[
https://issues.apache.org/jira/browse/NIFI-8931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17385623#comment-17385623
]
ASF subversion and git services commented on NIFI-8931:
-------------------------------------------------------
Commit 0ba9f0dc216387b6748f1a0cdf84a5804241029c in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=0ba9f0d ]
NIFI-8931 Removed OTP Authentication
- Removed download-token and ui-extension-token REST resources
- Removed getAccessToken functions from JavaScript components
Signed-off-by: Nathan Gough <[email protected]>
This closes #5235.
> Remove One-time Password Authentication
> ---------------------------------------
>
> Key: NIFI-8931
> URL: https://issues.apache.org/jira/browse/NIFI-8931
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Security
> Affects Versions: 1.15.0
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Labels: JWT, OTP, cookies, security
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The introduction of HTTP Cookies to pass JSON Web Tokens in NIFI-7870
> resolved issues retrieving static resources and also removed the need for
> One-time Password authentication.
> Eliminating OTP authentication and associated REST endpoints for generating
> tokens will simplify the overall NiFi web security configuration.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
