[
https://issues.apache.org/jira/browse/NIFI-9988?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17531905#comment-17531905
]
ASF subversion and git services commented on NIFI-9988:
-------------------------------------------------------
Commit 272325cb4ed00682d4d1471ccda8e670f3ef504e in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=272325cb4e ]
NIFI-9988 Corrected Property Decryption for Authorizers and Providers
- Updated Protection Scheme Resolver to support both Name matching and Path
matching
Signed-off-by: Nathan Gough <[email protected]>
This closes #6017.
> Property Decryption Fails for Authorizers and Login Identity Providers
> ----------------------------------------------------------------------
>
> Key: NIFI-9988
> URL: https://issues.apache.org/jira/browse/NIFI-9988
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.16.1
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Recent changes to restructure Sensitive Property Provider class-loading
> involved changes to the Authorizers and Login Identity Providers
> configuration classes. Part of the adjustment involved refactoring the
> resolution of {{encryption}} attribute values to internal {{Protection
> Scheme}} supported values.
> As a result of this change, calls to
> {{ProtectionSchemeResolver.getProtectionScheme()}} fail with a
> {{SensitivePropertyProtectionException}} indicating that the requested
> scheme, such as {{aes/gcm/256}} is not supported.
> The {{StandardProtectionSchemeResolver}} should be adjusted to match the
> requested scheme string against both the Protection Scheme Name, as well as
> the Protection Scheme Path. The {{StandardSensitivePropertyProviderFactory}}
> already follows a similar strategy. This approach will allow decryption to
> work as expected.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
