diff --git a/nifi-commons/nifi-security-kerberos/pom.xml b/nifi-commons/nifi-security-kerberos/pom.xml
new file mode 100644
index 0000000000..e507bf0a60
--- /dev/null
+++ b/nifi-commons/nifi-security-kerberos/pom.xml
@@ -0,0 +1,46 @@
+
+
+
+ 4.0.0
+
+ org.apache.nifi
+ nifi-commons
+ 1.14.0-SNAPSHOT
+
+ nifi-security-kerberos
+
+
+ org.apache.nifi
+ nifi-api
+ 1.14.0-SNAPSHOT
+
+
+ org.apache.commons
+ commons-lang3
+ 3.11
+
+
+ org.slf4j
+ slf4j-api
+
+
+ org.apache.hadoop
+ hadoop-minikdc
+ 3.1.0
+ test
+
+
+
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/AbstractKerberosUser.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/AbstractKerberosUser.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/AbstractKerberosUser.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/AbstractKerberosUser.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/ConfigurationUtil.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/ConfigurationUtil.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/ConfigurationUtil.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/ConfigurationUtil.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosAction.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosAction.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosAction.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosAction.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosKeytabUser.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosKeytabUser.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosKeytabUser.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosKeytabUser.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosPasswordUser.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosPasswordUser.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosPasswordUser.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosPasswordUser.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosTicketCacheUser.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosTicketCacheUser.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosTicketCacheUser.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosTicketCacheUser.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosUser.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosUser.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KerberosUser.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KerberosUser.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KeytabConfiguration.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KeytabConfiguration.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/KeytabConfiguration.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/KeytabConfiguration.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/PasswordConfiguration.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/PasswordConfiguration.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/PasswordConfiguration.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/PasswordConfiguration.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/TicketCacheConfiguration.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/TicketCacheConfiguration.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/TicketCacheConfiguration.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/TicketCacheConfiguration.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/UsernamePasswordCallbackHandler.java b/nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/UsernamePasswordCallbackHandler.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/krb/UsernamePasswordCallbackHandler.java
rename to nifi-commons/nifi-security-kerberos/src/main/java/org/apache/nifi/security/krb/UsernamePasswordCallbackHandler.java
diff --git a/nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/KDCServer.java b/nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/KDCServer.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/KDCServer.java
rename to nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/KDCServer.java
diff --git a/nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/KerberosUserIT.java b/nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/KerberosUserIT.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/KerberosUserIT.java
rename to nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/KerberosUserIT.java
diff --git a/nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/TestKeytabConfiguration.java b/nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/TestKeytabConfiguration.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/test/java/org/apache/nifi/security/krb/TestKeytabConfiguration.java
