nifi/nifi-properties at a652280fbb45c94b6ba9be5e7f4f9cd8c708f5ca - nifi

History

exceptionfactory a652280fbb NIFI-8766 Implemented RS512 Algorithm for JWT Signing - Replaced per-user symmetric-key HS256 with shared and rotated RSA asymmetric-key RS512 implementation - Added nifi.security.user.jws.key.rotation.period property for RSA Key Pair rotation - Added JSON Web Tokens section to Administration Guide - Implemented persistent storage of RSA Public Keys for verification using Local State Manager - Implemented JWT revocation on logout with persistence using Local State Manager - Refactored JWT implementation using Spring Security OAuth2 and Nimbus JWT - Refactored Spring Security Provider configuration using Java instead of XML - Removed H2 storage of per-user keys - Upgraded nimbus-jose-jwt from 7.9 to 9.11.2 NIFI-8766 Corrected AuthenticationException handling in AccessResource.getAccessStatus - Added nifi.user.security.jws.key.rotation.period to default nifi.properties - Updated logging statements and clarified configuration and method documentation NIFI-8766 Changed Algorithm to PS512 and updated documentation Signed-off-by: Nathan Gough <thenatog@gmail.com> This closes #5262.	2021-08-19 12:26:12 -04:00
..
src	NIFI-8766 Implemented RS512 Algorithm for JWT Signing	2021-08-19 12:26:12 -04:00
pom.xml	NIFI-8767-RC2 prepare for next development iteration	2021-07-10 12:17:09 -07:00

exceptionfactory a652280fbb NIFI-8766 Implemented RS512 Algorithm for JWT Signing

- Replaced per-user symmetric-key HS256 with shared and rotated RSA asymmetric-key RS512 implementation
- Added nifi.security.user.jws.key.rotation.period property for RSA Key Pair rotation
- Added JSON Web Tokens section to Administration Guide
- Implemented persistent storage of RSA Public Keys for verification using Local State Manager
- Implemented JWT revocation on logout with persistence using Local State Manager
- Refactored JWT implementation using Spring Security OAuth2 and Nimbus JWT
- Refactored Spring Security Provider configuration using Java instead of XML
- Removed H2 storage of per-user keys
- Upgraded nimbus-jose-jwt from 7.9 to 9.11.2

NIFI-8766 Corrected AuthenticationException handling in AccessResource.getAccessStatus

- Added nifi.user.security.jws.key.rotation.period to default nifi.properties
- Updated logging statements and clarified configuration and method documentation

NIFI-8766 Changed Algorithm to PS512 and updated documentation

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #5262.

2021-08-19 12:26:12 -04:00

src

NIFI-8766 Implemented RS512 Algorithm for JWT Signing

2021-08-19 12:26:12 -04:00

pom.xml

NIFI-8767-RC2 prepare for next development iteration

2021-07-10 12:17:09 -07:00