[jira] [Updated] (NIFI-13296) Deprecate Kerberos SPNEGO Authentication for Removal
[ https://issues.apache.org/jira/browse/NIFI-13296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-13296: Status: Patch Available (was: Open) > Deprecate Kerberos SPNEGO Authentication for Removal > > > Key: NIFI-13296 > URL: https://issues.apache.org/jira/browse/NIFI-13296 > Project: Apache NiFi > Issue Type: Improvement >Reporter: David Handermann >Assignee: David Handermann >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > NiFi 0.6.0 added Kerberos authentication with > [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] as a framework feature based on > Spring Security Kerberos. Although Spring Security Kerberos continues to be > maintained, SPNEGO authentication is not common, requiring specialized > [client browser > configuration|https://docs.spring.io/spring-security-kerberos/docs/current/reference/html/browserspnegoconfig.html] > for access. As noted in the linked instructions, popular web browsers do not > support SPNEGO in the default configuration, and Google Chrome requires > either a custom policy or launch from the command line with arguments that > list permitted DNS names. > Based on these considerations, and in light of more common Single Sign-On > strategies using OpenID Connect and SAML 2, NiFi framework support for > Kerberos authentication with SPNEGO should be deprecated for subsequent > removal in NiFi 2. > This deprecation should not impact the Kerberos Login Identity Provider, > which continues to support username and password authentication based on the > form-based login process. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13297) Remove Kerberos SPNEGO Authentication
[ https://issues.apache.org/jira/browse/NIFI-13297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-13297: Status: Patch Available (was: Open) > Remove Kerberos SPNEGO Authentication > - > > Key: NIFI-13297 > URL: https://issues.apache.org/jira/browse/NIFI-13297 > Project: Apache NiFi > Issue Type: Improvement >Reporter: David Handermann >Assignee: David Handermann >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > As described in NIFI-13296, authentication with Kerberos using > [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] should be removed from the main > branch for NiFi 2. > The Kerberos Login Identity Provider should be considered separately, and > could be maintained indepently without impacting NiFi framework capabilities. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[PR] NIFI-13297 Remove Kerberos SPENGO Authentication [nifi]
exceptionfactory opened a new pull request, #8879: URL: https://github.com/apache/nifi/pull/8879 # Summary [NIFI-13297](https://issues.apache.org/jira/browse/NIFI-13297) Removes framework support for Kerberos SPNEGO authentication from the main branch for NiFi 2, along with supporting application properties. [NIFI-13296](https://issues.apache.org/jira/browse/NIFI-13296) Deprecates Kerberos SPNEGO authentication for removal and provides additional background. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-0` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-0` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [X] Build completed using `mvn clean install -P contrib-check` - [X] JDK 21 ### UI Contributions - [ ] NiFi is modernizing its UI. Any contributions that update the [current UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui) also need to be implemented in the [new UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi). ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] NIFI-13296 Deprecate Kerberos SPNEGO Authentication [nifi]
exceptionfactory opened a new pull request, #8878: URL: https://github.com/apache/nifi/pull/8878 # Summary [NIFI-13296](https://issues.apache.org/jira/browse/NIFI-13296) Deprecates Kerberos [SPNEGO](https://en.wikipedia.org/wiki/SPNEGO) authentication for subsequent removal in NiFi 2. This deprecation applies to framework-level configuration as opposed to username and password-based authentication using the Kerberos Login Identity Provider. Kerberos SPNEGO authentication requires non-standard [client browser configuration](https://docs.spring.io/spring-security-kerberos/docs/current/reference/html/browserspnegoconfig.html) that is specific to particular host addresses, whereas standards-based Single Sign-On integration using OpenID Connect or SAML 2 does not have similar constraints. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-0` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-0` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [X] Build completed using `mvn clean install -P contrib-check` - [ ] JDK 21 ### UI Contributions - [ ] NiFi is modernizing its UI. Any contributions that update the [current UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui) also need to be implemented in the [new UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi). ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (NIFI-13299) Prevent negative numbers in concurrent tasks
Matt Gilman created NIFI-13299: -- Summary: Prevent negative numbers in concurrent tasks Key: NIFI-13299 URL: https://issues.apache.org/jira/browse/NIFI-13299 Project: Apache NiFi Issue Type: Sub-task Components: Core UI Reporter: Matt Gilman For inputs like concurrent tasks we know that negative values are not allowed. We should prevent them before the user can submit the form. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (NIFI-13298) Remove unused instantiated java.util.HashSet from RouteAttribute