rename to nifi-commons/nifi-security-kerberos/src/test/java/org/apache/nifi/security/krb/TestKeytabConfiguration.java
diff --git a/nifi-commons/nifi-security-socket-ssl/pom.xml b/nifi-commons/nifi-security-socket-ssl/pom.xml
new file mode 100644
index 0000000000..c4edb99be7
--- /dev/null
+++ b/nifi-commons/nifi-security-socket-ssl/pom.xml
@@ -0,0 +1,35 @@
+
+
+
+ 4.0.0
+
+ org.apache.nifi
+ nifi-commons
+ 1.14.0-SNAPSHOT
+
+ nifi-security-socket-ssl
+
+
+ org.apache.nifi
+ nifi-utils
+ 1.14.0-SNAPSHOT
+
+
+ org.slf4j
+ slf4j-api
+
+
+
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java b/nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
similarity index 98%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
rename to nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
index bff50cfa9b..59902d05f5 100644
--- a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
+++ b/nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannel.java
@@ -19,7 +19,6 @@ package org.apache.nifi.remote.io.socket.ssl;
import org.apache.nifi.remote.exception.TransmissionDisabledException;
import org.apache.nifi.remote.io.socket.BufferStateManager;
import org.apache.nifi.remote.io.socket.BufferStateManager.Direction;
-import org.apache.nifi.security.util.CertificateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -184,9 +183,14 @@ public class SSLSocketChannel implements Closeable {
throw new SSLPeerUnverifiedException("No certificates found");
}
- final X509Certificate cert = CertificateUtils.convertAbstractX509Certificate(certs[0]);
- cert.checkValidity();
- return cert.getSubjectDN().getName().trim();
+ final Certificate certificate = certs[0];
+ if (certificate instanceof X509Certificate) {
+ final X509Certificate peerCertificate = (X509Certificate) certificate;
+ peerCertificate.checkValidity();
+ return peerCertificate.getSubjectDN().getName().trim();
+ } else {
+ throw new CertificateException(String.format("X.509 Certificate class not found [%s]", certificate.getClass()));
+ }
}
private void performHandshake() throws IOException {
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelInputStream.java b/nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelInputStream.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelInputStream.java
rename to nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelInputStream.java
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelOutputStream.java b/nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelOutputStream.java
similarity index 100%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelOutputStream.java
rename to nifi-commons/nifi-security-socket-ssl/src/main/java/org/apache/nifi/remote/io/socket/ssl/SSLSocketChannelOutputStream.java
diff --git a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/krb/KerberosPrincipalParserSpec.groovy b/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/krb/KerberosPrincipalParserSpec.groovy
deleted file mode 100644
index 883dc31631..0000000000
--- a/nifi-commons/nifi-security-utils/src/test/groovy/org/apache/nifi/security/util/krb/KerberosPrincipalParserSpec.groovy
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.security.util.krb
-
-import spock.lang.Specification
-import spock.lang.Unroll
-
-class KerberosPrincipalParserSpec extends Specification {
-
- @Unroll
- def "Verify parsed realm from '#testPrincipal' == '#expectedRealm'"() {
- expect:
- KerberosPrincipalParser.getRealm(testPrincipal) == expectedRealm
-
- where:
- testPrincipal || expectedRealm
- "user" || null
- "user@" || null
- "user@EXAMPLE.COM" || "EXAMPLE.COM"
- "user@name@EXAMPLE.COM" || "EXAMPLE.COM"
- "user\\@" || null
- "user\\@name" || null
- "user\\@name@EXAMPLE.COM" || "EXAMPLE.COM"
- "user@EXAMPLE.COM\\@" || "EXAMPLE.COM\\@"
- "user@@name@\\@@\\@" || "\\@"
- "user@@name@\\@@\\@@EXAMPLE.COM" || "EXAMPLE.COM"
- "user@@name@\\@@\\@@EXAMPLE.COM@" || null
- "user\\@\\@name@EXAMPLE.COM" || "EXAMPLE.COM"
- }
-}
diff --git a/nifi-commons/pom.xml b/nifi-commons/pom.xml
index c9361da3da..a1fc3d27fa 100644
--- a/nifi-commons/pom.xml
+++ b/nifi-commons/pom.xml
@@ -37,6 +37,8 @@
nifi-record-path
nifi-rocksdb-utils
nifi-schema-utils
+ nifi-security-kerberos
+ nifi-security-socket-ssl
nifi-security-utils-api
nifi-security-utils
nifi-site-to-site-client
diff --git a/nifi-nar-bundles/nifi-beats-bundle/nifi-beats-processors/pom.xml b/nifi-nar-bundles/nifi-beats-bundle/nifi-beats-processors/pom.xml
index 2929e307cc..a8d1fbe4f2 100644
--- a/nifi-nar-bundles/nifi-beats-bundle/nifi-beats-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-beats-bundle/nifi-beats-processors/pom.xml
