[ https://issues.apache.org/jira/browse/NIFI-11331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17705437#comment-17705437 ]
David Handermann commented on NIFI-11331: ----------------------------------------- Thanks for the clarification [~v1d3o], that is helpful, and makes sense given the other constraints. I agree that any potential implementation of NIFI-9894 should consider handling sensitive values as well, based on your description. > InvokeHTTP: Add a property for the HTTP Body that can be marked sensitive > ------------------------------------------------------------------------- > > Key: NIFI-11331 > URL: https://issues.apache.org/jira/browse/NIFI-11331 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework > Affects Versions: 1.20.0 > Reporter: Vince Lombardo > Priority: Major > > This request is for adding a property in the InvokeHTTP processor that can be > marked as sensitive. > The use case for this is that some APIs require username and password > credentials to be sent as part of the body. Since the only current way to > populate the body is through the flowfile, this means that there is no way to > have the values be treated as sensitive by NiFi. > I envision a new property, Body Content, with the default being that if no > value is set, then it uses the flowfile as the processor currently does. If > possible, then this property will be allowed to optionally be made sensitive. > Not sure if that is possible to make a built in property optionally > sensitive. Otherwise there may need to be two properties, one for body > content that is sensitive and a plain body content that can have EL in it. > Either can be set independently, but if they are both set, they are appended > together. Lastly a third property would be a dropdown that lets you indicate > whether those values are used instead of or append to the flowfile. So that > dropdown is only considered when there is data within either of the body > contents. > I am aware of the fact that there are other related requests that have been > closed in favor of issue NIFI-9894, but I created this issue separately > because I believe the whole sensitivity issue is a large need and I did not > see any of the other issues address that. So this issue could be > consolidated into NIFI-9894, with hopefully a final solution that can capture > the needs from this issue allong with the others. > Actually, the only reason I included having both a non-sensitive and > sensitive property is to help with those needs of the other issues. If for > some reason, NIFI-9894 cannot be done because of the stated problem of > potential memory consumption issues, my need is really only for having a > Sensitive Body Content attribute that, if populated, is used instead of the > flowfile. For once I am able to log in using that, the rest of my uses for > InvokeHTTP are met by the current implementation of the processor. -- This message was sent by Atlassian Jira (v8.20.10#820010)