I want to submit encrypted user's credentials between sites (there is no central authentication for different sites). After the user logs in to "site-1" (using LDAP for example), "user-1" can re-type username and password, so they will be encrypted, then sent through secure site-to-site to "site-2". I don't want the user to re-type username and password. Besides, "user-1" should be mapped to different account on "site-2" with different policies.
I thought if I can extract user's information from underlying authentication system, encrypt them, then send them through secure site-to-site will automate delegating user's credentials through different sites? Some friends suggested using decentralized authentication and authorization like Hydra (https://www.ory.am/products/hydra), but I'm still discovering it. Regards On Mon, Apr 3, 2017 at 6:27 PM, Andy LoPresto <[email protected]> wrote: > Mohammed, > > This is not possible because the flow status is independent of the logged > in user(s). A flow can be running or stopped with 0, 1, or n many users > logged in simultaneously. What are you trying to accomplish with this > information? Usually when someone is requesting the current user, they are > trying to assume an identity for filesystem access or Kerberos keytab > access to a remote service. > > > > Andy LoPresto > [email protected] > *[email protected] <[email protected]>* > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > > On Apr 3, 2017, at 3:14 PM, mohammed shambakey <[email protected]> > wrote: > > Hi > > Is it possible, inside a workflow, to get the current user' logged into > secure NIFI (the user logged into NIFI either by LDAP or certificate)? > > Regards > > -- > Mohammed > > > -- Mohammed
