Matt Gilman created NIFI-4925:
Summary: Ranger Authorizer - Memory Leak
Project: Apache NiFi
Issue Type: Bug
Reporter: Matt Gilman
Assignee: Matt Gilman
Authorization requests/results are now explicitly audited. This change was due
to the fact that the Ranger was auditing a lot of false positives previously.
This is partly because the NiFi uses authorization to check which features the
user may have permissions to. This check is used to enable/disable various
parts of the UI. The remainder of the false positives came from the authorizer
not knowing the entire context of the request. For instance, when a Processor
has no policy we check its parent and so on.
The memory leak is due to the authorizer holding onto authorization results
that are never destined for auditing.
This message was sent by Atlassian JIRA