Example 21 with Group
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class TestFlowController method testSynchronizeFlowWithReportingTaskAndProcessorReferencingControllerService.
@Test
public void testSynchronizeFlowWithReportingTaskAndProcessorReferencingControllerService() throws IOException {
final FlowSynchronizer standardFlowSynchronizer = new StandardFlowSynchronizer(StringEncryptor.createEncryptor(nifiProperties), nifiProperties);
// create a mock proposed data flow with the same auth fingerprint as the current authorizer
final String authFingerprint = authorizer.getFingerprint();
final DataFlow proposedDataFlow = Mockito.mock(DataFlow.class);
when(proposedDataFlow.getAuthorizerFingerprint()).thenReturn(authFingerprint.getBytes(StandardCharsets.UTF_8));
final File flowFile = new File("src/test/resources/conf/reporting-task-with-cs-flow-0.7.0.xml");
final String flow = IOUtils.toString(new FileInputStream(flowFile));
when(proposedDataFlow.getFlow()).thenReturn(flow.getBytes(StandardCharsets.UTF_8));
controller.synchronize(standardFlowSynchronizer, proposedDataFlow);
// should be two controller services
final Set<ControllerServiceNode> controllerServiceNodes = controller.getAllControllerServices();
assertNotNull(controllerServiceNodes);
assertEquals(2, controllerServiceNodes.size());
// find the controller service that was moved to the root group
final ControllerServiceNode rootGroupCs = controllerServiceNodes.stream().filter(c -> c.getProcessGroup() != null).findFirst().get();
assertNotNull(rootGroupCs);
// find the controller service that was not moved to the root group
final ControllerServiceNode controllerCs = controllerServiceNodes.stream().filter(c -> c.getProcessGroup() == null).findFirst().get();
assertNotNull(controllerCs);
// should be same class (not Ghost), different ids, and same properties
assertEquals(rootGroupCs.getCanonicalClassName(), controllerCs.getCanonicalClassName());
assertFalse(rootGroupCs.getCanonicalClassName().contains("Ghost"));
assertNotEquals(rootGroupCs.getIdentifier(), controllerCs.getIdentifier());
assertEquals(rootGroupCs.getProperties(), controllerCs.getProperties());
// should be one processor
final Set<ProcessorNode> processorNodes = controller.getGroup(controller.getRootGroupId()).getProcessors();
assertNotNull(processorNodes);
assertEquals(1, processorNodes.size());
// verify the processor is still pointing at the controller service that got moved to the root group
final ProcessorNode processorNode = processorNodes.stream().findFirst().get();
final PropertyDescriptor procControllerServiceProp = processorNode.getProperties().entrySet().stream().filter(e -> e.getValue().equals(rootGroupCs.getIdentifier())).map(e -> e.getKey()).findFirst().get();
assertNotNull(procControllerServiceProp);
// should be one reporting task
final Set<ReportingTaskNode> reportingTaskNodes = controller.getAllReportingTasks();
assertNotNull(reportingTaskNodes);
assertEquals(1, reportingTaskNodes.size());
// verify that the reporting task is pointing at the controller service at the controller level
final ReportingTaskNode reportingTaskNode = reportingTaskNodes.stream().findFirst().get();
final PropertyDescriptor reportingTaskControllerServiceProp = reportingTaskNode.getProperties().entrySet().stream().filter(e -> e.getValue().equals(controllerCs.getIdentifier())).map(e -> e.getKey()).findFirst().get();
assertNotNull(reportingTaskControllerServiceProp);
}
Also used :
MockPolicyBasedAuthorizer(org.apache.nifi.authorization.MockPolicyBasedAuthorizer)
Bundle(org.apache.nifi.bundle.Bundle)
Arrays(java.util.Arrays)
ProcessorInstantiationException(org.apache.nifi.controller.exception.ProcessorInstantiationException)
FlowFileEventRepository(org.apache.nifi.controller.repository.FlowFileEventRepository)
ProcessGroup(org.apache.nifi.groups.ProcessGroup)
BundleCoordinate(org.apache.nifi.bundle.BundleCoordinate)
