David Handermann created NIFI-15287:
---------------------------------------
Summary: Deprecate Kerberos Login Identity Provider for Removal
Key: NIFI-15287
URL: https://issues.apache.org/jira/browse/NIFI-15287
Project: Apache NiFi
Issue Type: Improvement
Components: Security
Reporter: David Handermann
Assignee: David Handermann
The {{KerberosProvider}} in the {{nifi-kerberos-iaa-providers}} module
implements the framework Login Identity Provider interface, supporting
form-based username and password authentication. The Provider depends on the
[Spring Security Kerberos|https://spring.io/projects/spring-security-kerberos]
library, which has received minimal maintenance over the years. NiFi 2.0.0-M4
removed direct framework integration for Kerberos SPNEGO authentication, in
favor of standard alternatives such as OpenID Connect or SAML 2 for Single
Sign-On.
The {{KerberosProvider}} implementation should be deprecated for future removal
to reduce the scope of framework-level extensions with minimal use or
maintenance. The Login Identity Provider remains as a framework-level
extension, providing the opportunity for future external maintenance and
integration if needed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
