Example 21 with ValidationResult
use of org.apache.nifi.components.ValidationResult in project nifi by apache.
the class AbstractHadoopProcessor method customValidate.
@Override
protected Collection<ValidationResult> customValidate(ValidationContext validationContext) {
final String configResources = validationContext.getProperty(HADOOP_CONFIGURATION_RESOURCES).evaluateAttributeExpressions().getValue();
final String explicitPrincipal = validationContext.getProperty(kerberosProperties.getKerberosPrincipal()).evaluateAttributeExpressions().getValue();
final String explicitKeytab = validationContext.getProperty(kerberosProperties.getKerberosKeytab()).evaluateAttributeExpressions().getValue();
final KerberosCredentialsService credentialsService = validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String resolvedPrincipal;
final String resolvedKeytab;
if (credentialsService == null) {
resolvedPrincipal = explicitPrincipal;
resolvedKeytab = explicitKeytab;
} else {
resolvedPrincipal = credentialsService.getPrincipal();
resolvedKeytab = credentialsService.getKeytab();
}
final List<ValidationResult> results = new ArrayList<>();
if (StringUtils.isBlank(configResources)) {
return results;
}
try {
ValidationResources resources = validationResourceHolder.get();
// then load the Configuration and set the new resources in the holder
if (resources == null || !configResources.equals(resources.getConfigResources())) {
getLogger().debug("Reloading validation resources");
final Configuration config = new ExtendedConfiguration(getLogger());
config.setClassLoader(Thread.currentThread().getContextClassLoader());
resources = new ValidationResources(configResources, getConfigurationFromResources(config, configResources));
validationResourceHolder.set(resources);
}
final Configuration conf = resources.getConfiguration();
results.addAll(KerberosProperties.validatePrincipalAndKeytab(this.getClass().getSimpleName(), conf, resolvedPrincipal, resolvedKeytab, getLogger()));
} catch (final IOException e) {
results.add(new ValidationResult.Builder().valid(false).subject("Hadoop Configuration Resources").explanation("Could not load Hadoop Configuration resources due to: " + e).build());
}
if (credentialsService != null && (explicitPrincipal != null || explicitKeytab != null)) {
results.add(new ValidationResult.Builder().subject("Kerberos Credentials").valid(false).explanation("Cannot specify both a Kerberos Credentials Service and a principal/keytab").build());
}
final String allowExplicitKeytabVariable = System.getenv(ALLOW_EXPLICIT_KEYTAB);
if ("false".equalsIgnoreCase(allowExplicitKeytabVariable) && (explicitPrincipal != null || explicitKeytab != null)) {
results.add(new ValidationResult.Builder().subject("Kerberos Credentials").valid(false).explanation("The '" + ALLOW_EXPLICIT_KEYTAB + "' system environment variable is configured to forbid explicitly configuring principal/keytab in processors. " + "The Kerberos Credentials Service should be used instead of setting the Kerberos Keytab or Kerberos Principal property.").build());
}
return results;
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
KerberosCredentialsService(org.apache.nifi.kerberos.KerberosCredentialsService)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
ValidationResult(org.apache.nifi.components.ValidationResult)
Example 22 with ValidationResult
use of org.apache.nifi.components.ValidationResult in project nifi by apache.
the class TestKerberosProperties method testWithoutKerberosConfigFile.
@Test
public void testWithoutKerberosConfigFile() {
final File file = new File("src/test/resources/krb5.conf");
final KerberosProperties kerberosProperties = new KerberosProperties(null);
Assert.assertNotNull(kerberosProperties);
Assert.assertNull(kerberosProperties.getKerberosConfigFile());
Assert.assertNotNull(kerberosProperties.getKerberosConfigValidator());
Assert.assertNotNull(kerberosProperties.getKerberosPrincipal());
Assert.assertNotNull(kerberosProperties.getKerberosKeytab());
final ValidationResult result = kerberosProperties.getKerberosConfigValidator().validate("test", "principal", null);
Assert.assertFalse(result.isValid());
}
Also used :
ValidationResult(org.apache.nifi.components.ValidationResult)
File(java.io.File)
Test(org.junit.Test)
Example 23 with ValidationResult
use of org.apache.nifi.components.ValidationResult in project nifi by apache.
the class TestKerberosProperties method testValidatePrincipalAndKeytab.
