[jira] [Commented] (NIFI-4942) NiFi Toolkit - Allow migration of master key without previous password

Thu, 19 Apr 2018 10:37:18 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-4942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16444439#comment-16444439
 ] 

Joseph Witt commented on NIFI-4942:
-----------------------------------

{quote}

[ERROR] Tests run: 130, Failures: 1, Errors: 0, Skipped: 2, Time elapsed: 
55.885 s <<< FAILURE! - in org.apache.nifi.properties.ConfigEncryptionToolTest 
[ERROR] 
testShouldReturnDefaultHashParamsIfNonePresent(org.apache.nifi.properties.ConfigEncryptionToolTest)
 Time elapsed: 0.186 s <<< FAILURE! 
org.codehaus.groovy.runtime.powerassert.PowerAssertionError: assert 
returnedJson.salt =~ /[\w\/]\{22}/ | | | | | 
java.util.regex.Matcher[pattern=[\w/]\{22} region=0,22 lastmatch=] | 
XkyxOhih+xS/T5pxfOT3jw [N:65536, r:8, p:1, salt:XkyxOhih+xS/T5pxfOT3jw] [INFO] 
[INFO] Results: [INFO] [ERROR] Failures: [ERROR] 
ConfigEncryptionToolTest.testShouldReturnDefaultHashParamsIfNonePresent assert 
returnedJson.salt =~ /[\w\/]\{22}/ | | | | | 
java.util.regex.Matcher[pattern=[\w/]\{22} region=0,22 lastmatch=] | 
XkyxOhih+xS/T5pxfOT3jw [N:65536, r:8, p:1, salt:XkyxOhih+xS/T5pxfOT3jw] [INFO] 
[ERROR] Tests run: 148, Failures: 1, Errors: 0, Skipped: 2 [INFO]

{quote}

> NiFi Toolkit - Allow migration of master key without previous password
> ----------------------------------------------------------------------
>
>                 Key: NIFI-4942
>                 URL: https://issues.apache.org/jira/browse/NIFI-4942
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Tools and Build
>    Affects Versions: 1.5.0
>            Reporter: Yolanda M. Davis
>            Assignee: Andy LoPresto
>            Priority: Major
>             Fix For: 1.7.0
>
>
> Currently the encryption cli in nifi toolkit requires that, in order to 
> migrate from one master key to the next, the previous master key or password 
> should be provided. In cases where the provisioning tool doesn't have the 
> previous value available this becomes challenging to provide and may be prone 
> to error. In speaking with [~alopresto] we can allow toolkit to support a 
> mode of execution such that the master key can be updated without requiring 
> the previous password. Also documentation around it's usage should be updated 
> to be clear in describing the purpose and the type of environment where this 
> command should be used (admin only access etc).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to