nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jérôme O'Keeffe (Jira) <j...@apache.org>
Subject [jira] [Created] (NIFI-7107) Connection to couchbase using LDAP users
Date Wed, 05 Feb 2020 09:37:00 GMT
Jérôme O'Keeffe created NIFI-7107:
-------------------------------------

             Summary: Connection to couchbase using LDAP users
                 Key: NIFI-7107
                 URL: https://issues.apache.org/jira/browse/NIFI-7107
             Project: Apache NiFi
          Issue Type: Bug
          Components: Configuration Management
    Affects Versions: 1.9.0
         Environment: Linux, CentOS7
            Reporter: Jérôme O'Keeffe


Hello,

So we are currently using Nifi to send documents to Couchbase. As we had switched over LDAP
users we encounter an issue. It's not possible to contact using the current connectEnvironment
builder. 

Looking through the development of the Java SDK of couchbase, the feature Add force SASL PLAIN
for LDAP compliance (JVMCBC-473) was added in version 2.5.3 to disable SCRAM-SHA authentication
(with which the password is hashed) and use PLAIN authentication instead (Nifi currently is
using 2.5.8). This is required because LDAP can't take the password if it has already been
hashed, as it needs to be compared to the password stored on the LDAP server. The default
setting for this is false, so PLAIN authentication is not used by default.


So, in the case where LDAP users are required, we should find a way to add forcePlain() to
the ConnectEnvironment builder. We should maybe add a boolean inside the PutCouchbaseKey or
GetCouchbaseKey to add this forcePlain depending on the type of connection (LDAP or local).

Regards,

Jérôme



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message