[
https://issues.apache.org/jira/browse/NIFI-9796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17506503#comment-17506503
]
ASF subversion and git services commented on NIFI-9796:
-------------------------------------------------------
Commit 36b3f184249c2184df7ae69a23c30144f5c2c2b2 in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=36b3f18 ]
NIFI-9796 This closes #5866. Updated Registry Security Configuration to avoid
warnings
- Replaced WebSecurity.ignoring().antMatchers() with
HttpSecurity.authorizeRequests().antMatchers()
Signed-off-by: Joe Witt <[email protected]>
> Update Registry Spring Security Configuration to Avoid Warnings
> ---------------------------------------------------------------
>
> Key: NIFI-9796
> URL: https://issues.apache.org/jira/browse/NIFI-9796
> Project: Apache NiFi
> Issue Type: Improvement
> Components: NiFi Registry
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Time Spent: 20m
> Remaining Estimate: 0h
>
> NiFi Registry relies on Spring Security to implement authentication and
> authorization. Recent versions of Spring Security added a warning message
> indicating a deprecated use of pattern-based path configuration. The NiFi
> Registry Spring Security configuration should be updated to avoid the
> following warning:
> {noformat}
> WARN [main] o.s.s.c.a.web.builders.WebSecurity You are asking Spring Security
> to ignore Ant [pattern='/access/token/identity-provider']. This is not
> recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests
> instead. {noformat}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
