mirror of https://github.com/apache/nifi.git
NIFI-655:
- Updating packages for log in filters. - Handling new registration exceptions. - Code clean up.
This commit is contained in:
parent
1350483d36
commit
efa1939fc5
|
@ -130,7 +130,7 @@ public final class AuthorizedUsers {
|
||||||
* @return The user identity
|
* @return The user identity
|
||||||
*/
|
*/
|
||||||
public String getUserIdentity(final NiFiUser user) {
|
public String getUserIdentity(final NiFiUser user) {
|
||||||
if (User.class.isAssignableFrom(user.getClass())) {
|
if (user instanceof User) {
|
||||||
return ((User) user).getDn();
|
return ((User) user).getDn();
|
||||||
} else {
|
} else {
|
||||||
return ((LoginUser) user).getUsername();
|
return ((LoginUser) user).getUsername();
|
||||||
|
@ -233,7 +233,7 @@ public final class AuthorizedUsers {
|
||||||
|
|
||||||
// create the user
|
// create the user
|
||||||
final NiFiUser newUser = creator.createUser();
|
final NiFiUser newUser = creator.createUser();
|
||||||
if (User.class.isAssignableFrom(newUser.getClass())) {
|
if (newUser instanceof User) {
|
||||||
users.getUser().add((User) newUser);
|
users.getUser().add((User) newUser);
|
||||||
} else {
|
} else {
|
||||||
users.getLoginUser().add((LoginUser) newUser);
|
users.getLoginUser().add((LoginUser) newUser);
|
||||||
|
@ -323,7 +323,7 @@ public final class AuthorizedUsers {
|
||||||
|
|
||||||
// find the desired user
|
// find the desired user
|
||||||
final NiFiUser user = finder.findUser(nifiUsers);
|
final NiFiUser user = finder.findUser(nifiUsers);
|
||||||
if (User.class.isAssignableFrom(user.getClass())) {
|
if (user instanceof User) {
|
||||||
users.getUser().remove((User) user);
|
users.getUser().remove((User) user);
|
||||||
} else {
|
} else {
|
||||||
users.getLoginUser().remove((LoginUser) user);
|
users.getLoginUser().remove((LoginUser) user);
|
||||||
|
@ -350,7 +350,7 @@ public final class AuthorizedUsers {
|
||||||
// find the desired user
|
// find the desired user
|
||||||
final List<NiFiUser> usersToRemove = finder.findUsers(nifiUsers);
|
final List<NiFiUser> usersToRemove = finder.findUsers(nifiUsers);
|
||||||
for (final NiFiUser user : usersToRemove) {
|
for (final NiFiUser user : usersToRemove) {
|
||||||
if (User.class.isAssignableFrom(user.getClass())) {
|
if (user instanceof User) {
|
||||||
users.getUser().remove((User) user);
|
users.getUser().remove((User) user);
|
||||||
} else {
|
} else {
|
||||||
users.getLoginUser().remove((LoginUser) user);
|
users.getLoginUser().remove((LoginUser) user);
|
||||||
|
|
|
@ -24,8 +24,8 @@ import org.apache.nifi.web.security.NiFiAuthenticationProvider;
|
||||||
import org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter;
|
import org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter;
|
||||||
import org.apache.nifi.web.security.NiFiAuthenticationEntryPoint;
|
import org.apache.nifi.web.security.NiFiAuthenticationEntryPoint;
|
||||||
import org.apache.nifi.web.security.RegistrationStatusFilter;
|
import org.apache.nifi.web.security.RegistrationStatusFilter;
|
||||||
import org.apache.nifi.web.security.form.LoginAuthenticationFilter;
|
import org.apache.nifi.web.security.login.LoginAuthenticationFilter;
|
||||||
import org.apache.nifi.web.security.form.RegistrationFilter;
|
import org.apache.nifi.web.security.login.RegistrationFilter;
|
||||||
import org.apache.nifi.web.security.jwt.JwtAuthenticationFilter;
|
import org.apache.nifi.web.security.jwt.JwtAuthenticationFilter;
|
||||||
import org.apache.nifi.web.security.jwt.JwtService;
|
import org.apache.nifi.web.security.jwt.JwtService;
|
||||||
import org.apache.nifi.web.security.node.NodeAuthorizedUserFilter;
|
import org.apache.nifi.web.security.node.NodeAuthorizedUserFilter;
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
* See the License for the specific language governing permissions and
|
* See the License for the specific language governing permissions and
