[jira] [Commented] (NIFI-5542) Add support for node groups to FileAccessPolicyProvider

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/NIFI-5542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16597473#comment-16597473
 ] 

ASF GitHub Bot commented on NIFI-5542:
--------------------------------------

Github user pepov commented on the issue:

    https://github.com/apache/nifi/pull/2970
  
    Some unit tests are failing according to the travis build that are relevant:
    ```
    [ERROR] 
testOnConfiguredWhenInitialAdminAndLegacyUsersProvided(org.apache.nifi.authorization.FileAccessPolicyProviderTest)
  Time elapsed: 0.114 s  <<< ERROR!
    java.lang.Exception: Unexpected exception, 
expected<org.apache.nifi.authorization.exception.AuthorizerCreationException> 
but was<java.lang.NullPointerException>
        at 
org.apache.nifi.authorization.FileAccessPolicyProviderTest.testOnConfiguredWhenInitialAdminAndLegacyUsersProvided(FileAccessPolicyProviderTest.java:523)
    
    [ERROR] 
testOnConfiguredWhenBadLegacyUsersFileProvided(org.apache.nifi.authorization.FileAccessPolicyProviderTest)
  Time elapsed: 0.036 s  <<< ERROR!
    java.lang.Exception: Unexpected exception, 
expected<org.apache.nifi.authorization.exception.AuthorizerCreationException> 
but was<java.lang.NullPointerException>
        at 
org.apache.nifi.authorization.FileAccessPolicyProviderTest.testOnConfiguredWhenBadLegacyUsersFileProvided(FileAccessPolicyProviderTest.java:509)
    ```
    https://api.travis-ci.org/v3/job/422545351/log.txt


> Add support for node groups to FileAccessPolicyProvider
> -------------------------------------------------------
>
>                 Key: NIFI-5542
>                 URL: https://issues.apache.org/jira/browse/NIFI-5542
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Andrew Christianson
>            Priority: Major
>
> Currently in FileAccessPolicyProvider, it is possible to specify a set of 
> node identities, which are given access to /proxy. This works well for static 
> clusters, but does not work so well for dynamic clusters (scaling up/down # 
> of nodes) because we don't know in advance what the node identities will be 
> or how many there will be.
> In order to support dynamic sets of node identities, add support for 
> specifying a "Node Group," for which all identities in the group will be 
> granted access to /proxy. A UserGroupProvider can then be implemented to 
> gather node identities dynamically from the cluster environment.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)