Example 11 with SSLContextService
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class ReportLineageToAtlas method setKafkaConfig.
private void setKafkaConfig(Map<Object, Object> mapToPopulate, PropertyContext context) {
final String kafkaBootStrapServers = context.getProperty(KAFKA_BOOTSTRAP_SERVERS).evaluateAttributeExpressions().getValue();
mapToPopulate.put(ATLAS_PROPERTY_KAFKA_BOOTSTRAP_SERVERS, kafkaBootStrapServers);
mapToPopulate.put(ATLAS_PROPERTY_KAFKA_CLIENT_ID, String.format("%s.%s", getName(), getIdentifier()));
final String kafkaSecurityProtocol = context.getProperty(KAFKA_SECURITY_PROTOCOL).getValue();
mapToPopulate.put(ATLAS_KAFKA_PREFIX + "security.protocol", kafkaSecurityProtocol);
// Translate SSLContext Service configuration into Kafka properties
final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
if (sslContextService != null && sslContextService.isKeyStoreConfigured()) {
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG, sslContextService.getKeyStoreFile());
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, sslContextService.getKeyStorePassword());
final String keyPass = sslContextService.getKeyPassword() == null ? sslContextService.getKeyStorePassword() : sslContextService.getKeyPassword();
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_KEY_PASSWORD_CONFIG, keyPass);
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_KEYSTORE_TYPE_CONFIG, sslContextService.getKeyStoreType());
}
if (sslContextService != null && sslContextService.isTrustStoreConfigured()) {
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG, sslContextService.getTrustStoreFile());
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, sslContextService.getTrustStorePassword());
mapToPopulate.put(ATLAS_KAFKA_PREFIX + SslConfigs.SSL_TRUSTSTORE_TYPE_CONFIG, sslContextService.getTrustStoreType());
}
if (SEC_SASL_PLAINTEXT.equals(kafkaSecurityProtocol) || SEC_SASL_SSL.equals(kafkaSecurityProtocol)) {
setKafkaJaasConfig(mapToPopulate, context);
}
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
Example 12 with SSLContextService
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class AbstractMongoProcessorTest method testcreateClientWithSSL.
@Test
public void testcreateClientWithSSL() throws Exception {
SSLContextService sslService = mock(SSLContextService.class);
SSLContext sslContext = mock(SSLContext.class);
when(sslService.getIdentifier()).thenReturn("ssl-context");
when(sslService.createSSLContext(any(ClientAuth.class))).thenReturn(sslContext);
testRunner.addControllerService("ssl-context", sslService);
testRunner.enableControllerService(sslService);
testRunner.setProperty(AbstractMongoProcessor.URI, "mongodb://localhost:27017");
testRunner.setProperty(AbstractMongoProcessor.SSL_CONTEXT_SERVICE, "ssl-context");
testRunner.assertValid(sslService);
processor.createClient(testRunner.getProcessContext());
assertNotNull(processor.mongoClient);
processor.mongoClient = null;
testRunner.setProperty(AbstractMongoProcessor.CLIENT_AUTH, "WANT");
processor.createClient(testRunner.getProcessContext());
assertNotNull(processor.mongoClient);
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
SSLContext(javax.net.ssl.SSLContext)
ClientAuth(org.apache.nifi.ssl.SSLContextService.ClientAuth)
Test(org.junit.Test)
Example 13 with SSLContextService
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class PutSyslog method customValidate.
@Override
protected Collection<ValidationResult> customValidate(final ValidationContext context) {
final Collection<ValidationResult> results = new ArrayList<>();
final String protocol = context.getProperty(PROTOCOL).getValue();
final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
if (UDP_VALUE.getValue().equals(protocol) && sslContextService != null) {
results.add(new ValidationResult.Builder().explanation("SSL can not be used with UDP").valid(false).subject("SSL Context").build());
}
return results;
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
ArrayList(java.util.ArrayList)
ValidationResult(org.apache.nifi.components.ValidationResult)
Example 14 with SSLContextService
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class PutSyslog method createSender.
protected ChannelSender createSender(final ProcessContext context) throws IOException {
final int port = context.getProperty(PORT).evaluateAttributeExpressions().asInteger();
final String host = context.getProperty(HOSTNAME).evaluateAttributeExpressions().getValue();
final String protocol = context.getProperty(PROTOCOL).getValue();
final int maxSendBuffer = context.getProperty(MAX_SOCKET_SEND_BUFFER_SIZE).evaluateAttributeExpressions().asDataSize(DataUnit.B).intValue();
final int timeout = context.getProperty(TIMEOUT).evaluateAttributeExpressions().asTimePeriod(TimeUnit.MILLISECONDS).intValue();
final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
return createSender(sslContextService, protocol, host, port, maxSendBuffer, timeout);
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
Example 15 with SSLContextService
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class ListenRELP method customValidate.
@Override
protected Collection<ValidationResult> customValidate(final ValidationContext validationContext) {
final List<ValidationResult> results = new ArrayList<>();
final SSLContextService sslContextService = validationContext.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
// Validate CLIENT_AUTH
final String clientAuth = validationContext.getProperty(CLIENT_AUTH).getValue();
if (sslContextService != null && StringUtils.isBlank(clientAuth)) {
results.add(new ValidationResult.Builder().explanation("Client Auth must be provided when using TLS/SSL").valid(false).subject("Client Auth").build());
}
return results;
}
Also used :
SSLContextService(org.apache.nifi.ssl.SSLContextService)
RestrictedSSLContextService(org.apache.nifi.ssl.RestrictedSSLContextService)
ArrayList(java.util.ArrayList)
ValidationResult(org.apache.nifi.components.ValidationResult)
Aggregations
SSLContextService (org.apache.nifi.ssl.SSLContextService)84
SSLContext (javax.net.ssl.SSLContext)29
Test (org.junit.Test)23
StandardSSLContextService (org.apache.nifi.ssl.StandardSSLContextService)22
RestrictedSSLContextService (org.apache.nifi.ssl.RestrictedSSLContextService)18
ArrayList (java.util.ArrayList)12
StandardRestrictedSSLContextService (org.apache.nifi.ssl.StandardRestrictedSSLContextService)12
IOException (java.io.IOException)11
ValidationResult (org.apache.nifi.components.ValidationResult)10
ComponentLog (org.apache.nifi.logging.ComponentLog)9
OnScheduled (org.apache.nifi.annotation.lifecycle.OnScheduled)7
InetSocketAddress (java.net.InetSocketAddress)6
ProcessException (org.apache.nifi.processor.exception.ProcessException)6
Charset (java.nio.charset.Charset)5
InitializationException (org.apache.nifi.reporting.InitializationException)5
MalformedURLException (java.net.MalformedURLException)4
URI (java.net.URI)4
ByteBuffer (java.nio.ByteBuffer)4
ProviderCreationException (org.apache.nifi.authentication.exception.ProviderCreationException)4
PropertyDescriptor (org.apache.nifi.components.PropertyDescriptor)4
