[
https://issues.apache.org/jira/browse/NIFI-5209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16507574#comment-16507574
]
ASF GitHub Bot commented on NIFI-5209:
--------------------------------------
Github user asfgit closed the pull request at:
https://github.com/apache/nifi/pull/2761
> Remove toolkit migration without password functionality
> -------------------------------------------------------
>
> Key: NIFI-5209
> URL: https://issues.apache.org/jira/browse/NIFI-5209
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Tools and Build
> Affects Versions: 1.7.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Blocker
> Labels: hash, key, passwords, revert, security, toolkit
> Fix For: 1.7.0
>
>
> In NIFI-4942, new functionality was added to allow Ambari clients to perform
> the encrypted configuration migration without providing the original password
> or key by using a secure hash of the original credential to demonstrate
> knowledge of that value. The Ambari team found another way on their end to
> perform this action, and rather than allow the {{./secure_hash.key}} behavior
> to be released and then removed at a later time, complicating our security
> posture and potentially creating difficult support cases, it is better to
> remove it completely before the 1.7.0 release.
> However, it is not as simple as just backing out a few commits, as necessary
> refactoring of the tool code also occurred at that time. I will remove this
> feature while maintaining the improvements made to the toolkit.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
