[ https://issues.apache.org/jira/browse/RANGER-2584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16946996#comment-16946996 ]
Madhan Neethiraj commented on RANGER-2584: ------------------------------------------ [~bbende] - the update looks good. However, note that the fix will not impact Ranger instances that already have nifi service-def; this will work for new Ranger instances and Ranger instances that didn't have nifi service-def. > Disable deny and exceptions in policies for NiFi > ------------------------------------------------ > > Key: RANGER-2584 > URL: https://issues.apache.org/jira/browse/RANGER-2584 > Project: Ranger > Issue Type: Improvement > Components: plugins > Reporter: Matt Gilman > Assignee: Bryan Bende > Priority: Minor > Fix For: 2.1.0 > > Attachments: > 0001-RANGER-2584-Disable-deny-and-exception-in-policies-f.patch > > > NiFi's policies are effectively whitelisting allowed users and groups. NiFi > puts forth a best effort to map Ranger policy model into NiFi policy model. > We should attempt to align these by disabling deny and exceptions in policies. -- This message was sent by Atlassian Jira (v8.3.4#803005)