Curtis Ruck created NIFI-5508:
Summary: Support disabling wantClientAuth when running behind a
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 1.7.1, 1.7.0
Environment: Reverse Proxy & trying to use other credential provider
when the reverse proxy provides a client certificate itself.
Reporter: Curtis Ruck
As discussed on mailing list.
JettyServer always calls either setNeedClientAuth(true) or
When used with a reverse proxy that has a client certificate, it is impossible
currently to use other credential providers as the X509 authentication takes
Adding the ability to disable wantClientAuth via a NiFi property would enable
the ability to leverage existing SSO solutions behind a reverse proxy.
This message was sent by Atlassian JIRA