ExceptionFactory

Producing content that a reasonable developer might want to read

Tags • Security

Integrating Apache NiFi with Okta LDAP Groups

NiFi Security Okta LDAP

2023-01-26 • 8 minute read

Lightweight Directory Access Protocol supports a number of integration strategies in Apache NiFi, including authentication and authorization. LDAP can be used in conjunction with single sign-on solutions to provide user enumeration and group membership for NiFi access policies. In addition to serving as an Identity Provider using OIDC or SAML, Okta provides an LDAP interface for centralized management and retrieval of users and groups.

Read more

Integrating Apache NiFi with Okta OIDC Authentication

NiFi Security Okta OIDC

2022-12-21 • 8 minute read

Apache NiFi has supported single sign-on authentication using OpenID Connect since version 1.4.0. Building on the OAuth 2.0 specification, OIDC supports delegated authentication using standard credential processing flows. The Okta identity platform provides configurable OIDC authentication, enabling centralized identity management and access policy enforcement. Okta delivers a well-documented implementation of OpenID Connect, supporting a robust authentication strategy for NiFi deployments.

Read more

Integrating Apache NiFi with Okta SAML Authentication

NiFi Security Okta SAML

2022-11-30 • 9 minute read

Apache NiFi 1.13.0 introduced support for single sign-on authentication through a SAML identity provider. NiFi 1.17.0 included a refactored implementation based on Spring Security 5 while maintaining compatible points of integration. The Okta identity platform enables configurable SAML 2.0 authentication, supporting federated access as well as group management and single logout processing. Configuring Apache NiFi with Okta SAML provides a strong access management solution.

Read more

Implementing Apache NiFi Support for Sensitive Dynamic Properties

NiFi Security Encryption

2022-08-02 • 7 minute read

Apache NiFi 1.17.0 introduced framework support for sensitive dynamic properties, allowing operators to protect custom properties in selected components. Sensitive dynamic properties enable component developers to support flexible configuration while maintaining system security.

Read more

Analyzing and Mitigating XML External Entity Vulnerabilities in Apache NiFi

NiFi Security Vulnerabilities

2022-05-31 • 12 minute read

Apache NiFi 1.16.1 resolved XML external entity vulnerabilities in multiple components, described in CVE-2022-29265. Reviewing current and previous XML vulnerabilities enables an accurate characterization of the impact on particular deployments. A summary of the resolution provides useful details for any project that performs XML processing.

Read more

Evaluating Log4Shell and Apache NiFi

NiFi Security Log4j Log4Shell

2021-12-14 • 12 minute read

The Apache Log4j 2 arbitrary code execution vulnerability known as Log4Shell has impacted numerous products and services. Although Apache NiFi does not use Log4j 2 directly, several extension components include library references that should be considered.

Read more

Configuring Apache NiFi Repository Encryption

NiFi Security Storage Encryption

2021-11-10 • 8 minute read

Configurable information storage is a core feature of Apache NiFi. Multiple releases have expanded support for encrypting information in application repositories. Recent updates in NiFi 1.15.0 have streamlined both the implementation and the configuration associated with repository encryption.

Read more

Improving JWT Authentication in Apache NiFi

NiFi JWT Security

2021-10-23 • 14 minute read

JSON Web Tokens provide authorized access to Apache NiFi for a number of authentication strategies. Recent changes to JWT handling have improved the security posture of several important elements including key generation, secret storage, signature verification, and token revocation.

Read more

Deciphering Apache NiFi Component Property Encryption

NiFi Security Encryption

2021-07-29 • 12 minute read

Encrypting sensitive component properties is one of the foundational features of Apache NiFi. Understanding and configuring the required settings is essential to deploying a secure system.

Read more

Single User Access and HTTPS in Apache NiFi

NiFi Security

2021-07-21 • 8 minute read

Apache NiFi 1.14.0 builds on a foundation of configurable security and provides a better starting point for simple deployments. Single user authentication and automatic certificate generation for HTTPS access close several gaps in the default configuration.

Read more