Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.3.0
-
None
-
None
Description
The Default Realm property in kerberos-identity-provider is never read or used. The KerberosIdentityProvider implementation should make use of that property in the following prioritized way:
- A realm-qualified principal will not be modified before authentication
- A principal shortname will have Default Realm appended to it when it is not blank before authentication
- A principal shortname will not be modified if Default Realm is blank, and the underlying kerberos implementation will append the default_realm configured in krb5.conf
Attachments
Issue Links
- is related to
-
NIFI-6224 Default Realm in kerberos-provider is not used
- Resolved
- links to