI-8516 brings together work from the other sub-tasks and addresses
points 1, 2, and 3 from the description.
The Single User Authorizer implemented in sub-task NIFI-8363 allows the the
authenticated user to perform all actions and does not restrict access to any
components.
Regarding point 4, [~joewitt], did you have a particular approach in mind? One
option could be updating the Single User Authorizer to disallow access to
restricted processors. Updating the configuration to use the standard
file-based and managed authorizer would be one way require explicit changes to
enable restricted components. Or do you think point 4 is necessary as part of
implementing this epic?
> Establish a secure by default configuration for NiFi
> ----------------------------------------------------
>
> Key: NIFI-8220
> URL: https://issues.apache.org/jira/browse/NIFI-8220
> Project: Apache NiFi
> Issue Type: Epic
> Components: Tools and Build
> Reporter: Joe Witt
> Assignee: Joe Witt
> Priority: Blocker
> Fix For: 1.14.0
>
>
> Inspired by this tweet
> https://twitter.com/_escctrl_/status/1359280656174510081?s=21 and the
> resulting discussion here
> https://lists.apache.org/thread.html/rc590f21807192a0dce18293c2d5b47392a6fd8a1ef26d77fbd6ee695%40%3Cdev.nifi.apache.org%3E
> It is time to change our config model. It was also setup to be easy to use.
> We've seen these silly setups on the Internet before but has gotten
> ridiculous. We need to take action.
> Will create a set of one or more JIRAs to roughly do the following.
> 1. Disable HTTP by default. If a user wants to enable to it for whatever
> reason then also make them enable a new property which says something to the
> effect of 'allow completely non secure access to the entire nifi instance -
> not recommended'
> 2. Enable HTTPS with one way authentication by default which would be the
> client authenticating the server whereby the server has a server cert. We
> could either make that cert a self-signed (and thus not trusted by client's
> by default) cert or give a way for the user to run through command line
> process to make a legit cert.
> 3. If not already configured with an authorization provider supply and out of
> the box provider which supports only a single auto generated at first startup
> user/password enabling access to the NiFi system.
> 4. Disable all restricted processors by default. Require the user to
> explicitly enable them.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
