[ https://issues.apache.org/jira/browse/NIFI-10233?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nathan Gough updated NIFI-10233: -------------------------------- Fix Version/s: 1.17.0 Resolution: Fixed Status: Resolved (was: Patch Available) > Correct Anonymous Authentication for HTTP Access > ------------------------------------------------ > > Key: NIFI-10233 > URL: https://issues.apache.org/jira/browse/NIFI-10233 > Project: Apache NiFi > Issue Type: Bug > Reporter: David Handermann > Assignee: David Handermann > Priority: Major > Fix For: 1.17.0 > > Time Spent: 1h > Remaining Estimate: 0h > > Refactoring the NiFi Spring Security configuration added a check to determine > whether application properties allowed anonymous authentication. The > {{nifi.security.allow.anoymous.authentication}} property is {{false}} in the > default configuration, but the changing the property should not be necessary > when configuring HTTP without TLS. > The Spring Security configuration should be adjusted to restore current > behavior, which enables anonymous authentication when configuring unencrypted > HTTP. -- This message was sent by Atlassian Jira (v8.20.10#820010)