[jira] [Commented] (NIFI-4701) Support encrypted properties in authorizers.xml

Sun, 31 Dec 2017 15:13:10 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-4701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16307322#comment-16307322
 ] 

ASF subversion and git services commented on NIFI-4701:
-------------------------------------------------------

Commit 482f371958a96b33791c3f6cc4c26efd47c43169 in nifi's branch 
refs/heads/master from [~kdoran]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=482f371 ]

NIFI-4701 Add authorizers.xml support to toolkit.
Adds authorizers.xml to the files understood by the encrypt-config
tool in the NiFi Toolkit. If enabled, then the sensitive properties
for LdapUserGroupProvider in authorizers.xml will be encrypted.
Also fixes a bug wherein encrypt-config replaces multiple XML nodes
in login-indentity-providers.xml when LdapProvider is not the first
provider listed in the file.
Enable properties in authorizers.xml to be encrypted by the master key.

This closes #2350.

Signed-off-by: Andy LoPresto <[email protected]>


> Support encrypted properties in authorizers.xml
> -----------------------------------------------
>
>                 Key: NIFI-4701
>                 URL: https://issues.apache.org/jira/browse/NIFI-4701
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Configuration
>            Reporter: Kevin Doran
>            Assignee: Kevin Doran
>             Fix For: 1.5.0
>
>
> Since the addition of LdapUserGroupProvider (see NIFI-4059) in v1.4.0, 
> authorizers.xml can now contain properties for LDAP Server credentials. 
> This ticket is to enable properties in authorizers.xml to be encrypted, so 
> that the LDAP Server Manager credentials can be protected similar to 
> LdapProvider which is configured via login-identity-providers.xml.
> The main changes are in nifi-authorizers are:
> * authorizers.xsd to add an encryption attribute to Property
> * to PropertyAuthorizerFactoryBean to check for that attribute and decrypt 
> the property value if necessary when creating the the configuration context
> Additionally, support for creating an encrypted authorizers.xml, protected by 
> the NiFi master key, should be added to the Encrypt Tool in NiFi Toolkit.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to