NIFI-2772: Unsecure RAW Site-to-Site fails with User DN is not known

This closes #1019. Signed-off-by: Bryan Bende <bbende@apache.org>
2016-09-14 09:36:46 +09:00 · 2016-09-14 09:36:46 +09:00 · bc005e3398
parent 36846e0fe7
commit bc005e3398
1 changed files with 4 additions and 0 deletions
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java
@ -346,6 +346,10 @@ public class StandardRootGroupPort extends AbstractPort implements RootGroupPort

    @Override
    public PortAuthorizationResult checkUserAuthorization(final String dn) {
+        if (!secure) {
+            return new StandardPortAuthorizationResult(true, "Site-to-Site is not Secure");
+        }
+
        if (dn == null) {
            final String message = String.format("%s authorization failed for user %s because the DN is unknown", this, dn);
            logger.warn(message);