Matt Gilman created NIFI-4925:

             Summary: Ranger Authorizer - Memory Leak
                 Key: NIFI-4925
             Project: Apache NiFi
          Issue Type: Bug
          Components: Extensions
            Reporter: Matt Gilman
            Assignee: Matt Gilman

Authorization requests/results are now explicitly audited. This change was due 
to the fact that the Ranger was auditing a lot of false positives previously. 
This is partly because the NiFi uses authorization to check which features the 
user may have permissions to. This check is used to enable/disable various 
parts of the UI. The remainder of the false positives came from the authorizer 
not knowing the entire context of the request. For instance, when a Processor 
has no policy we check its parent and so on.

The memory leak is due to the authorizer holding onto authorization results 
that are never destined for auditing. 

This message was sent by Atlassian JIRA

Reply via email to