alopresto commented on a change in pull request #4224:
URL: https://github.com/apache/nifi/pull/4224#discussion_r416272053
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -113,6 +115,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Basic Authentication Username")
+ .displayName("Basic Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
+ .name("Basic Authentication Password")
+ .displayName("Basic Authentication Password")
+ .description("The password to be used by the client to authenticate
against the Remote URL.")
+ .required(false)
+ .sensitive(true)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_AUTH_TYPE = new
PropertyDescriptor.Builder()
+ .name("Authentication Type")
+ .displayName("Authentication Type")
+ .description("'Basic Authentication Username' and 'Basic
Authentication Password' are used if Digest Authentication is used"
+ + "for authentication.")
Review comment:
While people familiar with [RFC
2617](https://tools.ietf.org/html/rfc2617) will understand that _basic
authentication_ and _digest authentication_ both use a username and password as
input to an authentication process with the server, the standalone message
`'Basic Authentication Username' and 'Basic Authentication Password' are used
if Digest Authentication is used for authentication.` can reasonably be
expected to confuse a normal user. I would recommend changing the username and
password property descriptors to remove the "basic" terminology and change the
description for this PD to read `Both basic authentication and digest
authentication will use the 'Authentication Username' and 'Authentication
Password' property values. See Confluent Schema Registry documentation for more
details.` The link to said documentation is
[https://docs.confluent.io/current/schema-registry/security/index.html#configuring-the-rest-api-for-basic-http-authentication](https://docs.confluent.io/current/schema-registry/security/index.html#configuring-the-rest-api-for-basic-http-authentication)
but does not need to be in the property descriptor description, but can be in
the processor documentation. I actually don't see any details on that page
about configuring digest authentication at all -- do you have a reference for
Confluent Schema Registry supporting this authentication mechanism?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