ProcessorConfigDTO(org.apache.nifi.web.api.dto.ProcessorConfigDTO)
URL(java.net.URL)
AbstractPolicyBasedAuthorizer(org.apache.nifi.authorization.AbstractPolicyBasedAuthorizer)
BundleDTO(org.apache.nifi.web.api.dto.BundleDTO)
ReportingTaskInstantiationException(org.apache.nifi.controller.reporting.ReportingTaskInstantiationException)
PropertyDescriptor(org.apache.nifi.components.PropertyDescriptor)
PositionDTO(org.apache.nifi.web.api.dto.PositionDTO)
FlowSynchronizer(org.apache.nifi.controller.serialization.FlowSynchronizer)
ServiceB(org.apache.nifi.controller.service.mock.ServiceB)
SchedulingStrategy(org.apache.nifi.scheduling.SchedulingStrategy)
After(org.junit.After)
Map(java.util.Map)
MockProvenanceRepository(org.apache.nifi.provenance.MockProvenanceRepository)
FlowRegistryClient(org.apache.nifi.registry.flow.FlowRegistryClient)
ControllerServiceDTO(org.apache.nifi.web.api.dto.ControllerServiceDTO)
Set(java.util.Set)
UUID(java.util.UUID)
StandardCharsets(java.nio.charset.StandardCharsets)
User(org.apache.nifi.authorization.User)
VariableRegistry(org.apache.nifi.registry.VariableRegistry)
IOUtils(org.apache.commons.io.IOUtils)
Stateful(org.apache.nifi.annotation.behavior.Stateful)
Assert.assertFalse(org.junit.Assert.assertFalse)
DummyProcessor(org.apache.nifi.controller.service.mock.DummyProcessor)
ProcessorDTO(org.apache.nifi.web.api.dto.ProcessorDTO)
ExtensionManager(org.apache.nifi.nar.ExtensionManager)
DummyReportingTask(org.apache.nifi.controller.service.mock.DummyReportingTask)
AuditService(org.apache.nifi.admin.service.AuditService)
FlowSnippetDTO(org.apache.nifi.web.api.dto.FlowSnippetDTO)
Mockito.mock(org.mockito.Mockito.mock)
DataFlow(org.apache.nifi.cluster.protocol.DataFlow)
ControllerServiceNode(org.apache.nifi.controller.service.ControllerServiceNode)
HashMap(java.util.HashMap)
Group(org.apache.nifi.authorization.Group)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
LinkedHashMap(java.util.LinkedHashMap)
StringEncryptor(org.apache.nifi.encrypt.StringEncryptor)
Relationship(org.apache.nifi.processor.Relationship)
SystemBundle(org.apache.nifi.nar.SystemBundle)
LogLevel(org.apache.nifi.logging.LogLevel)
LinkedHashSet(java.util.LinkedHashSet)
Before(org.junit.Before)
InstanceClassLoader(org.apache.nifi.nar.InstanceClassLoader)
FileBasedVariableRegistry(org.apache.nifi.registry.variable.FileBasedVariableRegistry)
MalformedURLException(java.net.MalformedURLException)
RequestAction(org.apache.nifi.authorization.RequestAction)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
Assert.assertTrue(org.junit.Assert.assertTrue)
LogRepository(org.apache.nifi.logging.LogRepository)
Test(org.junit.Test)
IOException(java.io.IOException)
FileUtils(org.apache.commons.io.FileUtils)
FileInputStream(java.io.FileInputStream)
Mockito.when(org.mockito.Mockito.when)
ServiceA(org.apache.nifi.controller.service.mock.ServiceA)
File(java.io.File)
Assert.assertNotEquals(org.junit.Assert.assertNotEquals)
TimeUnit(java.util.concurrent.TimeUnit)
Mockito(org.mockito.Mockito)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
AccessPolicy(org.apache.nifi.authorization.AccessPolicy)
BulletinRepository(org.apache.nifi.reporting.BulletinRepository)
Assert(org.junit.Assert)
Collections(java.util.Collections)
LogRepositoryFactory(org.apache.nifi.logging.LogRepositoryFactory)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
PropertyDescriptor(org.apache.nifi.components.PropertyDescriptor)
DataFlow(org.apache.nifi.cluster.protocol.DataFlow)
FileInputStream(java.io.FileInputStream)
ControllerServiceNode(org.apache.nifi.controller.service.ControllerServiceNode)
FlowSynchronizer(org.apache.nifi.controller.serialization.FlowSynchronizer)
File(java.io.File)
Test(org.junit.Test)
Example 22 with Group
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class TestStandardReportingContext method setup.
