...
Current security mechanisms are Spring based and heavily bound to exclusively a PKI powered system. There has been wide community request for supporting of additional mechanisms as they look to provide integration of NiFi into existing enterprise facilities. Work to this end would allow the assignment of roles within NiFi instances.
Assumptions
Requirements
# | Title | User Story | Importance | Notes |
---|---|---|---|---|
1 | Provide a framework for implementing multiple authentication providers | There are wide and varying authentication mechanisms in place across various enterprises. Accordingly, it is important to provide a consistent interface for integration within various environments as well as providing a basis for custom implementations. |
| |
2 | LDAP Provider | |||
3 | Kerberos Provider | |||
4 | OAuth2/OpenID Connect |
User interaction and design
...
Below is a list of questions to be addressed as a result of this requirements document:
Question | Outcome |
---|---|
What best addresses the problem in terms of our needs and technology? Dispelling differences between SASL and JAAS and their applicability. | |
What is a core set of providers that cover most needs? | |
How does this affect user model in terms of groups and access? How does it affect our compliance with SCIM? | |
How does this affect the authority provider? |