Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-10233 Corrected Anonymous Authentication for HTTP Access 

- Enabled Standard Anonymous Authentication Filter when unencrypted HTTP is enabled

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #6209.
This commit is contained in:
exceptionfactory 2022-07-14 16:17:28 -05:00 committed by Nathan Gough
parent d0db4c44bb
commit 047b3611bf
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
View File

@ -696,6 +696,15 @@ public class NiFiProperties extends ApplicationProperties {
return sslPort; return sslPort;
} }
/**
* Is HTTP without TLS enabled based on configuring nifi.web.http.port property
*
* @return HTTP enabled status
*/
public boolean isHttpEnabled() {
return getPort() != null;
}
public boolean isHTTPSConfigured() { public boolean isHTTPSConfigured() {
return getSslPort() != null; return getSslPort() != null;
} }

2
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/NiFiWebApiSecurityConfiguration.java
View File

@ -128,7 +128,7 @@ public class NiFiWebApiSecurityConfiguration {
http.addFilterBefore(knoxAuthenticationFilter, AnonymousAuthenticationFilter.class); http.addFilterBefore(knoxAuthenticationFilter, AnonymousAuthenticationFilter.class);
} }
if (properties.isAnonymousAuthenticationAllowed()) { if (properties.isAnonymousAuthenticationAllowed() || properties.isHttpEnabled()) {
http.addFilterAfter(anonymousAuthenticationFilter, AnonymousAuthenticationFilter.class); http.addFilterAfter(anonymousAuthenticationFilter, AnonymousAuthenticationFilter.class);
} }