@Before
public void setup() {
flowFileEventRepo = Mockito.mock(FlowFileEventRepository.class);
auditService = Mockito.mock(AuditService.class);
final Map<String, String> otherProps = new HashMap<>();
otherProps.put(NiFiProperties.PROVENANCE_REPO_IMPLEMENTATION_CLASS, MockProvenanceRepository.class.getName());
otherProps.put("nifi.remote.input.socket.port", "");
otherProps.put("nifi.remote.input.secure", "");
nifiProperties = NiFiProperties.createBasicNiFiProperties(propsFile, otherProps);
encryptor = StringEncryptor.createEncryptor(nifiProperties);
// use the system bundle
systemBundle = SystemBundle.create(nifiProperties);
ExtensionManager.discoverExtensions(systemBundle, Collections.emptySet());
User user1 = new User.Builder().identifier("user-id-1").identity("user-1").build();
User user2 = new User.Builder().identifier("user-id-2").identity("user-2").build();
Group group1 = new Group.Builder().identifier("group-id-1").name("group-1").addUser(user1.getIdentifier()).build();
Group group2 = new Group.Builder().identifier("group-id-2").name("group-2").build();
AccessPolicy policy1 = new AccessPolicy.Builder().identifier("policy-id-1").resource("resource1").action(RequestAction.READ).addUser(user1.getIdentifier()).addUser(user2.getIdentifier()).build();
AccessPolicy policy2 = new AccessPolicy.Builder().identifier("policy-id-2").resource("resource2").action(RequestAction.READ).addGroup(group1.getIdentifier()).addGroup(group2.getIdentifier()).addUser(user1.getIdentifier()).addUser(user2.getIdentifier()).build();
Set<Group> groups1 = new LinkedHashSet<>();
groups1.add(group1);
groups1.add(group2);
Set<User> users1 = new LinkedHashSet<>();
users1.add(user1);
users1.add(user2);
Set<AccessPolicy> policies1 = new LinkedHashSet<>();
policies1.add(policy1);
policies1.add(policy2);
authorizer = new MockPolicyBasedAuthorizer(groups1, users1, policies1);
variableRegistry = new FileBasedVariableRegistry(nifiProperties.getVariableRegistryPropertiesPaths());
flowRegistry = Mockito.mock(FlowRegistryClient.class);
bulletinRepo = Mockito.mock(BulletinRepository.class);
controller = FlowController.createStandaloneInstance(flowFileEventRepo, nifiProperties, authorizer, auditService, encryptor, bulletinRepo, variableRegistry, flowRegistry);
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
Group(org.apache.nifi.authorization.Group)
BulletinRepository(org.apache.nifi.reporting.BulletinRepository)
User(org.apache.nifi.authorization.User)
HashMap(java.util.HashMap)
FlowRegistryClient(org.apache.nifi.registry.flow.FlowRegistryClient)
AccessPolicy(org.apache.nifi.authorization.AccessPolicy)
FlowFileEventRepository(org.apache.nifi.controller.repository.FlowFileEventRepository)
MockProvenanceRepository(org.apache.nifi.provenance.MockProvenanceRepository)
MockPolicyBasedAuthorizer(org.apache.nifi.authorization.MockPolicyBasedAuthorizer)
AuditService(org.apache.nifi.admin.service.AuditService)
FileBasedVariableRegistry(org.apache.nifi.registry.variable.FileBasedVariableRegistry)
Before(org.junit.Before)
Example 23 with Group
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class UserGroupAuditor method createUserGroupAdvice.
/**
* Audits the creation of policies via createUser().
*
* This method only needs to be run 'after returning'. However, in Java 7 the order in which these methods are returned from Class.getDeclaredMethods (even though there is no order guaranteed)
* seems to differ from Java 6. SpringAOP depends on this ordering to determine advice precedence. By normalizing all advice into Around advice we can alleviate this issue.