@@ -35,6 +35,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-socket-ssl
+ 1.14.0-SNAPSHOT
+
com.google.code.gson
gson
diff --git a/nifi-nar-bundles/nifi-cassandra-bundle/nifi-cassandra-services/pom.xml b/nifi-nar-bundles/nifi-cassandra-bundle/nifi-cassandra-services/pom.xml
index ff3e196ed6..96b9c8d371 100644
--- a/nifi-nar-bundles/nifi-cassandra-bundle/nifi-cassandra-services/pom.xml
+++ b/nifi-nar-bundles/nifi-cassandra-bundle/nifi-cassandra-services/pom.xml
@@ -62,12 +62,6 @@
1.14.0-SNAPSHOT
-
- org.apache.nifi
- nifi-security-utils
- 1.14.0-SNAPSHOT
-
-
org.apache.nifi
nifi-mock
diff --git a/nifi-nar-bundles/nifi-extension-utils/nifi-hadoop-utils/pom.xml b/nifi-nar-bundles/nifi-extension-utils/nifi-hadoop-utils/pom.xml
index 56bb9d2efb..ca0ab6070f 100644
--- a/nifi-nar-bundles/nifi-extension-utils/nifi-hadoop-utils/pom.xml
+++ b/nifi-nar-bundles/nifi-extension-utils/nifi-hadoop-utils/pom.xml
@@ -36,7 +36,7 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-kerberos
1.14.0-SNAPSHOT
diff --git a/nifi-nar-bundles/nifi-extension-utils/nifi-processor-utils/pom.xml b/nifi-nar-bundles/nifi-extension-utils/nifi-processor-utils/pom.xml
index 97d2f951ae..084374d645 100644
--- a/nifi-nar-bundles/nifi-extension-utils/nifi-processor-utils/pom.xml
+++ b/nifi-nar-bundles/nifi-extension-utils/nifi-processor-utils/pom.xml
@@ -42,7 +42,7 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-socket-ssl
1.14.0-SNAPSHOT
@@ -50,6 +50,11 @@
commons-io
2.6
+
+ org.apache.commons
+ commons-lang3
+ 3.11
+
org.apache.nifi
diff --git a/nifi-nar-bundles/nifi-extension-utils/nifi-record-utils/nifi-standard-record-utils/pom.xml b/nifi-nar-bundles/nifi-extension-utils/nifi-record-utils/nifi-standard-record-utils/pom.xml
index 643cd1bc12..d9a00ec5b5 100644
--- a/nifi-nar-bundles/nifi-extension-utils/nifi-record-utils/nifi-standard-record-utils/pom.xml
+++ b/nifi-nar-bundles/nifi-extension-utils/nifi-record-utils/nifi-standard-record-utils/pom.xml
@@ -35,7 +35,7 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-socket-ssl
1.14.0-SNAPSHOT
diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml
index ab94373af7..005c15dad6 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive-processors/pom.xml
@@ -41,6 +41,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-dbcp-service-api
diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
index d384245128..0c425c26f9 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive3-processors/pom.xml
@@ -36,6 +36,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-dbcp-service-api
diff --git a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml
index 3749ca8c8c..a4f39113b5 100644
--- a/nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-hive-bundle/nifi-hive_1_1-processors/pom.xml
@@ -41,6 +41,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-dbcp-service-api
diff --git a/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/pom.xml b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/pom.xml
index 0d67574bc4..910e7750f1 100644
--- a/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/pom.xml
+++ b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/pom.xml
@@ -39,11 +39,6 @@
nifi-utils
1.14.0-SNAPSHOT
-
- org.apache.nifi
- nifi-security-utils
- 1.14.0-SNAPSHOT
-
org.springframework.security.kerberos
spring-security-kerberos-core
diff --git a/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/KerberosProvider.java b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/KerberosProvider.java
index 2e46f6a4e5..bfbb711990 100644
--- a/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/KerberosProvider.java
+++ b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/KerberosProvider.java
@@ -26,7 +26,7 @@ import org.apache.nifi.authentication.exception.IdentityAccessException;
import org.apache.nifi.authentication.exception.InvalidLoginCredentialsException;
import org.apache.nifi.authentication.exception.ProviderCreationException;
import org.apache.nifi.authentication.exception.ProviderDestructionException;
-import org.apache.nifi.security.util.krb.KerberosPrincipalParser;
+import org.apache.nifi.kerberos.parser.KerberosPrincipalParser;
import org.apache.nifi.util.FormatUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
diff --git a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/krb/KerberosPrincipalParser.java b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/parser/KerberosPrincipalParser.java
similarity index 96%
rename from nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/krb/KerberosPrincipalParser.java
