Search in sources :

Example 21 with SSLContextService

use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.

the class DistributedMapCacheClientService method createCommsSession.

public CommsSession createCommsSession(final ConfigurationContext context) throws IOException {
    final String hostname = context.getProperty(HOSTNAME).getValue();
    final int port = context.getProperty(PORT).asInteger();
    final int timeoutMillis = context.getProperty(COMMUNICATIONS_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue();
    final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
    final CommsSession commsSession;
    if (sslContextService == null) {
        commsSession = new StandardCommsSession(hostname, port, timeoutMillis);
    } else {
        commsSession = new SSLCommsSession(sslContextService.createSSLContext(ClientAuth.REQUIRED), hostname, port, timeoutMillis);
    }
    commsSession.setTimeout(timeoutMillis, TimeUnit.MILLISECONDS);
    return commsSession;
}
Also used : SSLContextService(org.apache.nifi.ssl.SSLContextService)

Example 22 with SSLContextService

use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.

the class JettyWebSocketClient method startClient.

@OnEnabled
@Override
public void startClient(final ConfigurationContext context) throws Exception {
    final SSLContextService sslService = context.getProperty(SSL_CONTEXT).asControllerService(SSLContextService.class);
    SslContextFactory sslContextFactory = null;
    if (sslService != null) {
        sslContextFactory = createSslFactory(sslService, false, false);
    }
    client = new WebSocketClient(sslContextFactory);
    configurePolicy(context, client.getPolicy());
    client.start();
    activeSessions.clear();
    webSocketUri = new URI(context.getProperty(WS_URI).getValue());
    connectionTimeoutMillis = context.getProperty(CONNECTION_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS);
    final Long sessionMaintenanceInterval = context.getProperty(SESSION_MAINTENANCE_INTERVAL).asTimePeriod(TimeUnit.MILLISECONDS);
    sessionMaintenanceScheduler = Executors.newSingleThreadScheduledExecutor();
    sessionMaintenanceScheduler.scheduleAtFixedRate(() -> {
        try {
            maintainSessions();
        } catch (final Exception e) {
            getLogger().warn("Failed to maintain sessions due to {}", new Object[] { e }, e);
        }
    }, sessionMaintenanceInterval, sessionMaintenanceInterval, TimeUnit.MILLISECONDS);
}
Also used : SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SSLContextService(org.apache.nifi.ssl.SSLContextService) WebSocketClient(org.eclipse.jetty.websocket.client.WebSocketClient) URI(java.net.URI) WebSocketConfigurationException(org.apache.nifi.websocket.WebSocketConfigurationException) IOException(java.io.IOException) OnEnabled(org.apache.nifi.annotation.lifecycle.OnEnabled)

Example 23 with SSLContextService

use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.

the class TestListenHTTP method testSecureInvalidSSLConfiguration.

@Test
public void testSecureInvalidSSLConfiguration() throws Exception {
    SSLContextService sslContextService = configureInvalidProcessorSslContextService();
    runner.setProperty(sslContextService, StandardSSLContextService.SSL_ALGORITHM, "TLSv1.2");
    runner.enableControllerService(sslContextService);
    runner.setProperty(ListenHTTP.PORT, HTTP_SERVER_PORT_EL);
    runner.setProperty(ListenHTTP.BASE_PATH, HTTP_SERVER_BASEPATH_EL);
    runner.assertNotValid();
}
Also used : StandardRestrictedSSLContextService(org.apache.nifi.ssl.StandardRestrictedSSLContextService) SSLContextService(org.apache.nifi.ssl.SSLContextService) StandardSSLContextService(org.apache.nifi.ssl.StandardSSLContextService) Test(org.junit.Test)

Example 24 with SSLContextService

use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.

the class TestListenTCP method configureProcessorSslContextService.

private SSLContextService configureProcessorSslContextService() throws InitializationException {
    final SSLContextService sslContextService = new StandardRestrictedSSLContextService();
    runner.addControllerService("ssl-context", sslContextService);
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE, "src/test/resources/localhost-ts.jks");
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE_PASSWORD, "localtest");
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE_TYPE, "JKS");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE, "src/test/resources/localhost-ks.jks");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE_PASSWORD, "localtest");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE_TYPE, "JKS");
    runner.enableControllerService(sslContextService);
    runner.setProperty(ListenTCP.SSL_CONTEXT_SERVICE, "ssl-context");
    return sslContextService;
}
Also used : StandardSSLContextService(org.apache.nifi.ssl.StandardSSLContextService) StandardRestrictedSSLContextService(org.apache.nifi.ssl.StandardRestrictedSSLContextService) SSLContextService(org.apache.nifi.ssl.SSLContextService) StandardRestrictedSSLContextService(org.apache.nifi.ssl.StandardRestrictedSSLContextService)

Example 25 with SSLContextService

use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.

the class TestListenTCPRecord method configureProcessorSslContextService.

private SSLContextService configureProcessorSslContextService() throws InitializationException {
    final SSLContextService sslContextService = new StandardRestrictedSSLContextService();
    runner.addControllerService("ssl-context", sslContextService);
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE, "src/test/resources/localhost-ts.jks");
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE_PASSWORD, "localtest");
    runner.setProperty(sslContextService, StandardSSLContextService.TRUSTSTORE_TYPE, "JKS");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE, "src/test/resources/localhost-ks.jks");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE_PASSWORD, "localtest");
    runner.setProperty(sslContextService, StandardSSLContextService.KEYSTORE_TYPE, "JKS");
    runner.enableControllerService(sslContextService);
    runner.setProperty(ListenTCPRecord.SSL_CONTEXT_SERVICE, "ssl-context");
    return sslContextService;
}
Also used : StandardSSLContextService(org.apache.nifi.ssl.StandardSSLContextService) StandardRestrictedSSLContextService(org.apache.nifi.ssl.StandardRestrictedSSLContextService) SSLContextService(org.apache.nifi.ssl.SSLContextService) StandardRestrictedSSLContextService(org.apache.nifi.ssl.StandardRestrictedSSLContextService)

Aggregations

SSLContextService (org.apache.nifi.ssl.SSLContextService)84 SSLContext (javax.net.ssl.SSLContext)29 Test (org.junit.Test)23 StandardSSLContextService (org.apache.nifi.ssl.StandardSSLContextService)22 RestrictedSSLContextService (org.apache.nifi.ssl.RestrictedSSLContextService)18 ArrayList (java.util.ArrayList)12 StandardRestrictedSSLContextService (org.apache.nifi.ssl.StandardRestrictedSSLContextService)12 IOException (java.io.IOException)11 ValidationResult (org.apache.nifi.components.ValidationResult)10 ComponentLog (org.apache.nifi.logging.ComponentLog)9 OnScheduled (org.apache.nifi.annotation.lifecycle.OnScheduled)7 InetSocketAddress (java.net.InetSocketAddress)6 ProcessException (org.apache.nifi.processor.exception.ProcessException)6 Charset (java.nio.charset.Charset)5 InitializationException (org.apache.nifi.reporting.InitializationException)5 MalformedURLException (java.net.MalformedURLException)4 URI (java.net.URI)4 ByteBuffer (java.nio.ByteBuffer)4 ProviderCreationException (org.apache.nifi.authentication.exception.ProviderCreationException)4 PropertyDescriptor (org.apache.nifi.components.PropertyDescriptor)4