*
* @param proceedingJoinPoint join point
* @return node
* @throws Throwable ex
*/
@Around("within(org.apache.nifi.web.dao.UserGroupDAO+) && " + "execution(org.apache.nifi.authorization.Group createUserGroup(org.apache.nifi.web.api.dto.UserGroupDTO))")
public Group createUserGroupAdvice(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
// create the access user group
Group userGroup = (Group) proceedingJoinPoint.proceed();
// if no exceptions were thrown, add the user action...
final Action action = generateAuditRecord(userGroup, Operation.Add);
// save the actions
if (action != null) {
saveAction(action, logger);
}
return userGroup;
}
Also used :
Group(org.apache.nifi.authorization.Group)
FlowChangeAction(org.apache.nifi.action.FlowChangeAction)
Action(org.apache.nifi.action.Action)
Around(org.aspectj.lang.annotation.Around)
Example 24 with Group
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class UserGroupAuditor method updateUserAdvice.
/**
* Audits the configuration of a single user.
*
* @param proceedingJoinPoint join point
* @param userGroupDTO dto
* @param userGroupDAO dao
* @return node
* @throws Throwable ex
*/
@Around("within(org.apache.nifi.web.dao.UserGroupDAO+) && " + "execution(org.apache.nifi.authorization.Group updateUserGroup(org.apache.nifi.web.api.dto.UserGroupDTO)) && " + "args(userGroupDTO) && " + "target(userGroupDAO)")
public Group updateUserAdvice(ProceedingJoinPoint proceedingJoinPoint, UserGroupDTO userGroupDTO, UserGroupDAO userGroupDAO) throws Throwable {
// determine the initial values for each property/setting that's changing
Group user = userGroupDAO.getUserGroup(userGroupDTO.getId());
final Map<String, String> values = extractConfiguredPropertyValues(user, userGroupDTO);
// update the user state
final Group updatedUserGroup = (Group) proceedingJoinPoint.proceed();
// if no exceptions were thrown, add the user group action...
user = userGroupDAO.getUserGroup(updatedUserGroup.getIdentifier());
// get the current user
NiFiUser niFiUser = NiFiUserUtils.getNiFiUser();
// ensure the user was found
if (niFiUser != null) {
// determine the updated values
Map<String, String> updatedValues = extractConfiguredPropertyValues(user, userGroupDTO);
// create a user action
Date actionTimestamp = new Date();
Collection<Action> actions = new ArrayList<>();
// go through each updated value
for (String property : updatedValues.keySet()) {
String newValue = updatedValues.get(property);
String oldValue = values.get(property);
Operation operation = null;
// determine the type of operation
if (oldValue == null || newValue == null || !newValue.equals(oldValue)) {
operation = Operation.Configure;
}
// create a configuration action accordingly
if (operation != null) {
final FlowChangeConfigureDetails actionDetails = new FlowChangeConfigureDetails();
actionDetails.setName(property);
actionDetails.setValue(newValue);
actionDetails.setPreviousValue(oldValue);
// create a configuration action
FlowChangeAction configurationAction = new FlowChangeAction();
configurationAction.setUserIdentity(niFiUser.getIdentity());
configurationAction.setOperation(operation);
configurationAction.setTimestamp(actionTimestamp);
configurationAction.setSourceId(user.getIdentifier());
configurationAction.setSourceName(user.getName());
configurationAction.setSourceType(Component.UserGroup);
configurationAction.setActionDetails(actionDetails);
actions.add(configurationAction);
}
}
// ensure there are actions to record
if (!actions.isEmpty()) {
// save the actions
saveActions(actions, logger);
}
}
return updatedUserGroup;
}
Also used :
Group(org.apache.nifi.authorization.Group)
FlowChangeAction(org.apache.nifi.action.FlowChangeAction)
Action(org.apache.nifi.action.Action)
NiFiUser(org.apache.nifi.authorization.user.NiFiUser)
FlowChangeConfigureDetails(org.apache.nifi.action.details.FlowChangeConfigureDetails)
ArrayList(java.util.ArrayList)
Operation(org.apache.nifi.action.Operation)
Date(java.util.Date)
FlowChangeAction(org.apache.nifi.action.FlowChangeAction)
Around(org.aspectj.lang.annotation.Around)
Example 25 with Group
use of org.apache.nifi.authorization.Group in project nifi by apache.
the class LdapUserGroupProvider method load.
/**
* Reloads the tenants.
