[
https://issues.apache.org/jira/browse/RANGER-2584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16946996#comment-16946996
]
Madhan Neethiraj commented on RANGER-2584:
------------------------------------------
[~bbende] - the update looks good. However, note that the fix will not impact
Ranger instances that already have nifi service-def; this will work for new
Ranger instances and Ranger instances that didn't have nifi service-def.
> Disable deny and exceptions in policies for NiFi
> ------------------------------------------------
>
> Key: RANGER-2584
> URL: https://issues.apache.org/jira/browse/RANGER-2584
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Reporter: Matt Gilman
> Assignee: Bryan Bende
> Priority: Minor
> Fix For: 2.1.0
>
> Attachments:
> 0001-RANGER-2584-Disable-deny-and-exception-in-policies-f.patch
>
>
> NiFi's policies are effectively whitelisting allowed users and groups. NiFi
> puts forth a best effort to map Ranger policy model into NiFi policy model.
> We should attempt to align these by disabling deny and exceptions in policies.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
