[ https://issues.apache.org/jira/browse/NIFI-2654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15665938#comment-15665938 ]
ASF subversion and git services commented on NIFI-2654: ------------------------------------------------------- Commit 59fea1cb4ed440ad0e68d96a412792c3e4551309 in nifi's branch refs/heads/master from [~alopresto] [ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=59fea1c ] NIFI-2654 Enabled encryption coverage for login-identity-providers.xml. Squashed commits: [5dd22a9] NIFI-2654 Updated administration guide with login-identity-providers.xml flags. Exposed master key retrieval code in NiFiPropertiesLoader. Added logic to decrypt login identity providers XML configuration. Updated login-identity-providers.xsd to include encryption scheme attribute. Added unit tests. (+18 squashed commits) Squashed commits: [57c815f] NIFI-2654 Resolved issue where empty LIP property elements could not be encrypted. Added unit test and resource. [27d7309] NIFI-2654 Wired in serialization logic to write logic for LIP. Added comprehensive unit test for LIP & NFP in same test. [b450eb2] NIFI-2654 Finalized logic for preserving comments in LIP parsing. [5aa6c9c] NIFI-2654 Added logic for maintaining XML formatting (comments and whitespace) for LIP. Added unit tests (w/o encryption works; w/ does not). [b53461f] NIFI-2654 Added unit test for full tool invocation migrating a login-identity-providers.xml file and updating file and bootstrap.conf with key. [2d9686c] NIFI-2654 Updated tool description and various logging statements. Added unit test for full tool invocation encrypting a login-identity-providers.xml file and updating file and bootstrap.conf with key. [8c67cb2] NIFI-2654 Added logic to encrypt LIP XML content. Added unit tests. [8682d19] NIFI-2654 Added logic to handle "empty" (commented) LIP files. Added unit tests. [077230e] NIFI-2654 Fixed logic to decrypt multiline and multiple-per-line XML elements. Added unit tests and resources. [d5bb8da] NIFI-2654 Ignored unit test for unreadable conf directory because directory was causing Maven build issues. Removed test resources. [7e50506] NIFI-2654 Fixed AESSensitivePropertyProvider bug handling cipher text with whitespace. Added unit test. [b69a661] NIFI-2654 Fixed AESSensitivePropertyProviderFactoryTest to reflect absence of key causes errors. [6f821b9] NIFI-2654 Added standard password to arbitrary encryption test for use in test resources. [d289ffa] NIFI-2654 Added LIP XML decryption. Added unit tests. [a482245] NIFI-2654 Added LIP test resources. [7204df4] NIFI-2654 Changed logic to only perform properties encryption when file path is provided. [729e1df] NIFI-2654 Removed population of default file locations for bootstrap.conf, nifi.properties, and login-identity-providers.xml as not all files may be desired. Added/updated unit tests. [7dba5ef] NIFI-2654 Started LIP work (arguments & parsing). Added unit tests. Signed-off-by: Yolanda M. Davis <ymda...@apache.org> This closes #1216 > Encrypted configs should handle login identity provider configs > --------------------------------------------------------------- > > Key: NIFI-2654 > URL: https://issues.apache.org/jira/browse/NIFI-2654 > Project: Apache NiFi > Issue Type: Improvement > Components: Configuration, Tools and Build > Affects Versions: 1.0.0 > Reporter: Andy LoPresto > Assignee: Andy LoPresto > Labels: config, encryption, ldap, security > Fix For: 1.1.0 > > > The encrypted configuration tool and internal logic to load unprotected > values should handle sensitive values contained in the login identity > providers (like LDAP Manager Password). -- This message was sent by Atlassian JIRA (v6.3.4#6332)