This repository was archived by the owner on Jul 22, 2021. It is now read-only.
NIFIREG-46 Add authorizedActions field to Bucket#30
Closed
kevdoran wants to merge 2 commits intoapache:masterfrom
Closed
NIFIREG-46 Add authorizedActions field to Bucket#30kevdoran wants to merge 2 commits intoapache:masterfrom
kevdoran wants to merge 2 commits intoapache:masterfrom
Conversation
Contributor
Author
|
As PR #29 is wrapping up, I will wait until that is merged and then rebase this branch on the new master. |
- Adds LdapIdentityProvider for authentication - Adds /access/token endpoint for generating JWT for users that can authenticate with a configured IdenitiyProvider - Adds JwtAuthenticationProvider for authentication - Adds KeyService for key generation and tracking for signing JWTs - Adds LdapUserGroupProvider for authorization - Adds LDAP integration tests - Refactors nifi-registry-security-api-impl into nifi-registry-framework - Refactors all security related packages, such as o.a.n.r.authorization and o.a.n.r.authentication, under org.apache.nifi.registry.security - Fixing issues found in code review - Make LoginIdentityProviderFactory a DisposableBean This closes apache#29. Signed-off-by: Bryan Bende <bbende@apache.org>
Contributor
|
+1 Verified the authorizedActions are returning correctly, will merge, thanks! |
Contributor
Author
|
Cool, thanks @bbende! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This builds upon PR #29 (NIFIREG-33), so only the commits on top of that need to considered.
The API now returns an additional field for a Bucket, telling the client what actions they are authorized to perform on that bucket. For example:
With this change,
/bucketsis now a convenient initial endpoint to use to both check authentication of the client identity and discover buckets and authorizations available to the client.