[GitHub] [nifi] joshelser commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
joshelser commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r616818175
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -150,61 +176,92 @@ private AuthenticationToken getToken(final
AuthenticationType type, final Config
problems.add(new
ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers
must be supplied").build());
}
-if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied").build());
-}
-
final AuthenticationType type = validationContext.getProperty(
-AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.PASSWORD;
+AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.NONE;
switch(type){
case PASSWORD:
+if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
+problems.add(
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied for the Password Authentication type").build());
+}
if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){
problems.add(
-new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password
must be supplied for the Password Authentication type").build());
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName())
+.explanation("Password must be supplied
for the Password Authentication type").build());
+}
+break;
+case KERBEROS:
+if
(!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){
+problems.add(new
ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName())
+.explanation("Kerberos credential service must be
supplied for the Kerberos Authentication type").build());
}
break;
default:
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non
supported Authentication type").build());
+problems.add(new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non
supported Authentication type").build());
}
return problems;
}
@OnEnabled
-public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException, InterruptedException {
-if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet() ||
!context.getProperty(ACCUMULO_USER).isSet()){
+public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException {
+if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet()) {
throw new InitializationException("Instance name and Zookeeper
Quorum must be specified");
}
-
-
+final KerberosCredentialsService kerberosService =
context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String instanceName =
context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue();
final String zookeepers =
context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue();
-final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+authType = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue());
+AuthenticationToken token;
-final AuthenticationType type = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue() );
+final Properties clientConf = new Properties();
+clientConf.setProperty("instance.zookeepers", zookeepers);
+clientConf.setProperty("instance.name", instanceName);
+switch(authType){
+case PASSWORD:
+final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+token = new
PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue());
-final
[GitHub] [nifi] joshelser commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
joshelser commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r607955331
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -150,61 +176,92 @@ private AuthenticationToken getToken(final
AuthenticationType type, final Config
problems.add(new
ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers
must be supplied").build());
}
-if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied").build());
-}
-
final AuthenticationType type = validationContext.getProperty(
-AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.PASSWORD;
+AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.NONE;
switch(type){
case PASSWORD:
+if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
+problems.add(
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied for the Password Authentication type").build());
+}
if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){
problems.add(
-new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password
must be supplied for the Password Authentication type").build());
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName())
+.explanation("Password must be supplied
for the Password Authentication type").build());
+}
+break;
+case KERBEROS:
+if
(!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){
+problems.add(new
ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName())
+.explanation("Kerberos credential service must be
supplied for the Kerberos Authentication type").build());
}
break;
default:
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non
supported Authentication type").build());
+problems.add(new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non
supported Authentication type").build());
}
return problems;
}
@OnEnabled
-public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException, InterruptedException {
-if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet() ||
!context.getProperty(ACCUMULO_USER).isSet()){
+public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException {
+if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet()) {
throw new InitializationException("Instance name and Zookeeper
Quorum must be specified");
}
-
-
+final KerberosCredentialsService kerberosService =
context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String instanceName =
context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue();
final String zookeepers =
context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue();
-final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+authType = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue());
+AuthenticationToken token;
-final AuthenticationType type = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue() );
+final Properties clientConf = new Properties();
+clientConf.setProperty("instance.zookeepers", zookeepers);
+clientConf.setProperty("instance.name", instanceName);
+switch(authType){
+case PASSWORD:
+final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+token = new
PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue());
-final
