nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-4139) Refactor KeyProvider interface from provenance module to framework-level service
Date Fri, 04 Aug 2017 13:59:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16114401#comment-16114401
] 

ASF GitHub Bot commented on NIFI-4139:
--------------------------------------

Github user mcgilman commented on the issue:

    https://github.com/apache/nifi/pull/2044
  
    @alopresto These refactorings look good. The backward compatibility support for legacy
configurations is also solid. One minor thing I'd like to investigate further if we can remove
the dependency between the nifi-security-utils and the nifi-properties-loader. The nifi-security-utils
are referenced and pulled into many NARs and the additional dependency would introduce further
duplication of the nifi-properties-loader jar (and it's transitive dependencies not already
included). This dependency is only used to load the master key from the bootstrap.conf. While
it's not a showstopper, it would be nice if we didn't need this additional dependency and
instead allowed the client of the nifi-security-utils provide the master key when necessary.
    
    Thanks


> Refactor KeyProvider interface from provenance module to framework-level service
> --------------------------------------------------------------------------------
>
>                 Key: NIFI-4139
>                 URL: https://issues.apache.org/jira/browse/NIFI-4139
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 1.3.0
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>              Labels: encryption, key-management, security
>
> The {{KeyProvider}} interface introduced in NIFI-3388 to allow the encrypted provenance
repository should be refactored to a framework-level service which is accessible to the encrypted
content repository and encrypted flowfile repository as well. Exposing this common functionality
will reduce code & logic duplication and consolidate sensitive behavior in a single location.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message