Github user markap14 commented on a diff in the pull request: https://github.com/apache/nifi/pull/3109#discussion_r228206921 --- Diff: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/queue/clustered/server/StandardLoadBalanceProtocol.java --- @@ -130,17 +130,14 @@ public void receiveFlowFiles(final Socket socket) throws IOException { final Set<String> certIdentities; try { certIdentities = getCertificateIdentities(sslSession); - - final String dn = CertificateUtils.extractPeerDNFromSSLSocket(socket); - peerDescription = CertificateUtils.extractUsername(dn); } catch (final CertificateException e) { throw new IOException("Failed to extract Client Certificate", e); } logger.debug("Connection received from peer {}. Will perform authorization against Client Identities '{}'", peerDescription, certIdentities); - authorizer.authorize(certIdentities); + peerDescription = authorizer.authorize(certIdentities); --- End diff -- Wow, good catch, thanks! I wondered "How did I miss that?" but it turns out that the system I tested it on was different than the system that I first noticed the problem on. On the system I used to test, they ended up being the same value :) Will push a new commit. At this point, we don't even need 'nodeName', just peerDescription.
---