[jira] [Commented] (NIFIREG-52) Kerberos Identity Provider

Fri, 17 Nov 2017 10:23:12 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFIREG-52?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16257351#comment-16257351
 ] 

ASF GitHub Bot commented on NIFIREG-52:
---------------------------------------

GitHub user kevdoran opened a pull request:

    https://github.com/apache/nifi-registry/pull/41

    NIFIREG-52 Add Kerberos Support

    **This builds upon #37 and should not be merged until that PR is closed.**
    
    Changes include: 
    
    - KerberosIdentityProvider: an IdentityProvider extension for 
username/password login
    - KerberosSpnegoIdentityProvider: authenticates Kerberos tickets over 
SPNEGO exchange with client and mutual Kerberos server
    - Adds NiFiRegistryProperties fields for configuring 
KerberosSpnegoIdentityProvider
    - Adds a dedicated endpoint for clients to use to generate a JWT using a 
Kerberos Ticket (backed by KerberosSpnegoIP)
    - Adds NotAllowedExceptionMapper that returns 405 for NotAllowedExceptions 
thrown in the Jersey framework
    - Other misc cleanup

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/kevdoran/nifi-registry NIFIREG-52

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi-registry/pull/41.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #41
    
----
commit 05ef1821455331279bc5761c45834a5474c72e63
Author: Kevin Doran <[email protected]>
Date:   2017-10-30T18:39:56Z

    NIFIREG-45 Refactor LoginIdentityProvider interface as a more generic and 
flexible IdentityProvider interface

commit 673d06a703d19256a8f23ef020a64522d433ef2f
Author: Kevin Doran <[email protected]>
Date:   2017-11-16T15:30:42Z

    NIFIREG-52 Add Kerberos Support
    
    - KerberosIdentityProvider: an IdentityProvider extension for 
username/password login
    - KerberosSpnegoIdentityProvider: authenticates Kerberos tickets over 
SPNEGO exchange with client and mutual Kerberos server
    - Adds NiFiRegistryProperties fields for configuring 
KerberosSpnegoIdentityProvider
    - Adds a dedicated endpoint for clients to use to generate a JWT using a 
Kerberos Ticket (backed by KerberosSpnegoIP)
    - Adds NotAllowedExceptionMapper that returns 405 for NotAllowedExceptions 
thrown in the Jersey framework
    - Other misc cleanup

----


> Kerberos Identity Provider
> --------------------------
>
>                 Key: NIFIREG-52
>                 URL: https://issues.apache.org/jira/browse/NIFIREG-52
>             Project: NiFi Registry
>          Issue Type: New Feature
>            Reporter: Kevin Doran
>            Assignee: Kevin Doran
>
> Implement a new NiFi Registry IdentityProvider implementation backed by 
> Kerberos that will allow a JWT to be generated given a valid Kerberos ticket. 
> Will be similar to the NiFi implementation of KerberosProvider



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to