Daniel Stieglitz created NIFI-13298: --- Summary: Remove unused instantiated java.util.HashSet from RouteAttribute Key: NIFI-13298 URL: https://issues.apache.org/jira/browse/NIFI-13298 Project: Apache NiFi Issue Type: Improvement Reporter: Daniel Stieglitz Assignee: Daniel Stieglitz In RouteOnAttribute on line 352 a set is instantiated final Set clones = new HashSet<>(); and on line 358 its populated clones.add(cloneFlowFile); Yet after that nothing is done with it (per Intellij it is updated but never queried). This should removed as it is not serving any purpose. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (NIFI-13297) Remove Kerberos SPNEGO Authentication
David Handermann created NIFI-13297: --- Summary: Remove Kerberos SPNEGO Authentication Key: NIFI-13297 URL: https://issues.apache.org/jira/browse/NIFI-13297 Project: Apache NiFi Issue Type: Improvement Reporter: David Handermann Assignee: David Handermann As described in NIFI-13296, authentication with Kerberos using [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] should be removed from the main branch for NiFi 2. The Kerberos Login Identity Provider should be considered separately, and could be maintained indepently without impacting NiFi framework capabilities. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (NIFI-13296) Deprecate Kerberos SPNEGO Authentication for Removal
David Handermann created NIFI-13296: --- Summary: Deprecate Kerberos SPNEGO Authentication for Removal Key: NIFI-13296 URL: https://issues.apache.org/jira/browse/NIFI-13296 Project: Apache NiFi Issue Type: Improvement Reporter: David Handermann Assignee: David Handermann NiFi 0.6.0 added Kerberos authentication with [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] as a framework feature based on Spring Security Kerberos. Although Spring Security Kerberos continues to be maintained, SPNEGO authentication is not common, requiring specialized [client browser configuration|https://docs.spring.io/spring-security-kerberos/docs/current/reference/html/browserspnegoconfig.html] for access. As noted in the linked instructions, popular web browsers do not support SPNEGO in the default configuration, and Google Chrome requires either a custom policy or launch from the command line with arguments that list permitted DNS names. Based on these considerations, and in light of more common Single Sign-On strategies using OpenID Connect and SAML 2, NiFi framework support for Kerberos authentication with SPNEGO should be deprecated for subsequent removal in NiFi 2. This deprecation should not impact the Kerberos Login Identity Provider, which continues to support username and password authentication based on the form-based login process. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13270) Selected tab is not saved
[ https://issues.apache.org/jira/browse/NIFI-13270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman updated NIFI-13270: --- Status: Patch Available (was: In Progress) > Selected tab is not saved > - > > Key: NIFI-13270 > URL: https://issues.apache.org/jira/browse/NIFI-13270 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Julien G. >Assignee: Matt Gilman >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > In a component such as a processor, when we select the Properties tab, the > selection was saved in the previous UI, so when we switch to another > processor, we don't need to select the tab again. In the new UI, we have to > select it again each time. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (NIFI-13270) Selected tab is not saved
[ https://issues.apache.org/jira/browse/NIFI-13270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman reassigned NIFI-13270: -- Assignee: Matt Gilman > Selected tab is not saved > - > > Key: NIFI-13270 > URL: https://issues.apache.org/jira/browse/NIFI-13270 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Julien G. >Assignee: Matt Gilman >Priority: Major > > In a component such as a processor, when we select the Properties tab, the > selection was saved in the previous UI, so when we switch to another > processor, we don't need to select the tab again. In the new UI, we have to > select it again each time. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13295) Remove Apache Knox SSO Integration
[
https://issues.apache.org/jira/browse/NIFI-13295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-13295:
Status: Patch Available (was: Open)
> Remove Apache Knox SSO Integration
> --
>
> Key: NIFI-13295
> URL: https://issues.apache.org/jira/browse/NIFI-13295
> Project: Apache NiFi
> Issue Type: Improvement
>Reporter: David Handermann
>Assignee: David Handermann
>Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> As described in NIFI-13294, custom Single Sign-On integration with Apache
> Knox based on JSON Web Tokens and custom public key verification should be
> removed from the main branch. [Proxy
> access|https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI]
> through Apache Knox should remain supported through the non-product-specific
> {{X-ProxiedEntitiesChain}} HTTP header strategy with X.509 client
> certificates.
> OpenID Connect and SAML 2 integration continue to provide standards-based
> Single Sign-On solutions, obviating the need for custom cookie-based token
> communication and verification.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (NIFI-13294) Deprecate Apache Knox SSO Integration for Removal
[
https://issues.apache.org/jira/browse/NIFI-13294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-13294:
Status: Patch Available (was: Open)
> Deprecate Apache Knox SSO Integration for Removal
> -
>
> Key: NIFI-13294
> URL: https://issues.apache.org/jira/browse/NIFI-13294
> Project: Apache NiFi
> Issue Type: Improvement
>Reporter: David Handermann
>Assignee: David Handermann
>Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> NiFi 1.4.0 introduced support for authentication with Apache Knox [Single
> Sign-On|https://knox.apache.org/books/knox-1-6-0/user-guide.html#SSO+Cookie+Provider]
> based on JSON Web Tokens provided through a cookie and verified using a
> configurable public key.
> Separate from Apache Knox SSO authentication, Apache Knox itself provides
> [gateway
> access|https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI] as a
> proxy using the {{X-ProxiedEntitiesChain}} HTTP Header. Proxy access should
> remain supported as it is part of the X.509 client certificate authentication
> strategy. Deployment patterns based on Apache Knox gateway access work
> without any features or configuration properties specific to Knox.
> With the implementation of standards-based Single Sign-On using OpenID
> Connect and SAML 2, custom cookie-based SSO with Apache Knox should be
> deprecated for removal.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[PR] NIFI-13295 Remove Apache Knox SSO Authentication [nifi]
exceptionfactory opened a new pull request, #8876: URL: https://github.com/apache/nifi/pull/8876 # Summary [NIFI-13295](https://issues.apache.org/jira/browse/NIFI-13295) Removes Apache Knox [Single Sign-On](https://knox.apache.org/books/knox-1-6-0/user-guide.html#SSO+Cookie+Provider) authentication from the main branch for NiFi 2. OpenID Connect and SAML 2 integration provide standards-based SSO without reference to particular identity providers. This removal does not impact Apache Knox [proxy gateway access](https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI) to NiFi, which continues to be supported using X.509 client certificates and the `X-ProxiedEntitiesChain` HTTP header. Removed code includes NiFi properties specific to Apache Knox SSO and REST API methods used for processing Knox tokens. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-0` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-0` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [X] Build completed using `mvn clean install -P contrib-check` - [X] JDK 21 ### UI Contributions - [ ] NiFi is modernizing its UI. Any contributions that update the [current UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui) also need to be implemented in the [new UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi). ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] NIFI-11858 Configurable Column Name Normalization in PutDatabaseRecord and UpdateDatabaseTable [nifi]
mattyb149 commented on PR #7544: URL: https://github.com/apache/nifi/pull/7544#issuecomment-2130235297 The checkstyle rules were recently made more stringent, looks like this needs another rebase and please run your Maven build with the `contrib-check` profile activated. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] NIFI-13294 Deprecate Apache Knox SSO Authentication [nifi]
exceptionfactory opened a new pull request, #8875: URL: https://github.com/apache/nifi/pull/8875 # Summary [NIFI-13294](https://issues.apache.org/jira/browse/NIFI-13294) Deprecates Apache Knox [Single Sign-On](https://knox.apache.org/books/knox-1-6-0/user-guide.html#SSO+Cookie+Provider) authentication for subsequent removal in NiFi 2. OpenID Connect and SAML 2 integration provide standards-based SSO without reference to particular identity providers. This deprecation does not impact Apache Knox [proxy gateway access](https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI) to NiFi, which continues to be supported using X.509 client certificates and the `X-ProxiedEntitiesChain` HTTP header. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-0` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-0` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [ ] Build completed using `mvn clean install -P contrib-check` - [ ] JDK 21 ### UI Contributions - [ ] NiFi is modernizing its UI. Any contributions that update the [current UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui) also need to be implemented in the [new UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi). ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (NIFI-13295) Remove Apache Knox SSO Integration
David Handermann created NIFI-13295:
---
Summary: Remove Apache Knox SSO Integration
Key: NIFI-13295
URL: https://issues.apache.org/jira/browse/NIFI-13295
Project: Apache NiFi
Issue Type: Improvement
Reporter: David Handermann
Assignee: David Handermann
As described in NIFI-13294, custom Single Sign-On integration with Apache Knox
based on JSON Web Tokens and custom public key verification should be removed
from the main branch. [Proxy
access|https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI]
through Apache Knox should remain supported through the non-product-specific
{{X-ProxiedEntitiesChain}} HTTP header strategy with X.509 client certificates.
OpenID Connect and SAML 2 integration continue to provide standards-based
Single Sign-On solutions, obviating the need for custom cookie-based token
communication and verification.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (NIFI-13294) Deprecate Apache Knox SSO Integration for Removal
David Handermann created NIFI-13294:
---
Summary: Deprecate Apache Knox SSO Integration for Removal
Key: NIFI-13294
URL: https://issues.apache.org/jira/browse/NIFI-13294
Project: Apache NiFi
Issue Type: Improvement
Reporter: David Handermann
Assignee: David Handermann
NiFi 1.4.0 introduced support for authentication with Apache Knox [Single
Sign-On|https://knox.apache.org/books/knox-1-6-0/user-guide.html#SSO+Cookie+Provider]
based on JSON Web Tokens provided through a cookie and verified using a
configurable public key.
Separate from Apache Knox SSO authentication, Apache Knox itself provides
[gateway
access|https://knox.apache.org/books/knox-1-6-0/user-guide.html#Nifi+UI] as a
proxy using the {{X-ProxiedEntitiesChain}} HTTP Header. Proxy access should
remain supported as it is part of the X.509 client certificate authentication
strategy. Deployment patterns based on Apache Knox gateway access work without
any features or configuration properties specific to Knox.
With the implementation of standards-based Single Sign-On using OpenID Connect
and SAML 2, custom cookie-based SSO with Apache Knox should be deprecated for
removal.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Resolved] (NIFI-4586) Wrong URI can be created by ApplicationResource when X-Proxy and X-Forwarded headers exist in the request
[ https://issues.apache.org/jira/browse/NIFI-4586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann resolved NIFI-4586. Resolution: Cannot Reproduce > Wrong URI can be created by ApplicationResource when X-Proxy and X-Forwarded > headers exist in the request > - > > Key: NIFI-4586 > URL: https://issues.apache.org/jira/browse/NIFI-4586 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework >Affects Versions: 1.4.0 >Reporter: Jeff Storck >Assignee: Jeff Storck >Priority: Critical > > While testing support for Knox proxying to a secure NiFi cluster, I was > unable to modify/move components after creating them. This is being caused > by behavior in ApplicationResource#generateResourceUri, which attempts to get > the first header value in the request between the X-Proxy* and X-Forwarded* > headers. > If the request has both sets of headers, the code will prioritize the > X-Proxy* headers, and will generate the URI with those values. Since Knox > sets the X-Forwarded* headers, if the X-Proxy* headers are on the request, > the headers supplied by Knox will be ignored. > The NiFi UI will then attempt to access the URI generated with the X-Proxied* > header values. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (NIFI-5602) Enable user authentication with Apache Knox
[ https://issues.apache.org/jira/browse/NIFI-5602?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann resolved NIFI-5602. Resolution: Won't Fix > Enable user authentication with Apache Knox > > > Key: NIFI-5602 > URL: https://issues.apache.org/jira/browse/NIFI-5602 > Project: Apache NiFi > Issue Type: Sub-task >Reporter: Sarthak >Priority: Major > > Enable user authentication with Apache Knox -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (NIFI-4430) Investigate Apache Knox SSO Logout
[ https://issues.apache.org/jira/browse/NIFI-4430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann resolved NIFI-4430. Resolution: Won't Fix > Investigate Apache Knox SSO Logout > -- > > Key: NIFI-4430 > URL: https://issues.apache.org/jira/browse/NIFI-4430 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework >Reporter: Matt Gilman >Priority: Minor > > Currently, when integrating with Knox for SSO a cookie is added during the > login sequence. This cookie is validated to authenticate the user in NiFi. We > should investigate if and how we should offer a logout option for the end > user. > - Should logout be a Knox function? > - Should we remove the cookie that Knox generated? > - Do we need to invoke any function in Knox to complete the logout? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (NIFI-4986) Knox SSO token expiry handling (NiFi + Knox + SSO)
[ https://issues.apache.org/jira/browse/NIFI-4986?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann resolved NIFI-4986. Resolution: Won't Fix > Knox SSO token expiry handling (NiFi + Knox + SSO) > -- > > Key: NIFI-4986 > URL: https://issues.apache.org/jira/browse/NIFI-4986 > Project: Apache NiFi > Issue Type: Bug > Components: Core UI >Affects Versions: 1.5.0 >Reporter: Jeff Storck >Priority: Major > > When NiFi is proxied through Knox using the SSOCookieProvider, the NiFi UI > can not determine when the Knox SSO token has expired. > The NiFI UI attempts to make API calls through Knox via XHRs > (XMLHttpRequests), which end up receiving the Knox SSO login page as the > response if the Knox SSO token has expired. Knox will be patched for this > via [https://issues.apache.org/jira/browse/KNOX-1210|KNOX-1210], and a 401 > will be returned by the call to Knox if the token has expired. > The NiFi UI will need a way to allow the user to log in through the KnoxSSO > again after receiving a 401 in this scenario. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13285) Fit on Enter PG
[ https://issues.apache.org/jira/browse/NIFI-13285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman updated NIFI-13285: --- Status: Patch Available (was: In Progress) > Fit on Enter PG > --- > > Key: NIFI-13285 > URL: https://issues.apache.org/jira/browse/NIFI-13285 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Matt Gilman >Assignee: Matt Gilman >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > When navigating into a PG where there is no saved viewport position we should > consider executing a fit action so that flow is shown centered on the canvas. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13293) Upgrade Spring Security to 6.3.0
[ https://issues.apache.org/jira/browse/NIFI-13293?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-13293: Status: Patch Available (was: Open) > Upgrade Spring Security to 6.3.0 > > > Key: NIFI-13293 > URL: https://issues.apache.org/jira/browse/NIFI-13293 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework >Reporter: David Handermann >Assignee: David Handermann >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Spring Security dependencies should be upgraded to > [6.3.0|https://github.com/spring-projects/spring-security/releases/tag/6.3.0] > to incorporate various bug fixes and feature improvements. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[PR] NIFI-13293 Upgrade Spring Security from 6.2.4 to 6.3.0 [nifi]
exceptionfactory opened a new pull request, #8873: URL: https://github.com/apache/nifi/pull/8873 # Summary [NIFI-13293](https://issues.apache.org/jira/browse/NIFI-13293) Upgrades Spring Security dependencies from 6.2.4 to [6.3.0](https://github.com/spring-projects/spring-security/releases/tag/6.3.0) incorporating bug fixes and feature improvements. # Tracking Please complete the following tracking steps prior to pull request creation. ### Issue Tracking - [X] [Apache NiFi Jira](https://issues.apache.org/jira/browse/NIFI) issue created ### Pull Request Tracking - [X] Pull Request title starts with Apache NiFi Jira issue number, such as `NIFI-0` - [X] Pull Request commit message starts with Apache NiFi Jira issue number, as such `NIFI-0` ### Pull Request Formatting - [X] Pull Request based on current revision of the `main` branch - [X] Pull Request refers to a feature branch with one commit containing changes # Verification Please indicate the verification steps performed prior to pull request creation. ### Build - [X] Build completed using `mvn clean install -P contrib-check` - [X] JDK 21 ### UI Contributions - [ ] NiFi is modernizing its UI. Any contributions that update the [current UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui) also need to be implemented in the [new UI](https://github.com/apache/nifi/tree/main/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi). ### Licensing - [ ] New dependencies are compatible with the [Apache License 2.0](https://apache.org/licenses/LICENSE-2.0) according to the [License Policy](https://www.apache.org/legal/resolved.html) - [ ] New dependencies are documented in applicable `LICENSE` and `NOTICE` files ### Documentation - [ ] Documentation formatting appears as expected in rendered files -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (NIFI-13293) Upgrade Spring Security to 6.3.0
David Handermann created NIFI-13293: --- Summary: Upgrade Spring Security to 6.3.0 Key: NIFI-13293 URL: https://issues.apache.org/jira/browse/NIFI-13293 Project: Apache NiFi Issue Type: Improvement Components: Core Framework Reporter: David Handermann Assignee: David Handermann Spring Security dependencies should be upgraded to [6.3.0|https://github.com/spring-projects/spring-security/releases/tag/6.3.0] to incorporate various bug fixes and feature improvements. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (NIFI-13285) Fit on Enter PG
[ https://issues.apache.org/jira/browse/NIFI-13285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman reassigned NIFI-13285: -- Assignee: Matt Gilman > Fit on Enter PG > --- > > Key: NIFI-13285 > URL: https://issues.apache.org/jira/browse/NIFI-13285 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Matt Gilman >Assignee: Matt Gilman >Priority: Major > > When navigating into a PG where there is no saved viewport position we should > consider executing a fit action so that flow is shown centered on the canvas. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13286) Empty All Queues issues
[ https://issues.apache.org/jira/browse/NIFI-13286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman updated NIFI-13286: --- Status: Patch Available (was: In Progress) > Empty All Queues issues > --- > > Key: NIFI-13286 > URL: https://issues.apache.org/jira/browse/NIFI-13286 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Matt Gilman >Assignee: Matt Gilman >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Empty All Queues should conditionally reload the current PG or the selected > child PG depending on the subject of the action. Currently, the action > assumes it's being executed on the current PG. We should identify when its > not the current PG and just reload the child PG. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13290) Dialog close on route navigation causes extra selection route to fire and browser history to be removed
[ https://issues.apache.org/jira/browse/NIFI-13290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman updated NIFI-13290: --- Status: Patch Available (was: In Progress) > Dialog close on route navigation causes extra selection route to fire and > browser history to be removed > --- > > Key: NIFI-13290 > URL: https://issues.apache.org/jira/browse/NIFI-13290 > Project: Apache NiFi > Issue Type: Sub-task >Reporter: Scott Aslan >Assignee: Matt Gilman >Priority: Major > Attachments: Kapture 2024-05-22 at 17.24.17.gif, example2.gif > > Time Spent: 10m > Remaining Estimate: 0h > > https://github.com/apache/nifi/pull/8859#discussion_r1612046025 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (NIFI-13286) Empty All Queues issues
[ https://issues.apache.org/jira/browse/NIFI-13286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman reassigned NIFI-13286: -- Assignee: Matt Gilman > Empty All Queues issues > --- > > Key: NIFI-13286 > URL: https://issues.apache.org/jira/browse/NIFI-13286 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core UI >Reporter: Matt Gilman >Assignee: Matt Gilman >Priority: Major > > Empty All Queues should conditionally reload the current PG or the selected > child PG depending on the subject of the action. Currently, the action > assumes it's being executed on the current PG. We should identify when its > not the current PG and just reload the child PG. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (NIFI-13265) Remove the instantiation of Object arrays for arguments in ComponentLog log and org.slf4j.Logger statements
[ https://issues.apache.org/jira/browse/NIFI-13265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Stieglitz updated NIFI-13265: Summary: Remove the instantiation of Object arrays for arguments in ComponentLog log and org.slf4j.Logger statements (was: Remove the instantiation of Object arrays for arguments in ComponentLog log statements) > Remove the instantiation of Object arrays for arguments in ComponentLog log > and org.slf4j.Logger statements > --- > > Key: NIFI-13265 > URL: https://issues.apache.org/jira/browse/NIFI-13265 > Project: Apache NiFi > Issue Type: Improvement >Reporter: Daniel Stieglitz >Assignee: Daniel Stieglitz >Priority: Minor > > There are still classes after the changes in NIFI-12075 and NIFI-12076 which > instantiate an Object array for ComponentLog log statements. This ticket aims > to remove those instantiations. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (NIFI-13292) PutBigQuery error on loading CSV file with date fields
Sean Petrie created NIFI-13292:
--
Summary: PutBigQuery error on loading CSV file with date fields
Key: NIFI-13292
URL: https://issues.apache.org/jira/browse/NIFI-13292
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 2.0.0-M3
Reporter: Sean Petrie
When loading BQ tables with CSV files that contains Date fields, I'm getting
the following error;
{code:java}
[APP] 2024-05-24 14:54:52,826 ERROR [Timer-Driven Process Thread-3]
org.apache.nifi.processors.gcp.bigquery.PutBigQuery
PutBigQuery[id=a2093387-018f-1000--bc7e5d2d] Stream processing failed
java.lang.IllegalArgumentException: Wrong object type used with protocol
message reflection. Field number: 3, field java type: INT, value type:
java.lang.String at
com.google.protobuf.FieldSet$Builder.verifyType(FieldSet.java:1255) at
