Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.0
    • Component/s: Extensions
    • Labels:
      None

      Description

      Authorization requests/results are now explicitly audited. This change was due to the fact that the Ranger was auditing a lot of false positives previously. This is partly because the NiFi uses authorization to check which features the user may have permissions to. This check is used to enable/disable various parts of the UI. The remainder of the false positives came from the authorizer not knowing the entire context of the request. For instance, when a Processor has no policy we check its parent and so on.

      The memory leak is due to the authorizer holding onto authorization results that are never destined for auditing. 

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mcgilman Matt Gilman
                Reporter:
                mcgilman Matt Gilman
              • Votes:
                2 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: