Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NIFI-10114 Remove Single Refresh from ShellUserGroupProvider #6122

wants to merge 1 commit into from


Copy link


NIFI-10114 Removes refresh methods for a single user or group from the ShellUserGroupProvider in NiFi and NiFi Registry.

The single user refresh is not necessary since the information is available from the initial enumeration of known users. The single group refresh does not perform as expected because the UserGroupProvider.getGroup() method receives a UUID identifier specific to NiFi. The group UUID is not sufficient to perform a single group lookup using available commands.


Please complete the following tracking steps prior to pull request creation.

Issue Tracking

Pull Request Tracking

  • Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
  • Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

  • Pull Request based on current revision of the main branch
  • Pull Request refers to a feature branch with one commit containing changes


Please indicate the verification steps performed prior to pull request creation.


  • Build completed using mvn clean install -P contrib-check
    • JDK 8
    • JDK 11
    • JDK 17


  • New dependencies are compatible with the Apache License 2.0 according to the License Policy
  • New dependencies are documented in applicable LICENSE and NOTICE files


  • Documentation formatting appears as expected in rendered files

@kevdoran kevdoran self-requested a review June 13, 2022 19:43
Copy link

@kevdoran kevdoran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Always nice to remove unneeded code! Thanks for this contribution @exceptionfactory. +1 based on the PR diff, but will wait for the CI builds to complete before merging.

Copy link

Reviewed and tested this also, looks good to me.


@asfgit asfgit closed this in f91d877 Jun 13, 2022
asfgit pushed a commit that referenced this pull request Jun 13, 2022

Signed-off-by: Joe Witt <>
Copy link

Just curious to know, what penetration testing tools are used for identifying security vulnerabilities in Apache NiFi ?

Copy link

joewitt commented Jul 21, 2022

@praneethkumarpidugu It is better to send this via an email to as this PR is closed/completed.

To answer your question the Apache NiFi community itself offers no guarantees of any specific penetration testing or static security scanning tools in general. For such guarantees you likely should seek out vendor assistance and options exist. This community for Apache NiFi has some dependency scans built into the build process, does receive the benefit of reports from users and vendors, and responds promptly. A good place to start to understand our security posture generally is

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet
5 participants