nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Umakanth (Jira)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-7037) Split off username and password fields for GetMongo processor
Date Thu, 02 Apr 2020 11:25:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-7037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17073637#comment-17073637
] 

Umakanth commented on NIFI-7037:
--------------------------------

Hey NiFi team, is there any update on this request ?

Even we have a use case where the Mongo is set up for user and password based authentication.
And we cannot pass password in mongoURL in plain text as this is a security concern.

Even if you can allow the sensitive parameter context to be used in non sensitive fields it
will get the job done.

Kindly request you to take up this jira.

In case if there is secure workaround please update me.

> Split off username and password fields for GetMongo processor
> -------------------------------------------------------------
>
>                 Key: NIFI-7037
>                 URL: https://issues.apache.org/jira/browse/NIFI-7037
>             Project: Apache NiFi
>          Issue Type: Improvement
>    Affects Versions: 1.10.0
>            Reporter: Patrick Carlson
>            Assignee: karthik kadajji
>            Priority: Minor
>
> Since the [GetMongo|https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-mongodb-nar/1.5.0/org.apache.nifi.processors.mongodb.GetMongo/]
processor {{Mongo URI}} field is not sensitive, it can only reference a non-sensitive parameter
but it still just shows the password in plaintext in the UI.  The GetMongo processor should
be refactored to have a specific property for the password and it should be marked as sensitive
so that it can leverage sensitive parameters.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message