[jira] [Commented] (NIFIREG-61) Add support for encrypted properties in configuration files

Thu, 07 Dec 2017 10:28:24 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFIREG-61?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16282265#comment-16282265
 ] 

ASF GitHub Bot commented on NIFIREG-61:
---------------------------------------

GitHub user kevdoran opened a pull request:

    https://github.com/apache/nifi-registry/pull/51

    NIFIREG-61 Add support for encrypted config files

    Allows sensitive property values to be encrypted in the following 
configuration files: 
    
    - nifi-registry.properties
    - identity-providers.xml
    - authorizers.xml 
    
    A decryption key can be configured in bootstrap.conf that allows decrypting 
protected properties at runtime.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/kevdoran/nifi-registry NIFIREG-61

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi-registry/pull/51.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #51
    
----
commit 8c0cd912c19889e32f8962d20c450c109a8901f1
Author: Kevin Doran <[email protected]>
Date:   2017-12-05T19:44:24Z

    NIFIREG-61 Add support for encrypted config files
    
    Allows sensitive property values to be encrypted in the following
    configuration files:
    
    - nifi-registry.properties
    - identity-providers.xml
    - authorizers.xml
    
    A decryption key can be configured in bootstrap.conf that allows
    decrypting protected properties at runtime.

----


> Add support for encrypted properties in configuration files
> -----------------------------------------------------------
>
>                 Key: NIFIREG-61
>                 URL: https://issues.apache.org/jira/browse/NIFIREG-61
>             Project: NiFi Registry
>          Issue Type: New Feature
>            Reporter: Kevin Doran
>            Assignee: Kevin Doran
>
> The NiFi Registry server is configured by files on disk, e.g., 
> nifi-registry.properties, bootstrap.conf, and XML files for loading 
> extensions. Sometimes these files contain properties with sensitive values, 
> such as credentials.
> We want to be able to support encrypting property values in NiFi Registry 
> configuration files on disk that get decrypted in memory at runtime. As an 
> initial step, the decryption key will be specified in the bootstrap.conf 
> file. In the future, it might be input to the bootstrap processes via other 
> means.
> For the design of this feature, the NiFi implementation of this capability 
> should be used as a guide.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to