[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r617205303 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -50,52 +61,95 @@ */ @RequiresInstanceClassLoading @Tags({"accumulo", "client", "service"}) -@CapabilityDescription("A controller service for accessing an HBase client.") +@CapabilityDescription("A controller service for accessing an Accumulo Client.") public class AccumuloService extends AbstractControllerService implements BaseAccumuloService { -private enum AuthenticationType{ +private enum AuthenticationType { PASSWORD, +KERBEROS, NONE } protected static final PropertyDescriptor ZOOKEEPER_QUORUM = new PropertyDescriptor.Builder() -.name("ZooKeeper Quorum") +.name("accumulo-zooKeeper-quorum") Review comment: Thanks @bbende restored the name to original -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r617204260 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } -if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); -} - final AuthenticationType type = validationContext.getProperty( -AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; +AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: +if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ +problems.add( +new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); +} if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( -new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); +new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) +.explanation("Password must be supplied for the Password Authentication type").build()); +} +break; +case KERBEROS: +if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ +problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) +.explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); +problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled -public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { -if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ +public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { +if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - +final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); -final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); +AuthenticationToken token; -final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); +final Properties clientConf = new Properties(); +clientConf.setProperty("instance.zookeepers", zookeepers); +clientConf.setProperty("instance.name", instanceName); +switch(authType){ +case PASSWORD: +final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); -final AuthenticationTok
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r608365626 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } -if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); -} - final AuthenticationType type = validationContext.getProperty( -AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; +AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: +if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ +problems.add( +new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); +} if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( -new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); +new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) +.explanation("Password must be supplied for the Password Authentication type").build()); +} +break; +case KERBEROS: +if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ +problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) +.explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); +problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled -public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { -if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ +public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { +if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - +final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); -final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); +AuthenticationToken token; -final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); +final Properties clientConf = new Properties(); +clientConf.setProperty("instance.zookeepers", zookeepers); +clientConf.setProperty("instance.name", instanceName); +switch(authType){ +case PASSWORD: +final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); -final AuthenticationTok
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r608365626 ## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } -if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); -} - final AuthenticationType type = validationContext.getProperty( -AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; +AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: +if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ +problems.add( +new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); +} if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( -new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); +new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) +.explanation("Password must be supplied for the Password Authentication type").build()); +} +break; +case KERBEROS: +if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ +problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) +.explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: -problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); +problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled -public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { -if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ +public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { +if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - +final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); -final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); +AuthenticationToken token; -final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); +final Properties clientConf = new Properties(); +clientConf.setProperty("instance.zookeepers", zookeepers); +clientConf.setProperty("instance.name", instanceName); +switch(authType){ +case PASSWORD: +final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); +token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); -final AuthenticationTok