use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class JMSConnectionFactoryProvider method setConnectionFactoryProperties.
/**
* This operation follows standard bean convention by matching property name
* to its corresponding 'setter' method. Once the method was located it is
* invoked to set the corresponding property to a value provided by during
* service configuration. For example, 'channel' property will correspond to
* 'setChannel(..) method and 'queueManager' property will correspond to
* setQueueManager(..) method with a single argument.
* <p>
* There are also few adjustments to accommodate well known brokers. For
* example ActiveMQ ConnectionFactory accepts address of the Message Broker
* in a form of URL while IBMs in the form of host/port pair (more common).
* So this method will use value retrieved from the 'BROKER_URI' static
* property 'as is' if ConnectionFactory implementation is coming from
* ActiveMQ and for all others (for now) the 'BROKER_URI' value will be
* split on ':' and the resulting pair will be used to execute
* setHostName(..) and setPort(..) methods on the provided
* ConnectionFactory. This may need to be maintained and adjusted to
* accommodate other implementation of ConnectionFactory, but only for
* URL/Host/Port issue. All other properties are set as dynamic properties
* where user essentially provides both property name and value, The bean
* convention is also explained in user manual for this component with links
* pointing to documentation of various ConnectionFactories.
*
* @see #setProperty(String, String) method
*/
private void setConnectionFactoryProperties(ConfigurationContext context) {
for (final Entry<PropertyDescriptor, String> entry : context.getProperties().entrySet()) {
PropertyDescriptor descriptor = entry.getKey();
String propertyName = descriptor.getName();
if (descriptor.isDynamic()) {
this.setProperty(propertyName, entry.getValue());
} else {
if (propertyName.equals(BROKER)) {
String brokerValue = context.getProperty(descriptor).evaluateAttributeExpressions().getValue();
if (context.getProperty(CONNECTION_FACTORY_IMPL).evaluateAttributeExpressions().getValue().startsWith("org.apache.activemq")) {
this.setProperty("brokerURL", brokerValue);
} else {
String[] hostPort = brokerValue.split(":");
if (hostPort.length == 2) {
this.setProperty("hostName", hostPort[0]);
this.setProperty("port", hostPort[1]);
} else if (hostPort.length != 2) {
// for tibco
this.setProperty("serverUrl", brokerValue);
} else {
throw new IllegalArgumentException("Failed to parse broker url: " + brokerValue);
}
}
SSLContextService sc = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
if (sc != null) {
SSLContext ssl = sc.createSSLContext(ClientAuth.NONE);
this.setProperty("sSLSocketFactory", ssl.getSocketFactory());
}
}
// ignore 'else', since it's the only non-dynamic property that is relevant to CF configuration
}
}
}
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class ElasticSearchClientServiceImpl method setupClient.
private void setupClient(ConfigurationContext context) throws MalformedURLException, InitializationException {
final String hosts = context.getProperty(HTTP_HOSTS).evaluateAttributeExpressions().getValue();
String[] hostsSplit = hosts.split(",[\\s]*");
this.url = hostsSplit[0];
final SSLContextService sslService = context.getProperty(PROP_SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
final String username = context.getProperty(USERNAME).evaluateAttributeExpressions().getValue();
final String password = context.getProperty(PASSWORD).evaluateAttributeExpressions().getValue();
final Integer connectTimeout = context.getProperty(CONNECT_TIMEOUT).asInteger();
final Integer readTimeout = context.getProperty(SOCKET_TIMEOUT).asInteger();
final Integer retryTimeout = context.getProperty(RETRY_TIMEOUT).asInteger();
HttpHost[] hh = new HttpHost[hostsSplit.length];
for (int x = 0; x < hh.length; x++) {
URL u = new URL(hostsSplit[x]);
hh[x] = new HttpHost(u.getHost(), u.getPort(), u.getProtocol());
}
final SSLContext sslContext;
try {
sslContext = (sslService != null && sslService.isKeyStoreConfigured() && sslService.isTrustStoreConfigured()) ? buildSslContext(sslService) : null;
} catch (IOException | CertificateException | NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException | KeyManagementException e) {
getLogger().error("Error building up SSL Context from the supplied configuration.", e);
throw new InitializationException(e);
}
RestClientBuilder builder = RestClient.builder(hh).setHttpClientConfigCallback(httpClientBuilder -> {
if (sslContext != null) {
httpClientBuilder = httpClientBuilder.setSSLContext(sslContext);
}
if (username != null && password != null) {
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));
httpClientBuilder = httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
}
return httpClientBuilder;
}).setRequestConfigCallback(requestConfigBuilder -> {
requestConfigBuilder.setConnectTimeout(connectTimeout);
requestConfigBuilder.setSocketTimeout(readTimeout);
return requestConfigBuilder;
}).setMaxRetryTimeoutMillis(retryTimeout);
this.client = builder.build();
}
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class AbstractElasticsearchHttpProcessor method createElasticsearchClient.
