[GitHub] [nifi-registry] thenatog commented on pull request #296: NIFIREG-313 - Add OpenId Connect support for authenticating users
thenatog commented on pull request #296: URL: https://github.com/apache/nifi-registry/pull/296#issuecomment-691313090 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [nifi-registry] thenatog commented on pull request #296: NIFIREG-313 - Add OpenId Connect support for authenticating users
thenatog commented on pull request #296: URL: https://github.com/apache/nifi-registry/pull/296#issuecomment-691313090 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [nifi-registry] thenatog commented on pull request #296: NIFIREG-313 - Add OpenId Connect support for authenticating users
thenatog commented on pull request #296: URL: https://github.com/apache/nifi-registry/pull/296#issuecomment-691313090 Added the OIDC properties and updated the NOTICE file. I'm noticing issues with the checks failing - I'm not seeing this happening locally. It also appears to be happening on Kevin's PR so perhaps these failures are unrelated to my PR. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [nifi-registry] thenatog commented on pull request #296: NIFIREG-313 - Add OpenId Connect support for authenticating users
thenatog commented on pull request #296: URL: https://github.com/apache/nifi-registry/pull/296#issuecomment-673631378 This change matches, as close as possible, the OIDC authentication code in NiFi. When opening the NiFi Registry UI with OIDC configured, there should be a Login button in the top right corner. Once clicked, NiFi Registry should redirect you to the configured OIDC provider login page, you can enter your credentials, and the provider should redirect back to NiFi Registry and show your logged in user in the top right. Hitting log out will log out your user from NiFi Registry and remove the user's JWT. I have tested: - Using X509 without any other authentication mechanism enabled. - Using OIDC authentication provider (Google Suite). Logging in/logging out is working. - Using LDAP through the NiFi Registry basic credentials dialog. I think the reviewer should test using Kerberos to ensure everything is still fine there - I do not have a good set up to test that. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
