Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-5493

Reverse Proxy & OIDC

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.7.0, 1.7.1
    • None
    • Security
    • None
    • Reverse Proxy w/ SSL Client Auth between Nifi and Reverse Proxy

    Description

      In my environment we have a reverse proxy that (httpd) that does SSL Client Auth to authenticate the TLS session between reverse proxy and application servers.

      When trying to configure OIDC authentication, the reverse proxy's SSL Client Auth certificate is "authenticated" prior to triggering the OIDC redirect for authentication.

      Ideally, I believe there should be a mechanism to disable NiFi Client Auth, or enabling a priority between authentication mechanisms.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. NIFI-5508 Support disabling wantClientAuth when running behind a reverse proxy.

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              ruckc Curtis W Ruck
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: