- Introducing support for OpenId Connect.
- Updating REST API and UI to support the authorization code flow.
- Adding/fixing documentation.
- Implementing time constant equality checks where appropriate.
- Corrected error handling during startup and throughout the OIDC login sequence.
- Redacting the token values from the user log.
- Defaulting to RS256 when not preferred algorithm is specified.
- Marking the OIDC endpoints as non-guaranteed in to allow for minor adjustments if/when additional SSO techniques are introduced.
This closes#2047.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
The JIRA issue asks for treating both node and its label as one unit.
Described cursor issues seems to be fixed already.
However, there is an annoying dead space between a node and label
preventing displaying context menu, etc. Due to SVG group's nature
there has been added an opaque joint to remove the dead space.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2059.
Added changes based on code review. Changed:
* Put record reader instantiation inside of try-with.
* Put a batch size for the insert List.
* Ensured that session.transfer() to the success relationship will always happen.
Removed an unused import to fix the style check.
This closes#1945.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Moved key provider interface and implementations from nifi-data-provenance-utils module to nifi-security-utils module.
- Refactored duplicate byte[] concatenation methods from utility classes and removed deprecation warnings from CipherUtility.
- Created KeyProviderFactory to encapsulate key provider instantiation logic.
- Added logic to handle legacy package configuration values for key providers.
- Added unit tests.
- Added resource files for un/limited strength cryptography scenarios.
- Added ASL to test resources.
- Moved legacy FQCN handling logic to CryptUtils.
- Added unit tests to ensure application startup logic handles legacy FQCNs.
- Moved master key extraction/provision out of FBKP.
- Removed nifi-security-utils dependency on nifi-properties-loader module.
- Added unit tests.
NIFI-4082 - Added EL on DB, URI and Collection
NIFI-4082 - Added UT for EL evaluation (URI, DB, Collection) and fixed ex. message for document validator.
This closes#1969
* Added double-click shortcut opening config/details dialog to processors,
connections, ports and labels.
* Created a base for further default action selection, disabling, etc.
* Omitted default action configuration UI - that might be a separate JIRA ticket.
NiFi can now parse an Avro schema of a record that references an already defined record, including itself.
Signed-off-by: James Wing <jvwing@gmail.com>
This closes#2034.
NIFI-4032: - Generating the appropriate fingerprint for the ManagedRangerAuthorizer based on whether the UserGroupProvider is configurable. - Adding unit tests.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>
This closes#2019
- Expose processors' counters in Stats History
- Only include counters in Processors' Status History if user has read access to corresponding Processor
- Addressed review feedback. Found and addressed bug where a counter is not present in all of the aggregate snaphot values for status history, resulting in the UI not rendering the chart properly
- This closes#1872
I needed to put some attributes on REMOTE_GROUP and REMOTE_OWNER, in order to achieve it i put expressionLanguageSupported(true) on the PropertyDescriptor of REMOTE_GROUP and REMOTE_OWNER
This closes#2007.
Signed-off-by: Davide <davidde85@hotmail.it>
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
Before this fix, it is possible that TailFile to produce duplicated data
if an already tailed file has newer timestamp and fewer or the same
amout of data.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2021.
- Capture Exception to prevent failed evaluations from yielding processor
- Further capture evaluation exceptions as per PR feedback
- Adjust jUnit to new exception behavior
- This closes#1644
Fix unit test for Date and Time type time zone problem
Enhance Time type to record milliseconds
This closes#1983.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
- Changed boolean value conversion to use Boolean.valueOf.
- Updated comments in source code to reflect current situation more clearly.
- Updated tests those have been added since the original commits were made.
NIFI-4060: Addressed threading issue with RecordBin being updated after it is completed; fixed issue that caused mime.type attribute not to be written properly if all incoming flowfiles already have a different value for that attribute
NIFI-4060: Bug fixes; improved documentation; added a lot of debug information; updated StandardProcessSession to produce more accurate logs in case of a session being committed/rolled back with open input/output streams
Signed-off-by: Matt Burgess <mattyb149@apache.org>
This closes#1958
- Introducing composite ConfigurableUserGroupProvider and UserGroupProvider.
- Adding appropriate unit tests.
- Updating object model to support per resource (user/group/policy) configuration.
- Updating UI to support per resource (user/group/policy) configuration.
- Adding necessary documentation.
- Updating documentation to clarify integrity checks.
- Providing an example of configuring a composite implementation.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#1978.
Fixed threads shutdown so that NiFi can shutdown gracefully
NIFI-4111 - Review - Handling SocketRemoteSiteListener (RAW S2S)
This closes#1963.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
NIFI-1763: Fixed bug where the Confluent Schema Registry Schema Access Writer was not being created
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>
This closes#1938
Add logic in Consumer adding support for all topic consumer combinations, non-durable, durable, shared, durable-shared.
Add new optional config option to supply subscription name.
Add new optional config option to supply clientId.
This closes#1863.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
- Addressing issues causing the eventId to not be relayed when submitting a lineage request under certain conditions.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#1903.
Some headers can cause problems with message parsing, specifically the 'Content-Type' header.
If an email contains attachments, ConsumeEWS may generate emails where the attachments cannot be extracted.
This closes#1867.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
Mark Payne
Matt Gilman
Pierre Villard
yuri1969
Andy LoPresto
Matt Burgess
Mike Thomsen
Bryan Bende
zhengsg
Wil Selwood
Yolanda M. Davis
Wesley-Lawrence
James Wing
mans2singh
Leah Anderson
m-hogue
Davide
Andre F de Miranda
Koji Kawamura
joewitt
deonhuang
patricker
Toivo Adams
Joe Skora
Jeff Storck
Tony Kurc
kwydler
Sreeram Garlapati
Michael Andre Pearce
Scott Aslan
Steve Champagne