*/
private void load(final ContextSource contextSource) {
// create the ldapTemplate based on the context source. use a single source context to use the same connection
// to support paging when configured
final SingleContextSource singleContextSource = new SingleContextSource(contextSource.getReadOnlyContext());
final LdapTemplate ldapTemplate = new LdapTemplate(singleContextSource);
try {
final List<User> userList = new ArrayList<>();
final List<Group> groupList = new ArrayList<>();
// group dn -> user identifiers lookup
final Map<String, Set<String>> groupToUserIdentifierMappings = new HashMap<>();
// user dn -> user lookup
final Map<String, User> userLookup = new HashMap<>();
if (performUserSearch) {
// search controls
final SearchControls userControls = new SearchControls();
userControls.setSearchScope(userSearchScope.ordinal());
// consider paging support for users
final DirContextProcessor userProcessor;
if (pageSize == null) {
userProcessor = new NullDirContextProcessor();
} else {
userProcessor = new PagedResultsDirContextProcessor(pageSize);
}
// looking for objects matching the user object class
final AndFilter userFilter = new AndFilter();
userFilter.and(new EqualsFilter("objectClass", userObjectClass));
// if a filter has been provided by the user, we add it to the filter
if (StringUtils.isNotBlank(userSearchFilter)) {
userFilter.and(new HardcodedFilter(userSearchFilter));
}
do {
userList.addAll(ldapTemplate.search(userSearchBase, userFilter.encode(), userControls, new AbstractContextMapper<User>() {
@Override
protected User doMapFromContext(DirContextOperations ctx) {
// get the user identity
final String identity = getUserIdentity(ctx);
// build the user
final User user = new User.Builder().identifierGenerateFromSeed(identity).identity(identity).build();
// store the user for group member later
userLookup.put(getReferencedUserValue(ctx), user);
if (StringUtils.isNotBlank(userGroupNameAttribute)) {
final Attribute attributeGroups = ctx.getAttributes().get(userGroupNameAttribute);
if (attributeGroups == null) {
logger.warn("User group name attribute [" + userGroupNameAttribute + "] does not exist. Ignoring group membership.");
} else {
try {
final NamingEnumeration<String> groupValues = (NamingEnumeration<String>) attributeGroups.getAll();
while (groupValues.hasMoreElements()) {
// store the group -> user identifier mapping
groupToUserIdentifierMappings.computeIfAbsent(groupValues.next(), g -> new HashSet<>()).add(user.getIdentifier());
}
} catch (NamingException e) {
throw new AuthorizationAccessException("Error while retrieving user group name attribute [" + userIdentityAttribute + "].");
}
}
}
return user;
}
}, userProcessor));
} while (hasMorePages(userProcessor));
}
if (performGroupSearch) {
final SearchControls groupControls = new SearchControls();
groupControls.setSearchScope(groupSearchScope.ordinal());
// consider paging support for groups
final DirContextProcessor groupProcessor;
if (pageSize == null) {
groupProcessor = new NullDirContextProcessor();
} else {
groupProcessor = new PagedResultsDirContextProcessor(pageSize);
}
// looking for objects matching the group object class
AndFilter groupFilter = new AndFilter();
groupFilter.and(new EqualsFilter("objectClass", groupObjectClass));
// if a filter has been provided by the user, we add it to the filter
if (StringUtils.isNotBlank(groupSearchFilter)) {
groupFilter.and(new HardcodedFilter(groupSearchFilter));
}
do {
groupList.addAll(ldapTemplate.search(groupSearchBase, groupFilter.encode(), groupControls, new AbstractContextMapper<Group>() {
@Override
protected Group doMapFromContext(DirContextOperations ctx) {
final String dn = ctx.getDn().toString();
// get the group identity
final String name = getGroupName(ctx);
// get the value of this group that may associate it to users
final String referencedGroupValue = getReferencedGroupValue(ctx);
if (!StringUtils.isBlank(groupMemberAttribute)) {
Attribute attributeUsers = ctx.getAttributes().get(groupMemberAttribute);
if (attributeUsers == null) {
logger.warn("Group member attribute [" + groupMemberAttribute + "] does not exist. Ignoring group membership.");
} else {
try {
final NamingEnumeration<String> userValues = (NamingEnumeration<String>) attributeUsers.getAll();
while (userValues.hasMoreElements()) {
final String userValue = userValues.next();
if (performUserSearch) {
