Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.9.0
-
None
-
None
-
Linux, CentOS7
-
Important
Description
Hello,
So we are currently using Nifi to send documents to Couchbase. As we had switched over LDAP users we encounter an issue. It's not possible to contact using the current connectEnvironment builder.
Looking through the development of the Java SDK of couchbase, the feature Add force SASL PLAIN for LDAP compliance (JVMCBC-473) was added in version 2.5.3 to disable SCRAM-SHA authentication (with which the password is hashed) and use PLAIN authentication instead (Nifi currently is using 2.5.8). This is required because LDAP can't take the password if it has already been hashed, as it needs to be compared to the password stored on the LDAP server. The default setting for this is false, so PLAIN authentication is not used by default.
So, in the case where LDAP users are required, we should find a way to add forcePlain() to the ConnectEnvironment builder. We should maybe add a boolean inside the PutCouchbaseKey or GetCouchbaseKey to add this forcePlain depending on the type of connection (LDAP or local).
Regards,
Jérôme
