Re: [PR] NIFI-15221 - Major upgrade to Spring 7 [nifi]

Fri, 21 Nov 2025 08:27:14 -0800 


kevdoran commented on code in PR #10554:
URL: https://github.com/apache/nifi/pull/10554#discussion_r2550317751


##########
nifi-registry/nifi-registry-core/nifi-registry-web-api/src/main/java/org/apache/nifi/registry/web/security/authentication/IdentityFilter.java:
##########
@@ -76,13 +80,24 @@ public void doFilter(ServletRequest servletRequest, 
ServletResponse servletRespo
         try {
             AuthenticationRequest authenticationRequest = 
identityProvider.extractCredentials((HttpServletRequest) servletRequest);
             if (authenticationRequest != null) {
-                Authentication authentication = new 
AuthenticationRequestToken(authenticationRequest, identityProvider.getClass(), 
servletRequest.getRemoteAddr());
+                Authentication authentication = new AuthenticationRequestToken(
+                        authenticationRequest,
+                        identityProvider.getClass(),
+                        servletRequest.getRemoteAddr());
                 logger.debug("Adding credentials claim to SecurityContext to 
be authenticated. Credentials extracted by {}: {}",
                         identityProvider.getClass().getSimpleName(),
                         authenticationRequest);
-                
SecurityContextHolder.getContext().setAuthentication(authentication);
-                // This filter's job, which is merely to search for and 
extract an identity claim, is done.
-                // The actual authentication of the identity claim will be 
handled by a corresponding IdentityAuthenticationProvider
+                if (authenticationManager != null) {
+                    try {
+                        Authentication authenticated = 
authenticationManager.authenticate(authentication);
+                        
SecurityContextHolder.getContext().setAuthentication(authenticated);
+                    } catch (AuthenticationException ex) {
+                        logger.debug("Authentication failed in IdentityFilter 
for provider {}: {}", identityProvider.getClass().getSimpleName(), 
ex.getMessage());
+                        throw ex;
+                    }
+                } else {
+                    
SecurityContextHolder.getContext().setAuthentication(authentication);
+                }

Review Comment:
   Thanks @pvillard31 and @exceptionfactory. I'll take a look at the Registry 
changes required to support this dependency upgrade.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to