// find the user by it's referenced attribute and add the identifier to this group
final User user = userLookup.get(userValue);
// ensure the user is known
if (user != null) {
groupToUserIdentifierMappings.computeIfAbsent(referencedGroupValue, g -> new HashSet<>()).add(user.getIdentifier());
} else {
logger.warn(String.format("%s contains member %s but that user was not found while searching users. Ignoring group membership.", name, userValue));
}
} else {
// since performUserSearch is false, then the referenced group attribute must be blank... the user value must be the dn
final String userDn = userValue;
final String userIdentity;
if (useDnForUserIdentity) {
// use the user value to avoid the unnecessary look up
userIdentity = userDn;
} else {
// lookup the user to extract the user identity
userIdentity = getUserIdentity((DirContextAdapter) ldapTemplate.lookup(userDn));
}
// build the user
final User user = new User.Builder().identifierGenerateFromSeed(userIdentity).identity(userIdentity).build();
// add this user
userList.add(user);
groupToUserIdentifierMappings.computeIfAbsent(referencedGroupValue, g -> new HashSet<>()).add(user.getIdentifier());
}
}
} catch (NamingException e) {
throw new AuthorizationAccessException("Error while retrieving group name attribute [" + groupNameAttribute + "].");
}
}
}
// build this group
final Group.Builder groupBuilder = new Group.Builder().identifierGenerateFromSeed(name).name(name);
// add all users that were associated with this referenced group attribute
if (groupToUserIdentifierMappings.containsKey(referencedGroupValue)) {
groupToUserIdentifierMappings.remove(referencedGroupValue).forEach(userIdentifier -> groupBuilder.addUser(userIdentifier));
}
return groupBuilder.build();
}
}, groupProcessor));
} while (hasMorePages(groupProcessor));
// any remaining groupDn's were referenced by a user but not found while searching groups
groupToUserIdentifierMappings.forEach((referencedGroupValue, userIdentifiers) -> {
logger.warn(String.format("[%s] are members of %s but that group was not found while searching users. Ignoring group membership.", StringUtils.join(userIdentifiers, ", "), referencedGroupValue));
});
} else {
// since performGroupSearch is false, then the referenced user attribute must be blank... the group value must be the dn
// groups are not being searched so lookup any groups identified while searching users
groupToUserIdentifierMappings.forEach((groupDn, userIdentifiers) -> {
final String groupName;
if (useDnForGroupName) {
// use the dn to avoid the unnecessary look up
groupName = groupDn;
} else {
groupName = getGroupName((DirContextAdapter) ldapTemplate.lookup(groupDn));
}
// define the group
final Group.Builder groupBuilder = new Group.Builder().identifierGenerateFromSeed(groupName).name(groupName);
// add each user
userIdentifiers.forEach(userIdentifier -> groupBuilder.addUser(userIdentifier));
// build the group
groupList.add(groupBuilder.build());
});
}
// record the updated tenants
tenants.set(new TenantHolder(new HashSet<>(userList), new HashSet<>(groupList)));
} finally {
singleContextSource.destroy();
}
}
Also used :
SSLContext(javax.net.ssl.SSLContext)
AbstractContextMapper(org.springframework.ldap.core.support.AbstractContextMapper)
AndFilter(org.springframework.ldap.filter.AndFilter)
LoggerFactory(org.slf4j.LoggerFactory)
LdapTemplate(org.springframework.ldap.core.LdapTemplate)
NamingException(javax.naming.NamingException)
KeyStoreException(java.security.KeyStoreException)
StringUtils(org.apache.commons.lang3.StringUtils)
PropertyValue(org.apache.nifi.components.PropertyValue)
UserGroupProvider(org.apache.nifi.authorization.UserGroupProvider)
Attribute(javax.naming.directory.Attribute)
Map(java.util.Map)
AuthorizerCreationException(org.apache.nifi.authorization.exception.AuthorizerCreationException)
DirContextAdapter(org.springframework.ldap.core.DirContextAdapter)
ThreadFactory(java.util.concurrent.ThreadFactory)
LdapContextSource(org.springframework.ldap.core.support.LdapContextSource)
Set(java.util.Set)
AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)
KeyManagementException(java.security.KeyManagementException)
HardcodedFilter(org.springframework.ldap.filter.HardcodedFilter)
Executors(java.util.concurrent.Executors)
User(org.apache.nifi.authorization.User)
UserAndGroups(org.apache.nifi.authorization.UserAndGroups)
List(java.util.List)