rename to nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/parser/KerberosPrincipalParser.java
index 8726c9c30e..a300f01f0d 100644
--- a/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/krb/KerberosPrincipalParser.java
+++ b/nifi-nar-bundles/nifi-kerberos-iaa-providers-bundle/nifi-kerberos-iaa-providers/src/main/java/org/apache/nifi/kerberos/parser/KerberosPrincipalParser.java
@@ -14,9 +14,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.nifi.security.util.krb;
+package org.apache.nifi.kerberos.parser;
-import org.apache.nifi.util.StringUtils;
+import org.apache.commons.lang3.StringUtils;
public class KerberosPrincipalParser {
diff --git a/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-controller-service/pom.xml b/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-controller-service/pom.xml
index d2f8bae962..4b7f75f419 100644
--- a/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-controller-service/pom.xml
+++ b/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-controller-service/pom.xml
@@ -75,9 +75,8 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-kerberos
1.14.0-SNAPSHOT
- provided
org.apache.nifi
diff --git a/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-processors/pom.xml b/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-processors/pom.xml
index 71c0f0bb05..7eb99b83d7 100644
--- a/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-kudu-bundle/nifi-kudu-processors/pom.xml
@@ -86,7 +86,12 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
+
+ org.apache.nifi
+ nifi-security-kerberos
1.14.0-SNAPSHOT
diff --git a/nifi-nar-bundles/nifi-solr-bundle/nifi-solr-processors/pom.xml b/nifi-nar-bundles/nifi-solr-bundle/nifi-solr-processors/pom.xml
index f489d4b45f..2a3395381d 100755
--- a/nifi-nar-bundles/nifi-solr-bundle/nifi-solr-processors/pom.xml
+++ b/nifi-nar-bundles/nifi-solr-bundle/nifi-solr-processors/pom.xml
@@ -70,6 +70,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-ssl-context-service-api
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml
index cd4c220f4b..b23a2ec648 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-dbcp-service-bundle/nifi-dbcp-service/pom.xml
@@ -44,7 +44,7 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-kerberos
1.14.0-SNAPSHOT
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/pom.xml
index 03e17ff531..878d89d71a 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-distributed-cache-services-bundle/nifi-distributed-cache-client-service/pom.xml
@@ -40,6 +40,11 @@
nifi-processor-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-socket-ssl
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-utils
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hadoop-dbcp-service-bundle/nifi-hadoop-dbcp-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hadoop-dbcp-service-bundle/nifi-hadoop-dbcp-service/pom.xml
index 5a7915481e..700c6f780a 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hadoop-dbcp-service-bundle/nifi-hadoop-dbcp-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hadoop-dbcp-service-bundle/nifi-hadoop-dbcp-service/pom.xml
@@ -44,7 +44,7 @@
org.apache.nifi
- nifi-security-utils
+ nifi-security-kerberos
1.14.0-SNAPSHOT
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/nifi-hbase_1_1_2-client-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/nifi-hbase_1_1_2-client-service/pom.xml
index c4c85a0269..292df62d3c 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/nifi-hbase_1_1_2-client-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_1_1_2-client-service-bundle/nifi-hbase_1_1_2-client-service/pom.xml
@@ -49,6 +49,11 @@
nifi-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-hadoop-utils
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/nifi-hbase_2-client-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/nifi-hbase_2-client-service/pom.xml
index d040242f23..922d984a47 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/nifi-hbase_2-client-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hbase_2-client-service-bundle/nifi-hbase_2-client-service/pom.xml
@@ -52,6 +52,11 @@
nifi-hadoop-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-distributed-cache-client-service-api
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/nifi-hwx-schema-registry-service/pom.xml b/nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/nifi-hwx-schema-registry-service/pom.xml
index 07f4892a4d..47e219c048 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/nifi-hwx-schema-registry-service/pom.xml
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/nifi-hwx-schema-registry-service/pom.xml
@@ -40,6 +40,11 @@ limitations under the License.
