From bc005e3398c2a73b8149d85fd3598dd4b5616b11 Mon Sep 17 00:00:00 2001
From: Koji Kawamura <ijokarumawak@apache.org>
Date: Wed, 14 Sep 2016 09:36:46 +0900
Subject: [PATCH] NIFI-2772: Unsecure RAW Site-to-Site fails with User DN is
 not known

This closes #1019.

Signed-off-by: Bryan Bende <bbende@apache.org>
---
 .../java/org/apache/nifi/remote/StandardRootGroupPort.java    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java
index a8bf127ae1..a496652389 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-site-to-site/src/main/java/org/apache/nifi/remote/StandardRootGroupPort.java
@@ -346,6 +346,10 @@ public class StandardRootGroupPort extends AbstractPort implements RootGroupPort
 
     @Override
     public PortAuthorizationResult checkUserAuthorization(final String dn) {
+        if (!secure) {
+            return new StandardPortAuthorizationResult(true, "Site-to-Site is not Secure");
+        }
+
         if (dn == null) {
             final String message = String.format("%s authorization failed for user %s because the DN is unknown", this, dn);
             logger.warn(message);