Github user alopresto commented on a diff in the pull request: https://github.com/apache/nifi/pull/2350#discussion_r159102020 --- Diff: nifi-toolkit/nifi-toolkit-encrypt-config/src/main/groovy/org/apache/nifi/properties/ConfigEncryptionTool.groovy --- @@ -772,6 +899,48 @@ class ConfigEncryptionTool { } } + String encryptAuthorizers(String plainXml, String newKeyHex = keyHex) { + AESSensitivePropertyProvider sensitivePropertyProvider = new AESSensitivePropertyProvider(newKeyHex) + + // TODO: Switch to XmlParser & XmlNodePrinter to maintain "empty" element structure + try { + def doc = new XmlSlurper().parseText(plainXml) + // Find the provider element by class even if it has been renamed + def passwords = doc.userGroupProvider.find { it.'class' as String == LDAP_USER_GROUP_PROVIDER_CLASS } + .property.findAll { + // Only operate on un-encrypted passwords + it.@name =~ "Password" && (it.@encryption == "none" || it.@encryption == "") && it.text() + } + + if (passwords.isEmpty()) { + if (isVerbose) { + logger.info("No unencrypted password property elements found in login-identity-providers.xml") --- End diff -- The message should be updated to `authorizers.xml`.
---