[
https://issues.apache.org/jira/browse/NIFI-4382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16181308#comment-16181308
]
ASF GitHub Bot commented on NIFI-4382:
--------------------------------------
Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2177#discussion_r141149326
--- Diff:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/knox/KnoxAuthenticationRequestToken.java
---
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.nifi.web.security.knox;
+
+import org.apache.nifi.web.security.NiFiAuthenticationRequestToken;
+
+/**
+ * This is an authentication request with a given JWT token.
+ */
+public class KnoxAuthenticationRequestToken extends
NiFiAuthenticationRequestToken {
+
+ private final String token;
+
+ /**
+ * Creates a representation of the jwt authentication request for a
user.
+ *
+ * @param token The unique token for this user
+ * @param clientAddress the address of the client making the request
+ */
+ public KnoxAuthenticationRequestToken(final String token, final String
clientAddress) {
+ super(clientAddress);
+ setAuthenticated(false);
+ this.token = token;
+ }
+
+ @Override
+ public Object getCredentials() {
+ return null;
+ }
+
+ @Override
+ public Object getPrincipal() {
+ return token;
+ }
+
+ public String getToken() {
+ return token;
+ }
+
+ @Override
+ public String toString() {
--- End diff --
The `toString()` doesn't contain any unique identifying information, so
overriding this removes the hashcode that is usually present. Is this a
security concern, or does it simply make debugging more difficult?
> Add KnoxSSO support to NiFi
> ---------------------------
>
> Key: NIFI-4382
> URL: https://issues.apache.org/jira/browse/NIFI-4382
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Reporter: Jeff Storck
> Assignee: Jeff Storck
>
> Add support for KnoxSSO to NiFi.
> Reference documentation:
> http://knox.apache.org/books/knox-0-13-0/dev-guide.html#KnoxSSO+Integration
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
