nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bryan Bende <bbe...@gmail.com>
Subject Re: Google Authentication?
Date Fri, 17 Mar 2017 18:47:55 GMT
Frank,

The short answer is that in the current setup it is not possible to
get access to the http request from inside the LoginIdentityProvider.

The longer complicated answer...

The LoginIdentityProvider is part of the nifi-api module which is in a
JAR in the lib directory. The http related classes come from the
embedded Jetty server that NiFi runs which is packaged as a NAR
(nifi-jetty-nar), so the API currently can't see the classes in the
Jetty NAR.

In the future we might be able to move the Jetty libs to be directly
in the lib directory, since all NARs have the Jetty NAR as a parent
anyway, it wouldn't really be changing anything other than allowing
our API to see the Jetty libs.

We may also want to consider having a different extension point in the
API for delegated authenticators, since the current
LoginIdentityProvider was really geared towards a username/password
authenticator.

Thanks,

Bryan


On Thu, Mar 16, 2017 at 2:41 PM, Frank Maritato
<frank.maritato@lootcrate.com> wrote:
> Thanks Bryan. Upon further investigation, it looks like I need access to the
> http request in order to make this work. The LoginIdentityProvider doesn't
> seem to pass that object through or make it available through other means.
>
> Any thoughts?
>
>
> On Thu, Mar 16, 2017 at 7:38 AM, Bryan Bende <bbende@gmail.com> wrote:
>>
>> Hi Frank,
>>
>> I'm not aware of any JIRAs to add additional identity providers at the
>> moment, but that sounds like a cool idea.
>>
>> Feel free to make a new JIRA if you want to take a stab at it.
>>
>> Thanks,
>>
>> Bryan
>>
>> On Thu, Mar 16, 2017 at 10:21 AM, Frank Maritato
>> <frank.maritato@lootcrate.com> wrote:
>> > Are there any plans to add google authentication as a
>> > LoginIdentityProvider
>> > to Nifi?
>> >
>> > I can probably take a stab at it if no one else is working on it.
>> >
>> > --
>> > Frank Maritato
>> > Data Architect
>
>
>
>
> --
> Frank Maritato
> Data Architect

Mime
View raw message