[
https://issues.apache.org/jira/browse/NIFIREG-71?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16289797#comment-16289797
]
ASF GitHub Bot commented on NIFIREG-71:
---------------------------------------
GitHub user bbende opened a pull request:
https://github.com/apache/nifi-registry/pull/56
NIFIREG-71 Making JettyServer set wantClientAuth to true when needCli…
…entAuth is false
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/bbende/nifi-registry NIFIREG-71
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi-registry/pull/56.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #56
----
commit b2bf4862609ac942b5f7b5504da67f346e6320fd
Author: Bryan Bende <[email protected]>
Date: 2017-12-13T20:02:30Z
NIFIREG-71 Making JettyServer set wantClientAuth to true when
needClientAuth is false
----
> Unable to use client cert when needClientAuth is false
> ------------------------------------------------------
>
> Key: NIFIREG-71
> URL: https://issues.apache.org/jira/browse/NIFIREG-71
> Project: NiFi Registry
> Issue Type: Bug
> Reporter: Bryan Bende
> Assignee: Bryan Bende
> Fix For: 0.0.1
>
>
> When configuring the registry for LDAP or Kerberos you need to set
> needClientAuth to false, but you should still be able to optionally use a
> client cert.
> Currently it appears that JettyServer is setting needClientAuth to true or
> false based on the value in nifi-registry.properties, but it should be
> setting wantClientAuth to true when needClientAuth is false so that certs are
> still optional.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
