[NIFI-1550] Authorizer API - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0
Component/s: Core Framework
Labels:
None

Description

This is a parent ticket for tracking all work done for the Authorizer feature proposal phase 1 [1].

At a high level, all authorization decisions are delegated to a provider and given the identity of the entity, the resource being accessed, the action, and the context of the request.

Additionally, the Authorizer will be able to support an audit query that presents back the recently active users including their last request, last rejected attempts, and last mutable requests. A given implementation of an Authorizer may or may not offer to support user request audits.

Sub tickets will be created for tracking specific units of work. Once all sub tickets are completed, this ticket will be finished.

[1] https://cwiki.apache.org/confluence/display/NIFI/Support+Authorizer+API

Attachments

Issue Links

is related to

NIFI-2420 Add a section for Multi-tenant Authorization to the Admin Guide

Resolved

Sub-Tasks

1.	Prepare codebase for introduction of Authorizer	Resolved	Matt Gilman
2.	Define new Authorizer API	Resolved	Matt Gilman
3.	Implement File Based Authorizer	Resolved	Matt Gilman
4.	Incorporate new Authorizer API	Resolved	Matt Gilman
5.	Introduce Component level revision checking	Resolved	Matt Gilman
6.	Update UI to reflect component level authorization	Resolved	Matt Gilman
7.	Address incorrect element name in default authorizers file	Resolved	Matt Gilman
8.	Fix URI's that are getting merged at NCM	Resolved	Unassigned
9.	Auto adjust flow layout	Resolved	Jeff Storck
10.	Scope Controller Services by Process Group	Resolved	Matt Gilman
11.	Scope Templates by Process Group	Resolved	Matt Gilman
12.	Convert authorized-users.xml to authorizations.xml	Resolved	Bryan Bende
13.	Backward compatibility for Site-to-Site client	Resolved	Koji Kawamura
14.	Remote Process Group Port revision and authorization	Resolved	Matt Gilman
15.	Clustering - Merge all responses based on authorization	Resolved	Jeff Storck
16.	Add User & Group API	Resolved	Bryan Bende
17.	Restore access control unit tests	Resolved	Matt Gilman
18.	Make File Based Authorizer implement new User, Group, Policy API	Resolved	Bryan Bende
19.	UI - Remove registration process	Resolved	Matt Gilman
20.	Templates created should include template encoding version	Resolved	Jeff Storck
21.	Convert 0.x site-to-site access policies when possible	Resolved	Bryan Bende
22.	Create REST endpoints for user/group/policy management	Resolved	Jeff Storck
23.	User Identity Normalization	Resolved	Bryan Bende
24.	Allow Controller Services to be scoped at the Controller Level	Resolved	Mark Payne
25.	Require revision for component creation	Resolved	Matt Gilman
26.	Ensure nodes in a cluster use consistent authorizations	Resolved	Bryan Bende
27.	Introduce UI for managing Users & User Groups	Resolved	Matt Gilman
28.	Users, Groups, Policies API handling of unsecure request	Resolved	Matt Gilman
29.	Make AccessPolicy have a single action	Resolved	Bryan Bende
30.	Remove User side of user-group relationship	Resolved	Bryan Bende
31.	Remove policy when component is deleted	Resolved	Matt Gilman

Activity

People

Assignee:: Matt Gilman

Reporter:: Matt Gilman

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 22/Feb/16 20:40

Updated:: 12/Aug/16 21:45

Resolved:: 12/Aug/16 21:45