exceptionfactory commented on a change in pull request #4508: URL: https://github.com/apache/nifi/pull/4508#discussion_r542475418
########## File path: nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/client/RestSchemaRegistryClient.java ########## @@ -68,14 +69,21 @@ private static final String SCHEMA_REGISTRY_CONTENT_TYPE = "application/vnd.schemaregistry.v1+json"; - public RestSchemaRegistryClient(final List<String> baseUrls, final int timeoutMillis, final SSLContext sslContext, final ComponentLog logger) { + public RestSchemaRegistryClient(final List<String> baseUrls, final String authType, final String authUser, + final String authPass, final int timeoutMillis, final SSLContext sslContext, final ComponentLog logger) { this.baseUrls = new ArrayList<>(baseUrls); final ClientConfig clientConfig = new ClientConfig(); clientConfig.property(ClientProperties.CONNECT_TIMEOUT, timeoutMillis); clientConfig.property(ClientProperties.READ_TIMEOUT, timeoutMillis); client = WebUtils.createClient(clientConfig, sslContext); + if (!authUser.isEmpty() && !authType.isEmpty()) { + if (authType.equals("BASIC")) { Review comment: The [Confluent Server documentation](https://docs.confluent.io/platform/current/kafka-rest/production-deployment/confluent-server/security.html) mentions HTTP Basic and mutual TLS, as well as additional methods for SASL-based authentication between components. Maintaining the parameter makes sense given that background. Rather than relying on a particular string value, however, adding an AuthenticationType enum with the values of BASIC and NONE would help make the implementation clearer. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org