Search in sources :

Example 11 with SecurityProviderCreationException

use of org.apache.nifi.registry.security.exception.SecurityProviderCreationException in project nifi-registry by apache.

the class CompositeUserGroupProvider method onConfigured.

@Override
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws SecurityProviderCreationException {
    for (Map.Entry<String, String> entry : configurationContext.getProperties().entrySet()) {
        Matcher matcher = USER_GROUP_PROVIDER_PATTERN.matcher(entry.getKey());
        if (matcher.matches() && !StringUtils.isBlank(entry.getValue())) {
            final String userGroupProviderKey = entry.getValue();
            final UserGroupProvider userGroupProvider = userGroupProviderLookup.getUserGroupProvider(userGroupProviderKey);
            if (userGroupProvider == null) {
                throw new SecurityProviderCreationException(String.format("Unable to locate the configured User Group Provider: %s", userGroupProviderKey));
            }
            if (userGroupProviders.contains(userGroupProvider)) {
                throw new SecurityProviderCreationException(String.format("Duplicate provider in Composite User Group Provider configuration: %s", userGroupProviderKey));
            }
            userGroupProviders.add(userGroupProvider);
        }
    }
    if (!allowEmptyProviderList && userGroupProviders.isEmpty()) {
        throw new SecurityProviderCreationException("At least one User Group Provider must be configured.");
    }
}
Also used : SecurityProviderCreationException(org.apache.nifi.registry.security.exception.SecurityProviderCreationException) Matcher(java.util.regex.Matcher) Map(java.util.Map)

Example 12 with SecurityProviderCreationException

use of org.apache.nifi.registry.security.exception.SecurityProviderCreationException in project nifi-registry by apache.

the class StandardManagedAuthorizer method onConfigured.

@Override
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws SecurityProviderCreationException {
    final PropertyValue accessPolicyProviderKey = configurationContext.getProperty("Access Policy Provider");
    if (!accessPolicyProviderKey.isSet()) {
        throw new SecurityProviderCreationException("The Access Policy Provider must be set.");
    }
    accessPolicyProvider = accessPolicyProviderLookup.getAccessPolicyProvider(accessPolicyProviderKey.getValue());
    // ensure the desired access policy provider was found
    if (accessPolicyProvider == null) {
        throw new SecurityProviderCreationException(String.format("Unable to locate configured Access Policy Provider: %s", accessPolicyProviderKey));
    }
    userGroupProvider = accessPolicyProvider.getUserGroupProvider();
    // ensure the desired access policy provider has a user group provider
    if (userGroupProvider == null) {
        throw new SecurityProviderCreationException(String.format("Configured Access Policy Provider %s does not contain a User Group Provider", accessPolicyProviderKey));
    }
}
Also used : SecurityProviderCreationException(org.apache.nifi.registry.security.exception.SecurityProviderCreationException) PropertyValue(org.apache.nifi.registry.util.PropertyValue)

Example 13 with SecurityProviderCreationException

use of org.apache.nifi.registry.security.exception.SecurityProviderCreationException in project nifi-registry by apache.

the class CompositeConfigurableUserGroupProvider method onConfigured.

@Override
public void onConfigured(AuthorizerConfigurationContext configurationContext) throws SecurityProviderCreationException {
    final PropertyValue configurableUserGroupProviderKey = configurationContext.getProperty(PROP_CONFIGURABLE_USER_GROUP_PROVIDER);
    if (!configurableUserGroupProviderKey.isSet()) {
        throw new SecurityProviderCreationException("The Configurable User Group Provider must be set.");
    }
    final UserGroupProvider userGroupProvider = userGroupProviderLookup.getUserGroupProvider(configurableUserGroupProviderKey.getValue());
    if (userGroupProvider == null) {
        throw new SecurityProviderCreationException(String.format("Unable to locate the Configurable User Group Provider: %s", configurableUserGroupProviderKey));
    }
    if (!(userGroupProvider instanceof ConfigurableUserGroupProvider)) {
        throw new SecurityProviderCreationException(String.format("The Configurable User Group Provider is not configurable: %s", configurableUserGroupProviderKey));
    }
    // Ensure that the ConfigurableUserGroupProvider is not also listed as one of the providers for the CompositeUserGroupProvider
    for (Map.Entry<String, String> entry : configurationContext.getProperties().entrySet()) {
        Matcher matcher = USER_GROUP_PROVIDER_PATTERN.matcher(entry.getKey());
        if (matcher.matches() && !StringUtils.isBlank(entry.getValue())) {
            final String userGroupProviderKey = entry.getValue();
            if (userGroupProviderKey.equals(configurableUserGroupProviderKey.getValue())) {
                throw new SecurityProviderCreationException(String.format("Duplicate provider in Composite Configurable User Group Provider configuration: %s", userGroupProviderKey));
            }
        }
    }
    configurableUserGroupProvider = (ConfigurableUserGroupProvider) userGroupProvider;
    // configure the CompositeUserGroupProvider
    super.onConfigured(configurationContext);
}
Also used : SecurityProviderCreationException(org.apache.nifi.registry.security.exception.SecurityProviderCreationException) Matcher(java.util.regex.Matcher) PropertyValue(org.apache.nifi.registry.util.PropertyValue) Map(java.util.Map)

Example 14 with SecurityProviderCreationException

use of org.apache.nifi.registry.security.exception.SecurityProviderCreationException in project nifi-registry by apache.

the class LdapIdentityProvider method setTimeout.

private void setTimeout(final IdentityProviderConfigurationContext configurationContext, final Map<String, Object> baseEnvironment, final String configurationProperty, final String environmentKey) {
    final String rawTimeout = configurationContext.getProperty(configurationProperty);
    if (StringUtils.isNotBlank(rawTimeout)) {
        try {
            final Long timeout = FormatUtils.getTimeDuration(rawTimeout, TimeUnit.MILLISECONDS);
            baseEnvironment.put(environmentKey, timeout.toString());
        } catch (final IllegalArgumentException iae) {
            throw new SecurityProviderCreationException(String.format("The %s '%s' is not a valid time duration", configurationProperty, rawTimeout));
        }
    }
}
Also used : SecurityProviderCreationException(org.apache.nifi.registry.security.exception.SecurityProviderCreationException)

Aggregations

SecurityProviderCreationException (org.apache.nifi.registry.security.exception.SecurityProviderCreationException)14 IOException (java.io.IOException)7 PropertyValue (org.apache.nifi.registry.util.PropertyValue)6 KeyManagementException (java.security.KeyManagementException)4 KeyStoreException (java.security.KeyStoreException)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 UnrecoverableKeyException (java.security.UnrecoverableKeyException)4 CertificateException (java.security.cert.CertificateException)4 Map (java.util.Map)4 Matcher (java.util.regex.Matcher)4 SSLContext (javax.net.ssl.SSLContext)4 JAXBException (javax.xml.bind.JAXBException)4 SecurityProviderDestructionException (org.apache.nifi.registry.security.exception.SecurityProviderDestructionException)4 SAXException (org.xml.sax.SAXException)4 AuthorizationAccessException (org.apache.nifi.registry.security.authorization.exception.AuthorizationAccessException)3 File (java.io.File)2 Date (java.util.Date)2 HashMap (java.util.HashMap)2 ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)2 XMLStreamException (javax.xml.stream.XMLStreamException)2