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
package org.apache.nifi.web.security.form;
|
package org.apache.nifi.web.security.login;
|
||||||
|
|
||||||
import org.apache.nifi.web.security.token.LoginAuthenticationToken;
|
import org.apache.nifi.web.security.token.LoginAuthenticationToken;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
|
@ -14,7 +14,7 @@
|
||||||
* See the License for the specific language governing permissions and
|
* See the License for the specific language governing permissions and
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
package org.apache.nifi.web.security.form;
|
package org.apache.nifi.web.security.login;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
|
@ -30,6 +30,7 @@ import org.apache.nifi.admin.service.UserService;
|
||||||
import org.apache.nifi.authentication.LoginCredentials;
|
import org.apache.nifi.authentication.LoginCredentials;
|
||||||
import org.apache.nifi.authentication.LoginIdentityProvider;
|
import org.apache.nifi.authentication.LoginIdentityProvider;
|
||||||
import org.apache.nifi.authentication.exception.IdentityAccessException;
|
import org.apache.nifi.authentication.exception.IdentityAccessException;
|
||||||
|
import org.apache.nifi.authentication.exception.IdentityRegistrationException;
|
||||||
import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
|
import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
|
||||||
import org.apache.nifi.util.StringUtils;
|
import org.apache.nifi.util.StringUtils;
|
||||||
import org.apache.nifi.web.security.jwt.JwtService;
|
import org.apache.nifi.web.security.jwt.JwtService;
|
||||||
|
@ -38,6 +39,7 @@ import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.security.authentication.AccountStatusException;
|
import org.springframework.security.authentication.AccountStatusException;
|
||||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||||
|
import org.springframework.security.authentication.BadCredentialsException;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.AuthenticationException;
|
||||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
|
@ -80,6 +82,9 @@ public class RegistrationFilter extends AbstractAuthenticationProcessingFilter {
|
||||||
loginIdentityProvider.register(credentials);
|
loginIdentityProvider.register(credentials);
|
||||||
} catch (final IdentityAlreadyExistsException iaee) {
|
} catch (final IdentityAlreadyExistsException iaee) {
|
||||||
// if the identity already exists, try to create the nifi account request
|
// if the identity already exists, try to create the nifi account request
|
||||||
|
} catch (final IdentityRegistrationException ire) {
|
||||||
|
// the credentials are not acceptable for some reason
|
||||||
|
throw new BadCredentialsException(ire.getMessage(), ire);
|
||||||
} catch (final IdentityAccessException iae) {
|
} catch (final IdentityAccessException iae) {
|
||||||
throw new AuthenticationServiceException(iae.getMessage(), iae);
|
throw new AuthenticationServiceException(iae.getMessage(), iae);
|
||||||
}
|
}
|
||||||
|
@ -133,7 +138,7 @@ public class RegistrationFilter extends AbstractAuthenticationProcessingFilter {
|
||||||
out.println(failed.getMessage());
|
out.println(failed.getMessage());
|
||||||
|
|
||||||
// set the appropriate response status
|
// set the appropriate response status
|
||||||
if (failed instanceof UsernameNotFoundException) {
|
if (failed instanceof UsernameNotFoundException || failed instanceof BadCredentialsException) {
|
||||||
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
|
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
|
||||||
} else if (failed instanceof AccountStatusException) {
|
} else if (failed instanceof AccountStatusException) {
|
||||||
// account exists (maybe valid, pending, revoked)
|
// account exists (maybe valid, pending, revoked)
|
Loading…
Reference in New Issue