com.google.protobuf.FieldSet$Builder.setField(FieldSet.java:1122) at
com.google.protobuf.DynamicMessage$Builder.setField(DynamicMessage.java:546) at
org.apache.nifi.processors.gcp.bigquery.proto.ProtoUtils.setField(ProtoUtils.java:111)
at
org.apache.nifi.processors.gcp.bigquery.proto.ProtoUtils.createMessage(ProtoUtils.java:98)
at
org.apache.nifi.processors.gcp.bigquery.PutBigQuery.recordToProtoMessage(PutBigQuery.java:285)
at
org.apache.nifi.processors.gcp.bigquery.PutBigQuery.writeRecordsToStream(PutBigQuery.java:259)
at
org.apache.nifi.processors.gcp.bigquery.PutBigQuery.onTrigger(PutBigQuery.java:243)
at
org.apache.nifi.processor.AbstractProcessor.onTrigger(AbstractProcessor.java:27)
at
org.apache.nifi.controller.StandardProcessorNode.onTrigger(StandardProcessorNode.java:1274)
at
org.apache.nifi.controller.tasks.ConnectableTask.invoke(ConnectableTask.java:244)
at
org.apache.nifi.controller.scheduling.AbstractTimeBasedSchedulingAgent.lambda$doScheduleOnce$0(AbstractTimeBasedSchedulingAgent.java:59)
at org.apache.nifi.engine.FlowEngine$2.run(FlowEngine.java:110) at
java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) at
java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1583)
{code}
Field 3 for this file is actually a date field with "MM/dd/" format which
is also set the same in CSVReader. The BigQuery table also has that feild set
as DATE.
Thanks.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NIFI-13265) Remove the instantiation of Object arrays for arguments in ComponentLog log statements
[ https://issues.apache.org/jira/browse/NIFI-13265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849333#comment-17849333 ] David Handermann commented on NIFI-13265: - Yes, this should be applicable to all SLF4J Logger calls. > Remove the instantiation of Object arrays for arguments in ComponentLog log > statements > -- > > Key: NIFI-13265 > URL: https://issues.apache.org/jira/browse/NIFI-13265 > Project: Apache NiFi > Issue Type: Improvement >Reporter: Daniel Stieglitz >Assignee: Daniel Stieglitz >Priority: Minor > > There are still classes after the changes in NIFI-12075 and NIFI-12076 which > instantiate an Object array for ComponentLog log statements. This ticket aims > to remove those instantiations. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (NIFI-13265) Remove the instantiation of Object arrays for arguments in ComponentLog log statements
[ https://issues.apache.org/jira/browse/NIFI-13265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849331#comment-17849331 ] Daniel Stieglitz commented on NIFI-13265: - [~exceptionfactory] Can the same fix be applied for all the org.slf4j.Logger statements? Intellij is also indicating for their log statements an unnecessary creation of an Object[] for their arguments? > Remove the instantiation of Object arrays for arguments in ComponentLog log > statements > -- > > Key: NIFI-13265 > URL: https://issues.apache.org/jira/browse/NIFI-13265 > Project: Apache NiFi > Issue Type: Improvement >Reporter: Daniel Stieglitz >Assignee: Daniel Stieglitz >Priority: Minor > > There are still classes after the changes in NIFI-12075 and NIFI-12076 which > instantiate an Object array for ComponentLog log statements. This ticket aims > to remove those instantiations. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] NIFI-13289 Add tooltip to NewCanvas item [nifi]
zeevo commented on code in PR #8870:
URL: https://github.com/apache/nifi/pull/8870#discussion_r1613638267
##
nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/pages/flow-designer/ui/canvas/header/new-canvas-item/new-canvas-item.component.ts:
##
@@ -25,19 +25,33 @@ import { selectDragging } from
'../../../../state/flow/flow.selectors';
import { takeUntilDestroyed } from '@angular/core/rxjs-interop';
import { ComponentType } from '../../../../../../state/shared';
import { CanvasView } from '../../../../service/canvas-view.service';
+import { NifiTooltipDirective } from
'../../../../../../ui/common/tooltips/nifi-tooltip.directive';
+import { TextTip } from
'../../../../../../ui/common/tooltips/text-tip/text-tip.component';
+import { ConnectedPosition } from '@angular/cdk/overlay';
@Component({
selector: 'new-canvas-item',
standalone: true,
templateUrl: './new-canvas-item.component.html',
-imports: [CdkDrag],
+imports: [CdkDrag, NifiTooltipDirective],
styleUrls: ['./new-canvas-item.component.scss']
})
export class NewCanvasItem {
@Input() type!: ComponentType;
@Input() iconClass = '';
@Input() iconHoverClass = '';
@Input() disabled = false;
+@Input() tooltip = '';
+
+protected readonly TextTip = TextTip;
+
+tooltipPosition: ConnectedPosition = {
+originX: 'center', // maybe start?
