[
https://issues.apache.org/jira/browse/NIFI-5536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16585142#comment-16585142
]
Joseph Witt commented on NIFI-5536:
-----------------------------------
password isnt included because there is no clear security model. The variable
registry mechanism doesnt support sensitive (aka encrypted in all forms of
storage and never exposed in plaintext again other than internal usage).
Passing the property in via env variables of course also doesnt protect it to
other sys users.
however, with versioned flows sensitive values are better handled. on first
setup/import of a versioned flow you can set the value and it will be retained
for that env going forward even as flow updates occur.
the ideal and longer term solution will be to make the var reg capability
support sensitive values though.
> Add EL support for password on AMQP processors
> ----------------------------------------------
>
> Key: NIFI-5536
> URL: https://issues.apache.org/jira/browse/NIFI-5536
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Reporter: Corey Fritz
> Priority: Major
>
> NIFI-5489 added EL support to the host, port, virtual host, and user
> properties of AMQP processors. Not sure why password was not included. We
> have a use case where sensitive values (passwords) are set as environment
> variables on our Docker containers and then those variables are referenced by
> name using EL expressions in our processors and controller services. Flow
> authors then have no need or means to know what those sensitive values are.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
