Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-8692

sensitive attributes

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.13.2
    • Fix Version/s: None
    • Component/s: Extensions
    • Labels:
      None

      Description

      I'd like to have sensitive attributes on the flow files.

      I need to store attributes

      z_Password

      z_JWT_Token

      http.headers.Authorization (from HandleHttpRquest)

       

      and general users shouldn't see these attribute values - instead the values should be masked with asterisk '*'.

      Only users with superadmin policy or policy.view.sensitive.attribute.<attribute name> policy should be alllowed to view the sensitive attributes. 
      policy.view.sensitive.attribute.in.processgroup.<processgroup>

      sensitive attributes could be configured per process group and then inherited to sub process groups.

       

      Maybe the other way around - all attributes are sensitive by default.
      Users can only view attributes they have policy for.

      polic.yview.sensitive.attribute.<regex_attribute name>
      policy.view.ALL.sensitive.attributes

      more thinking about this is needed.

      good ideas are welcome.

       

      a sensitive attribute should be displayed in the ui with asterisks and a user that has authorization to view it should have a button next to the attibute that changes the display to clear text when clicked.

       

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              tomten1970 Jul Tomten
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: