Andy LoPresto created NIFI-5209:

             Summary: Remove toolkit migration without password functionality
                 Key: NIFI-5209
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Tools and Build
    Affects Versions: 1.7.0
            Reporter: Andy LoPresto
            Assignee: Andy LoPresto

In NIFI-4942, new functionality was added to allow Ambari clients to perform 
the encrypted configuration migration without providing the original password 
or key by using a secure hash of the original credential to demonstrate 
knowledge of that value. The Ambari team found another way on their end to 
perform this action, and rather than allow the {{./secure_hash.key}} behavior 
to be released and then removed at a later time, complicating our security 
posture and potentially creating difficult support cases, it is better to 
remove it completely before the 1.7.0 release. 

However, it is not as simple as just backing out a few commits, as necessary 
refactoring of the tool code also occurred at that time. I will remove this 
feature while maintaining the improvements made to the toolkit. 

This message was sent by Atlassian JIRA

Reply via email to