ClientAuth(org.apache.nifi.security.util.SslContextFactory.ClientAuth)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NamingEnumeration(javax.naming.NamingEnumeration)
SingleContextSource(org.springframework.ldap.core.support.SingleContextSource)
UserGroupProviderInitializationContext(org.apache.nifi.authorization.UserGroupProviderInitializationContext)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
LdapsSocketFactory(org.apache.nifi.ldap.LdapsSocketFactory)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
DirContextProcessor(org.springframework.ldap.core.DirContextProcessor)
HashMap(java.util.HashMap)
Group(org.apache.nifi.authorization.Group)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
SearchControls(javax.naming.directory.SearchControls)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
SimpleDirContextAuthenticationStrategy(org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy)
AuthorizerContext(org.apache.nifi.authorization.annotation.AuthorizerContext)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService)
AbstractTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy)
DefaultTlsDirContextAuthenticationStrategy(org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy)
Context(javax.naming.Context)
IdentityMapping(org.apache.nifi.authorization.util.IdentityMapping)
ProviderDestructionException(org.apache.nifi.authentication.exception.ProviderDestructionException)
IdentityMappingUtil(org.apache.nifi.authorization.util.IdentityMappingUtil)
Logger(org.slf4j.Logger)
ContextSource(org.springframework.ldap.core.ContextSource)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
TimeUnit(java.util.concurrent.TimeUnit)
EqualsFilter(org.springframework.ldap.filter.EqualsFilter)
ReferralStrategy(org.apache.nifi.ldap.ReferralStrategy)
FormatUtils(org.apache.nifi.util.FormatUtils)
NiFiProperties(org.apache.nifi.util.NiFiProperties)
SslContextFactory(org.apache.nifi.security.util.SslContextFactory)
AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException)
LdapAuthenticationStrategy(org.apache.nifi.ldap.LdapAuthenticationStrategy)
Collections(java.util.Collections)
Group(org.apache.nifi.authorization.Group)
User(org.apache.nifi.authorization.User)
Set(java.util.Set)
HashSet(java.util.HashSet)
HashMap(java.util.HashMap)
Attribute(javax.naming.directory.Attribute)
ArrayList(java.util.ArrayList)
NamingEnumeration(javax.naming.NamingEnumeration)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
DirContextProcessor(org.springframework.ldap.core.DirContextProcessor)
PagedResultsDirContextProcessor(org.springframework.ldap.control.PagedResultsDirContextProcessor)
LdapTemplate(org.springframework.ldap.core.LdapTemplate)
AuthorizationAccessException(org.apache.nifi.authorization.exception.AuthorizationAccessException)
DirContextAdapter(org.springframework.ldap.core.DirContextAdapter)
SearchControls(javax.naming.directory.SearchControls)
NamingException(javax.naming.NamingException)
EqualsFilter(org.springframework.ldap.filter.EqualsFilter)
HashSet(java.util.HashSet)
SingleContextSource(org.springframework.ldap.core.support.SingleContextSource)
NullDirContextProcessor(org.springframework.ldap.core.LdapTemplate.NullDirContextProcessor)
HardcodedFilter(org.springframework.ldap.filter.HardcodedFilter)
AndFilter(org.springframework.ldap.filter.AndFilter)
AbstractContextMapper(org.springframework.ldap.core.support.AbstractContextMapper)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
Aggregations
Group (org.apache.nifi.authorization.Group)39
Set (java.util.Set)27
HashMap (java.util.HashMap)21
User (org.apache.nifi.authorization.User)21
NiFiProperties (org.apache.nifi.util.NiFiProperties)21
AccessPolicy (org.apache.nifi.authorization.AccessPolicy)20
ArrayList (java.util.ArrayList)18
Collections (java.util.Collections)18
HashSet (java.util.HashSet)18
LinkedHashSet (java.util.LinkedHashSet)17
Map (java.util.Map)17
BulletinRepository (org.apache.nifi.reporting.BulletinRepository)17
LinkedHashMap (java.util.LinkedHashMap)16
Action (org.apache.nifi.action.Action)16
RequestAction (org.apache.nifi.authorization.RequestAction)16
ProcessGroup (org.apache.nifi.groups.ProcessGroup)16
Arrays (java.util.Arrays)15
Collectors (java.util.stream.Collectors)15
AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)15
PropertyDescriptor (org.apache.nifi.components.PropertyDescriptor)15