@Test
public void testValidatePrincipalAndKeytab() {
final ComponentLog log = Mockito.mock(ComponentLog.class);
final Configuration config = new Configuration();
// no security enabled in config so doesn't matter what principal and keytab are
List<ValidationResult> results = KerberosProperties.validatePrincipalAndKeytab("test", config, null, null, log);
Assert.assertEquals(0, results.size());
results = KerberosProperties.validatePrincipalAndKeytab("test", config, "principal", null, log);
Assert.assertEquals(0, results.size());
results = KerberosProperties.validatePrincipalAndKeytab("test", config, "principal", "keytab", log);
Assert.assertEquals(0, results.size());
// change the config to have kerberos turned on
config.set("hadoop.security.authentication", "kerberos");
config.set("hadoop.security.authorization", "true");
results = KerberosProperties.validatePrincipalAndKeytab("test", config, null, null, log);
Assert.assertEquals(2, results.size());
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
ValidationResult(org.apache.nifi.components.ValidationResult)
ComponentLog(org.apache.nifi.logging.ComponentLog)
Test(org.junit.Test)
Example 24 with ValidationResult
use of org.apache.nifi.components.ValidationResult in project nifi by apache.
the class AbstractMQTTProcessor method customValidate.
@Override
public Collection<ValidationResult> customValidate(final ValidationContext validationContext) {
final List<ValidationResult> results = new ArrayList<>(1);
final boolean usernameSet = validationContext.getProperty(PROP_USERNAME).isSet();
final boolean passwordSet = validationContext.getProperty(PROP_PASSWORD).isSet();
if ((usernameSet && !passwordSet) || (!usernameSet && passwordSet)) {
results.add(new ValidationResult.Builder().subject("Username and Password").valid(false).explanation("if username or password is set, both must be set").build());
}
final boolean lastWillTopicSet = validationContext.getProperty(PROP_LAST_WILL_TOPIC).isSet();
final boolean lastWillMessageSet = validationContext.getProperty(PROP_LAST_WILL_MESSAGE).isSet();
final boolean lastWillRetainSet = validationContext.getProperty(PROP_LAST_WILL_RETAIN).isSet();
final boolean lastWillQosSet = validationContext.getProperty(PROP_LAST_WILL_QOS).isSet();
// If any of the Last Will Properties are set
if (lastWillTopicSet || lastWillMessageSet || lastWillRetainSet || lastWillQosSet) {
// And any are not set
if (!(lastWillTopicSet && lastWillMessageSet && lastWillRetainSet && lastWillQosSet)) {
// Then mark as invalid
results.add(new ValidationResult.Builder().subject("Last Will Properties").valid(false).explanation("if any of the Last Will Properties (message, topic, retain and QoS) are " + "set, all must be set.").build());
}
}
try {
URI brokerURI = new URI(validationContext.getProperty(PROP_BROKER_URI).getValue());
if (brokerURI.getScheme().equalsIgnoreCase("ssl") && !validationContext.getProperty(PROP_SSL_CONTEXT_SERVICE).isSet()) {
results.add(new ValidationResult.Builder().subject(PROP_SSL_CONTEXT_SERVICE.getName() + " or " + PROP_BROKER_URI.getName()).valid(false).explanation("if the 'ssl' scheme is used in " + "the broker URI, the SSL Context Service must be set.").build());
}
} catch (URISyntaxException e) {
results.add(new ValidationResult.Builder().subject(PROP_BROKER_URI.getName()).valid(false).explanation("it is not valid URI syntax.").build());
}
return results;
}
Also used :
ArrayList(java.util.ArrayList)
URISyntaxException(java.net.URISyntaxException)
ValidationResult(org.apache.nifi.components.ValidationResult)
URI(java.net.URI)
Example 25 with ValidationResult
use of org.apache.nifi.components.ValidationResult in project nifi by apache.
the class PutSyslog method customValidate.
@Override
protected Collection<ValidationResult> customValidate(final ValidationContext context) {
final Collection<ValidationResult> results = new ArrayList<>();
final String protocol = context.getProperty(PROTOCOL).getValue();
final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
if (UDP_VALUE.getValue().equals(protocol) && sslContextService != null) {
results.add(new ValidationResult.Builder().explanation("SSL can not be used with UDP").valid(false).subject("SSL Context").build());
}
return results;
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
ArrayList(java.util.ArrayList)
ValidationResult(org.apache.nifi.components.ValidationResult)
Aggregations
ValidationResult (org.apache.nifi.components.ValidationResult)153
ArrayList (java.util.ArrayList)63
Test (org.junit.Test)56
ValidationContext (org.apache.nifi.components.ValidationContext)36
MockProcessContext (org.apache.nifi.util.MockProcessContext)26
TestRunner (org.apache.nifi.util.TestRunner)21
PropertyDescriptor (org.apache.nifi.components.PropertyDescriptor)20
Validator (org.apache.nifi.components.Validator)20
HashSet (java.util.HashSet)18
ProcessContext (org.apache.nifi.processor.ProcessContext)15
HashMap (java.util.HashMap)12
File (java.io.File)11
Collection (java.util.Collection)11
SSLContextService (org.apache.nifi.ssl.SSLContextService)11
Map (java.util.Map)10
List (java.util.List)9
ComponentLog (org.apache.nifi.logging.ComponentLog)9
IOException (java.io.IOException)8
ControllerServiceNode (org.apache.nifi.controller.service.ControllerServiceNode)8
KerberosCredentialsService (org.apache.nifi.kerberos.KerberosCredentialsService)8
