[GitHub] [nifi] joshelser commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
joshelser commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r616818175 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } -if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); -} - final AuthenticationType type = validationContext.getProperty( -AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; +AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: +if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ +problems.add( +new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); +} if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( -new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); +new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) +.explanation("Password must be supplied for the Password Authentication type").build()); +} +break; +case KERBEROS: +if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ +problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) +.explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); +problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled -public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { -if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ +public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { +if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - +final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); -final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); +AuthenticationToken token; -final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); +final Properties clientConf = new Properties(); +clientConf.setProperty("instance.zookeepers", zookeepers); +clientConf.setProperty("instance.name", instanceName); +switch(authType){ +case PASSWORD: +final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); -final
[GitHub] [nifi] joshelser commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
joshelser commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r607955331 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } -if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); -} - final AuthenticationType type = validationContext.getProperty( -AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; +AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: +if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ +problems.add( +new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); +} if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( -new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); +new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) +.explanation("Password must be supplied for the Password Authentication type").build()); +} +break; +case KERBEROS: +if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ +problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) +.explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); +problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled -public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { -if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ +public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { +if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - +final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); -final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); +AuthenticationToken token; -final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); +final Properties clientConf = new Properties(); +clientConf.setProperty("instance.zookeepers", zookeepers); +clientConf.setProperty("instance.name", instanceName); +switch(authType){ +case PASSWORD: +final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); -final