Nifi controller passwords stored at rest

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Nifi controller passwords stored at rest

jeff whybark
Hello, I am looking to find information on how passwords are stored at rest in Nifi 1.3 to satisfy security requirements for my organization.  This is mainly related to the passwords in the controller settings.  Are they encrypted by default?  Are they stored in the flow.xml.gz file?  Thanks for your help.  Jeff
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Nifi controller passwords stored at rest

Bryan Bende
Hi Jeff,

If a property of a component is marked as "sensitive" then the value
is encrypted in the flow.xml.gz.

An example being the password property of DBCPConnectionPool [1] which
says "Sensitive Property: true" in the documentation.

Keep in mind, if you develop custom components then it is up to you to
mark the appropriate properties as sensitive.

Let us know if that is not what you are asking about.

Thanks,

Bryan

[1] https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-dbcp-service-nar/1.3.0/org.apache.nifi.dbcp.DBCPConnectionPool/index.html

On Fri, Aug 11, 2017 at 11:04 AM, jeff whybark <[hidden email]> wrote:
> Hello, I am looking to find information on how passwords are stored at rest
> in Nifi 1.3 to satisfy security requirements for my organization.  This is
> mainly related to the passwords in the controller settings.  Are they
> encrypted by default?  Are they stored in the flow.xml.gz file?  Thanks for
> your help.  Jeff
Loading...