@Override
protected void createElasticsearchClient(ProcessContext context) throws ProcessException {
okHttpClientAtomicReference.set(null);
OkHttpClient.Builder okHttpClient = new OkHttpClient.Builder();
// Add a proxy if set
final String proxyHost = context.getProperty(PROXY_HOST).evaluateAttributeExpressions().getValue();
final Integer proxyPort = context.getProperty(PROXY_PORT).evaluateAttributeExpressions().asInteger();
if (proxyHost != null && proxyPort != null) {
final Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));
okHttpClient.proxy(proxy);
}
// Set timeouts
okHttpClient.connectTimeout((context.getProperty(CONNECT_TIMEOUT).evaluateAttributeExpressions().asTimePeriod(TimeUnit.MILLISECONDS).intValue()), TimeUnit.MILLISECONDS);
okHttpClient.readTimeout(context.getProperty(RESPONSE_TIMEOUT).evaluateAttributeExpressions().asTimePeriod(TimeUnit.MILLISECONDS).intValue(), TimeUnit.MILLISECONDS);
final SSLContextService sslService = context.getProperty(PROP_SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
final SSLContext sslContext = sslService == null ? null : sslService.createSSLContext(SSLContextService.ClientAuth.NONE);
// check if the ssl context is set and add the factory if so
if (sslContext != null) {
okHttpClient.sslSocketFactory(sslContext.getSocketFactory());
}
okHttpClientAtomicReference.set(okHttpClient.build());
}
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class TestFetchElasticsearch method testSetupSecureClient.
@Test
public void testSetupSecureClient() throws Exception {
FetchElasticsearchTestProcessor processor = new FetchElasticsearchTestProcessor(true);
runner = TestRunners.newTestRunner(processor);
SSLContextService sslService = mock(SSLContextService.class);
when(sslService.getIdentifier()).thenReturn("ssl-context");
runner.addControllerService("ssl-context", sslService);
runner.enableControllerService(sslService);
runner.setProperty(FetchElasticsearch.PROP_SSL_CONTEXT_SERVICE, "ssl-context");
runner.setProperty(AbstractElasticsearchTransportClientProcessor.CLUSTER_NAME, "elasticsearch");
runner.setProperty(AbstractElasticsearchTransportClientProcessor.HOSTS, "127.0.0.1:9300");
runner.setProperty(AbstractElasticsearchTransportClientProcessor.PING_TIMEOUT, "5s");
runner.setProperty(AbstractElasticsearchTransportClientProcessor.SAMPLER_INTERVAL, "5s");
runner.setProperty(FetchElasticsearch.INDEX, "doc");
runner.setProperty(FetchElasticsearch.TYPE, "status");
runner.setValidateExpressionUsage(true);
runner.setProperty(FetchElasticsearch.DOC_ID, "${doc_id}");
// Allow time for the controller service to fully initialize
Thread.sleep(500);
runner.enqueue(docExample, new HashMap<String, String>() {
{
put("doc_id", "28039652140");
}
});
runner.run(1, true, true);
}
use of org.apache.nifi.ssl.SSLContextService in project nifi by apache.
the class TestQueryElasticsearchHttp method testSetupSecureClient.
@Test
public void testSetupSecureClient() throws Exception {
QueryElasticsearchHttpTestProcessor processor = new QueryElasticsearchHttpTestProcessor();
runner = TestRunners.newTestRunner(processor);
SSLContextService sslService = mock(SSLContextService.class);
when(sslService.getIdentifier()).thenReturn("ssl-context");
runner.addControllerService("ssl-context", sslService);
runner.enableControllerService(sslService);
runner.setProperty(QueryElasticsearchHttp.PROP_SSL_CONTEXT_SERVICE, "ssl-context");
runner.setProperty(AbstractElasticsearchHttpProcessor.ES_URL, "http://127.0.0.1:9200");
runner.setProperty(QueryElasticsearchHttp.INDEX, "doc");
runner.setValidateExpressionUsage(true);
runner.setProperty(QueryElasticsearchHttp.QUERY, "${doc_id}");
// Allow time for the controller service to fully initialize
Thread.sleep(500);
runner.enqueue("".getBytes(), new HashMap<String, String>() {
{
put("doc_id", "28039652140");
}
});
runner.run(1, true, true);
}
Aggregations