nifi-utils
1.14.0-SNAPSHOT
+
+ org.apache.nifi
+ nifi-security-kerberos
+ 1.14.0-SNAPSHOT
+
org.apache.nifi
nifi-record
diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-record-serialization-services-bundle/nifi-record-serialization-services/src/main/java/org/apache/nifi/schema/inference/VolatileSchemaCache.java b/nifi-nar-bundles/nifi-standard-services/nifi-record-serialization-services-bundle/nifi-record-serialization-services/src/main/java/org/apache/nifi/schema/inference/VolatileSchemaCache.java
index 926d2d0329..7ca2fc420a 100644
--- a/nifi-nar-bundles/nifi-standard-services/nifi-record-serialization-services-bundle/nifi-record-serialization-services/src/main/java/org/apache/nifi/schema/inference/VolatileSchemaCache.java
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-record-serialization-services-bundle/nifi-record-serialization-services/src/main/java/org/apache/nifi/schema/inference/VolatileSchemaCache.java
@@ -19,7 +19,6 @@ package org.apache.nifi.schema.inference;
import avro.shaded.com.google.common.annotations.VisibleForTesting;
import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
-import org.apache.commons.codec.binary.Hex;
import org.apache.nifi.annotation.documentation.CapabilityDescription;
import org.apache.nifi.annotation.documentation.Tags;
import org.apache.nifi.annotation.lifecycle.OnEnabled;
@@ -37,6 +36,7 @@ import org.apache.nifi.serialization.record.type.RecordDataType;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
@@ -60,6 +60,8 @@ public class VolatileSchemaCache extends AbstractControllerService implements Re
.defaultValue("100")
.build();
+ private static final Base64.Encoder ENCODER = Base64.getEncoder().withoutPadding();
+
private volatile Cache cache;
@Override
@@ -127,7 +129,8 @@ public class VolatileSchemaCache extends AbstractControllerService implements Re
}
final byte[] digestBytes = digest.digest();
- return Hex.encodeHexString(digestBytes);
+
+ return ENCODER.encodeToString(digestBytes);
}
private void computeHash(final RecordSchema schema, final MessageDigest digest) {
diff --git a/nifi-nar-bundles/nifi-websocket-bundle/nifi-websocket-services-jetty/src/main/java/org/apache/nifi/websocket/jetty/JettyWebSocketClient.java b/nifi-nar-bundles/nifi-websocket-bundle/nifi-websocket-services-jetty/src/main/java/org/apache/nifi/websocket/jetty/JettyWebSocketClient.java
index cc46e9f061..84e84f3044 100644
--- a/nifi-nar-bundles/nifi-websocket-bundle/nifi-websocket-services-jetty/src/main/java/org/apache/nifi/websocket/jetty/JettyWebSocketClient.java
+++ b/nifi-nar-bundles/nifi-websocket-bundle/nifi-websocket-services-jetty/src/main/java/org/apache/nifi/websocket/jetty/JettyWebSocketClient.java
@@ -16,7 +16,6 @@
*/
package org.apache.nifi.websocket.jetty;
-import org.apache.commons.codec.binary.Base64;
import org.apache.nifi.annotation.documentation.CapabilityDescription;
import org.apache.nifi.annotation.documentation.Tags;
import org.apache.nifi.annotation.lifecycle.OnDisabled;
@@ -46,6 +45,7 @@ import java.io.IOException;
import java.net.URI;
import java.nio.charset.Charset;
import java.util.ArrayList;
+import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
@@ -219,7 +219,7 @@ public class JettyWebSocketClient extends AbstractJettyWebSocketService implemen
throw new IllegalArgumentException(AUTH_CHARSET.getDisplayName() + " was not specified.");
}
final Charset charset = Charset.forName(charsetName);
- final String base64String = Base64.encodeBase64String((userName + ":" + userPassword).getBytes(charset));
+ final String base64String = Base64.getEncoder().encodeToString((userName + ":" + userPassword).getBytes(charset));
authorizationHeader = "Basic " + base64String;
} else {
authorizationHeader = null;
diff --git a/nifi-toolkit/nifi-toolkit-cli/pom.xml b/nifi-toolkit/nifi-toolkit-cli/pom.xml
index 8ad1ec1f4c..624e7ee757 100644
--- a/nifi-toolkit/nifi-toolkit-cli/pom.xml
+++ b/nifi-toolkit/nifi-toolkit-cli/pom.xml
@@ -72,6 +72,11 @@
+
+ org.apache.nifi
+ nifi-security-kerberos
+ ${project.version}
+
org.apache.nifi.registry
nifi-registry-client