NIFI-655:

- Updating packages for log in filters.
- Handling new registration exceptions.
- Code clean up.
This commit is contained in:
Matt Gilman 2015-11-09 10:52:18 -05:00
parent 1350483d36
commit efa1939fc5
4 changed files with 14 additions and 9 deletions

View File

@ -130,7 +130,7 @@ public final class AuthorizedUsers {
* @return The user identity
*/
public String getUserIdentity(final NiFiUser user) {
if (User.class.isAssignableFrom(user.getClass())) {
if (user instanceof User) {
return ((User) user).getDn();
} else {
return ((LoginUser) user).getUsername();
@ -233,7 +233,7 @@ public final class AuthorizedUsers {
// create the user
final NiFiUser newUser = creator.createUser();
if (User.class.isAssignableFrom(newUser.getClass())) {
if (newUser instanceof User) {
users.getUser().add((User) newUser);
} else {
users.getLoginUser().add((LoginUser) newUser);
@ -323,7 +323,7 @@ public final class AuthorizedUsers {
// find the desired user
final NiFiUser user = finder.findUser(nifiUsers);
if (User.class.isAssignableFrom(user.getClass())) {
if (user instanceof User) {
users.getUser().remove((User) user);
} else {
users.getLoginUser().remove((LoginUser) user);
@ -350,7 +350,7 @@ public final class AuthorizedUsers {
// find the desired user
final List<NiFiUser> usersToRemove = finder.findUsers(nifiUsers);
for (final NiFiUser user : usersToRemove) {
if (User.class.isAssignableFrom(user.getClass())) {
if (user instanceof User) {
users.getUser().remove((User) user);
} else {
users.getLoginUser().remove((LoginUser) user);

View File

@ -24,8 +24,8 @@ import org.apache.nifi.web.security.NiFiAuthenticationProvider;
import org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter;
import org.apache.nifi.web.security.NiFiAuthenticationEntryPoint;
import org.apache.nifi.web.security.RegistrationStatusFilter;
import org.apache.nifi.web.security.form.LoginAuthenticationFilter;
import org.apache.nifi.web.security.form.RegistrationFilter;
import org.apache.nifi.web.security.login.LoginAuthenticationFilter;
import org.apache.nifi.web.security.login.RegistrationFilter;
import org.apache.nifi.web.security.jwt.JwtAuthenticationFilter;
import org.apache.nifi.web.security.jwt.JwtService;
import org.apache.nifi.web.security.node.NodeAuthorizedUserFilter;

View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.nifi.web.security.form;
package org.apache.nifi.web.security.login;
import org.apache.nifi.web.security.token.LoginAuthenticationToken;
import java.io.IOException;

View File

@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.nifi.web.security.form;
package org.apache.nifi.web.security.login;
import java.io.IOException;
import java.io.PrintWriter;
@ -30,6 +30,7 @@ import org.apache.nifi.admin.service.UserService;
import org.apache.nifi.authentication.LoginCredentials;
import org.apache.nifi.authentication.LoginIdentityProvider;
import org.apache.nifi.authentication.exception.IdentityAccessException;
import org.apache.nifi.authentication.exception.IdentityRegistrationException;
import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
import org.apache.nifi.util.StringUtils;
import org.apache.nifi.web.security.jwt.JwtService;
@ -38,6 +39,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AccountStatusException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
@ -80,6 +82,9 @@ public class RegistrationFilter extends AbstractAuthenticationProcessingFilter {
loginIdentityProvider.register(credentials);
} catch (final IdentityAlreadyExistsException iaee) {
// if the identity already exists, try to create the nifi account request
} catch (final IdentityRegistrationException ire) {
// the credentials are not acceptable for some reason
throw new BadCredentialsException(ire.getMessage(), ire);
} catch (final IdentityAccessException iae) {
throw new AuthenticationServiceException(iae.getMessage(), iae);
}
@ -133,7 +138,7 @@ public class RegistrationFilter extends AbstractAuthenticationProcessingFilter {
out.println(failed.getMessage());
// set the appropriate response status
if (failed instanceof UsernameNotFoundException) {
if (failed instanceof UsernameNotFoundException || failed instanceof BadCredentialsException) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
} else if (failed instanceof AccountStatusException) {
// account exists (maybe valid, pending, revoked)