[ https://issues.apache.org/jira/browse/NIFI-2022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15373677#comment-15373677 ]
ASF subversion and git services commented on NIFI-2022: ------------------------------------------------------- Commit e0c96794fae85776b8b0fbb3cb236217eb591960 in nifi's branch refs/heads/master from [~mcgilman] [ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=e0c9679 ] NIFI-2095: - Adding a page for managing users and groups. - Adding a page for managing access policies. - Renaming accessPolicy in entity to permissions to avoid confusion with the accessPolicy model. - Adding an Authorizable for access policies. - Refactoring access policies endpoints. NIFI-2022: - Implementing site to site authorizations. > Update Site-to-Site Authorization Code > -------------------------------------- > > Key: NIFI-2022 > URL: https://issues.apache.org/jira/browse/NIFI-2022 > Project: Apache NiFi > Issue Type: Task > Components: Core Framework > Affects Versions: 1.0.0 > Reporter: Mark Payne > Assignee: Matt Gilman > Priority: Blocker > Fix For: 1.0.0 > > > Currently, we authorize users in the StandardRootGroupPort. However, we > should extract the user authorization out from there and raise it up to the > higher levels. I.e., at the SiteToSiteResource and SocketRemoteSiteListener > levels. The reason for this is two-fold: > 1. We should authorize as soon as possible in order to avoid doing work for a > user that is not authorized. > 2. This brings the SiteToSiteResource inline with how we perform > authorization in all other Resource classes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)