Review Comment:
I need to remove this comment
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (NIFI-13231) Update GitHubFlowRegistryClient to generate App Installation Token
[ https://issues.apache.org/jira/browse/NIFI-13231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17849309#comment-17849309 ] David Handermann commented on NIFI-13231: - Thanks [~vanshchaudhary]. If you have any questions during the implementation, feel free to raise here, otherwise I can review the pull request when you have it ready. The GitHub API library includes a [JWTTokenProvider|https://github.com/hub4j/github-api/blob/main/src/main/java/org/kohsuke/github/extras/authorization/JWTTokenProvider.java] that handles the process of generating a JWT from an Application ID and Private Key, so that should be helpful. As documented in that class, it does not perform any kind of caching, but it does incorporate time-based validity checking, so it should be possible to create an use an instance of the class in the GitHub Flow Registry Client. > Update GitHubFlowRegistryClient to generate App Installation Token > -- > > Key: NIFI-13231 > URL: https://issues.apache.org/jira/browse/NIFI-13231 > Project: Apache NiFi > Issue Type: Improvement >Affects Versions: 2.0.0-M3 >Reporter: Brian Ghigiarelli >Assignee: Vansh Chaudhary >Priority: Major > > The new GitHubFlowRegistryClient accepts two types of authentication: > # Personal Access Token > # App Installation Token > The App Installation Token requires the user to input the token as a > property, then uses that to communicate with GitHub. However, this token is > short-lived and would require frequent updates (~hourly). > Instead of directly providing the token, the GitHubFlowRegistryClient should > accept as properties: > # App ID > # Private Key (PEM text format) > and use these values to generate a short-lived token, following the guide at > https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#generating-a-json-web-token-jwt -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (NIFI-13290) Dialog close on route navigation causes extra selection route to fire and browser history to be removed
[ https://issues.apache.org/jira/browse/NIFI-13290?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matt Gilman reassigned NIFI-13290: -- Assignee: Matt Gilman > Dialog close on route navigation causes extra selection route to fire and > browser history to be removed > --- > > Key: NIFI-13290 > URL: https://issues.apache.org/jira/browse/NIFI-13290 > Project: Apache NiFi > Issue Type: Sub-task >Reporter: Scott Aslan >Assignee: Matt Gilman >Priority: Major > Attachments: Kapture 2024-05-22 at 17.24.17.gif, example2.gif > > > https://github.com/apache/nifi/pull/8859#discussion_r1612046025 -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] NIFI-12967: Introducing Back action [nifi]
mcgilman commented on code in PR #8859:
URL: https://github.com/apache/nifi/pull/8859#discussion_r1613429317
##
nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-frontend/src/main/nifi/src/app/state/navigation/navigation.reducer.ts:
##
@@ -28,7 +28,14 @@ export const navigationReducer = createReducer(
initialState,
on(pushBackNavigation, (state, { backNavigation }) => {
return produce(state, (draftState) => {
-draftState.backNavigations.push(backNavigation);
+if (draftState.backNavigations.length > 0) {
Review Comment:
Thanks @scottyaslan! Good catch. I've pushed another commit that should
address this issue.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@nifi.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
