[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r617205303
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -50,52 +61,95 @@
*/
@RequiresInstanceClassLoading
@Tags({"accumulo", "client", "service"})
-@CapabilityDescription("A controller service for accessing an HBase client.")
+@CapabilityDescription("A controller service for accessing an Accumulo
Client.")
public class AccumuloService extends AbstractControllerService implements
BaseAccumuloService {
-private enum AuthenticationType{
+private enum AuthenticationType {
PASSWORD,
+KERBEROS,
NONE
}
protected static final PropertyDescriptor ZOOKEEPER_QUORUM = new
PropertyDescriptor.Builder()
-.name("ZooKeeper Quorum")
+.name("accumulo-zooKeeper-quorum")
Review comment:
Thanks @bbende restored the name to original
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r617204260
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -150,61 +176,92 @@ private AuthenticationToken getToken(final
AuthenticationType type, final Config
problems.add(new
ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers
must be supplied").build());
}
-if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied").build());
-}
-
final AuthenticationType type = validationContext.getProperty(
-AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.PASSWORD;
+AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.NONE;
switch(type){
case PASSWORD:
+if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
+problems.add(
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied for the Password Authentication type").build());
+}
if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){
problems.add(
-new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password
must be supplied for the Password Authentication type").build());
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName())
+.explanation("Password must be supplied
for the Password Authentication type").build());
+}
+break;
+case KERBEROS:
+if
(!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){
+problems.add(new
ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName())
+.explanation("Kerberos credential service must be
supplied for the Kerberos Authentication type").build());
}
break;
default:
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non
supported Authentication type").build());
+problems.add(new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non
supported Authentication type").build());
}
return problems;
}
@OnEnabled
-public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException, InterruptedException {
-if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet() ||
!context.getProperty(ACCUMULO_USER).isSet()){
+public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException {
+if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet()) {
throw new InitializationException("Instance name and Zookeeper
Quorum must be specified");
}
-
-
+final KerberosCredentialsService kerberosService =
context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String instanceName =
context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue();
final String zookeepers =
context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue();
-final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+authType = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue());
+AuthenticationToken token;
-final AuthenticationType type = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue() );
+final Properties clientConf = new Properties();
+clientConf.setProperty("instance.zookeepers", zookeepers);
+clientConf.setProperty("instance.name", instanceName);
+switch(authType){
+case PASSWORD:
+final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+token = new
PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue());
-final AuthenticationTok
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r608365626
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -150,61 +176,92 @@ private AuthenticationToken getToken(final
AuthenticationType type, final Config
problems.add(new
ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers
must be supplied").build());
}
-if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied").build());
-}
-
final AuthenticationType type = validationContext.getProperty(
-AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.PASSWORD;
+AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.NONE;
switch(type){
case PASSWORD:
+if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
+problems.add(
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied for the Password Authentication type").build());
+}
if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){
problems.add(
-new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password
must be supplied for the Password Authentication type").build());
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName())
+.explanation("Password must be supplied
for the Password Authentication type").build());
+}
+break;
+case KERBEROS:
+if
(!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){
+problems.add(new
ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName())
+.explanation("Kerberos credential service must be
supplied for the Kerberos Authentication type").build());
}
break;
default:
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non
supported Authentication type").build());
+problems.add(new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non
supported Authentication type").build());
}
return problems;
}
@OnEnabled
-public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException, InterruptedException {
-if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet() ||
!context.getProperty(ACCUMULO_USER).isSet()){
+public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException {
+if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet()) {
throw new InitializationException("Instance name and Zookeeper
Quorum must be specified");
}
-
-
+final KerberosCredentialsService kerberosService =
context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String instanceName =
context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue();
final String zookeepers =
context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue();
-final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+authType = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue());
+AuthenticationToken token;
-final AuthenticationType type = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue() );
+final Properties clientConf = new Properties();
+clientConf.setProperty("instance.zookeepers", zookeepers);
+clientConf.setProperty("instance.name", instanceName);
+switch(authType){
+case PASSWORD:
+final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+token = new
PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue());
-final AuthenticationTok
[GitHub] [nifi] timeabarna commented on a change in pull request #4973: NIFI-8373 Add Kerberos support to Accumulo processors
timeabarna commented on a change in pull request #4973:
URL: https://github.com/apache/nifi/pull/4973#discussion_r608365626
##
File path:
nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java
##
@@ -150,61 +176,92 @@ private AuthenticationToken getToken(final
AuthenticationType type, final Config
problems.add(new
ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers
must be supplied").build());
}
-if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied").build());
-}
-
final AuthenticationType type = validationContext.getProperty(
-AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.PASSWORD;
+AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf(
validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) :
AuthenticationType.NONE;
switch(type){
case PASSWORD:
+if (!validationContext.getProperty(ACCUMULO_USER).isSet()){
+problems.add(
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo
user must be supplied for the Password Authentication type").build());
+}
if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){
problems.add(
-new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password
must be supplied for the Password Authentication type").build());
+new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName())
+.explanation("Password must be supplied
for the Password Authentication type").build());
+}
+break;
+case KERBEROS:
+if
(!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){
+problems.add(new
ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName())
+.explanation("Kerberos credential service must be
supplied for the Kerberos Authentication type").build());
}
break;
default:
-problems.add(new
ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non
supported Authentication type").build());
+problems.add(new
ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non
supported Authentication type").build());
}
return problems;
}
@OnEnabled
-public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException, InterruptedException {
-if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet() ||
!context.getProperty(ACCUMULO_USER).isSet()){
+public void onEnabled(final ConfigurationContext context) throws
InitializationException, IOException {
+if (!context.getProperty(INSTANCE_NAME).isSet() ||
!context.getProperty(ZOOKEEPER_QUORUM).isSet()) {
throw new InitializationException("Instance name and Zookeeper
Quorum must be specified");
}
-
-
+final KerberosCredentialsService kerberosService =
context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class);
final String instanceName =
context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue();
final String zookeepers =
context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue();
-final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+authType = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue());
+AuthenticationToken token;
-final AuthenticationType type = AuthenticationType.valueOf(
context.getProperty(AUTHENTICATION_TYPE).getValue() );
+final Properties clientConf = new Properties();
+clientConf.setProperty("instance.zookeepers", zookeepers);
+clientConf.setProperty("instance.name", instanceName);
+switch(authType){
+case PASSWORD:
+final String accumuloUser =
context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue();
+token = new
PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue());
-final AuthenticationTok
