- Upgraded Spring Framework from 5.3.31 to 6.0.15
- Upgraded Spring Security from 5.8.7 to 6.2.0
- Upgraded Spring Vault from 2.3.4 to 3.1.0
- Upgraded Jetty from 10.0.18 to 12.0.5 with EE 10
- Upgraded Jersey from 2.41 to 3.1.4
- Upgraded JAXB from 2.3.9 to 4.0.4
- Upgraded AspectJ from 1.9.20.1 to 1.9.21
- Upgraded JMS API from 2.0.1 to 3.1.0
- Upgraded ActiveMQ Broker from 5.18.2 to 6.0.1 for JMS 3
- Upgraded JJWT from 0.9.1 to 0.12.3
- Replaced jackson-module-jaxb-annotations with jackson-module-jakarta-xmlbind-annotations
- Replaced maven-jaxb2-plugin with hisrc-higherjaxb40-maven-plugin 2.1.1
- Replaced kongchen swagger-maven-plugin with swagger-codegen-maven-plugin from Swagger 3
- Replaced com.nickwongdev AspectJ Plugin with Codehaus 1.14.0 for newer Java versions
- Removed unused cglib-nodep
- Removed references to javax.validation
- Removed custom Jetty ALPN Processor not required for Java 21
- Removed several tests depending on older Jetty and Jakarta libraries
- Removed unnecessary webdefault.xml configurations
- Replaced unsupported cross-context servlet forwarding with HTTP forwarding
- Replaced javax.servlet references with jakarta.servlet
- Replaced javax.xml.bind references with jakarta.xml.bind
- Replaced javax.ws references with jakarata.ws
- Updated Spring Security CSRF implementation for Spring Security 6
- Updated web.xml versions to 6.0
- Updated REST API templates using new swagger-codegen variables
- Removed VALIDATE_DATA property from ParseCEF based on library compatibility issue with javax.validation
- Added application URL logging to NiFi JettyServer
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#8197.
* NIFI-11481:
- Initial project creation.
* NIFI-11481:
- Install material.
- Rename project from nifi-web-frontend to nifi.
* NIFI-11481:
- Install roboto through package.json.
* NIFI-11481:
- Add Tailwind.
* NIFI-11481:
- Basic layout.
* NIFI-11481:
- Introducing ngrx for storing flow.
* NIFI-11481:
- Introducing d3.
- Adding svg.
- Adding defs.
- Funnel Manager.
* NIFI-11481:
- Introducing d3.
- Adding svg.
- Adding defs.
- Funnel Manager.
- Adding draggable.
- Adding editable.
- Adding selectable.
- Adding flowfont.
- Adding Canvas View.
- Adding Transform in Store.
- Adding selected in Store.
- Adding transition in Store.
- Funnel Manager directly subscribes to store.
* NIFI-11481:
- Adding backend calls.
- Refactoring update positions to be for a single component.
* NIFI-11481:
- Process Group Manager.
- Adding font-awesome.
- Updating canvas/graph component visibility.
- Adding prettier/eslint.
* NIFI-11481:
- Adding support to enter a process group.
* NIFI-11481:
- Formatting source.
* NIFI-11481:
- Label Manager.
- Added generic update component.
* NIFI-11481:
- Processor Manager.
* NIFI-11481:
- Port Manager.
* NIFI-11481:
- Remote Process Group Manager.
* NIFI-11481:
- Adding draggable icons to the toolbar.
* NIFI-11481:
- Formatting.
* NIFI-11481:
- Draggable Toolbar.
- Create Label, Funnel.
* NIFI-11481:
- Connection Manager.
- Connectable Behavior.
* NIFI-11481:
- Draggable behavior with back end call for both components and connections.
* NIFI-11481:
- Selection box.
* NIFI-11481:
- Port creation.
- Port configuration.
- Quick Select.
* NIFI-11481:
- Canvas Tooltips.
* NIFI-11481:
- Context menu.
* NIFI-11481:
- Router State.
- Reorganization.
- Deep linking.
* NIFI-11481:
- Adding support for Delete.
* NIFI-11481:
- Flow status bar.
* NIFI-11481:
- Adding Current User State.
- Current user polling.
- Fixing Flow Status layout bug.
* NIFI-11481:
- Process Group Polling.
* NIFI-11481:
- Process Group Breadcrumbs.
* NIFI-11481:
- Global Menu.
* NIFI-11481:
- Search.
* NIFI-11481:
- Add support for centering components on the canvas.
* NIFI-11481:
- Add support for persisting and restoring the users view of the current PG.
* NIFI-11481:
- Fixing centering behavior.
- Fixing user view restoration.
- Bulk selection auto fit.
* NIFI-11481:
- Incorporating the new UI into the NiFi build with a build profile that is not active by default.
- The new UI is deployed to a different context path than the current UI and works side by side.
* NIFI-11481:
- Center component from context menu.
- Enter process group from context menu.
* NIFI-11481:
- Adding support to log in.
- LoginFilter, LogoutFilter.
- Moved the handling of 'include-new-ui' profile to make building with and within more straight forward.
- Splash screen while guard executing.
- Http request interceptor to show loading on the canvas.
- Http request interceptor to handle 401 responses.
* NIFI-11481:
- Extension Creation Component.
- Filter, Usage Restrictions, and selected type.
* NIFI-11481:
- Stopping polling when unable to connect to server.
* NIFI-11481:
- Settings - General.
* NIFI-11481:
- Settings - Management Controller Services.
* NIFI-11481:
- NiFi Tooltip directive.
- Usage Restriction Tip.
- Comments Tip.
- Validation Errors Tip.
- Bulletins Tip.
* NIFI-11481:
- Settings - Reporting Tasks.
* NIFI-11481:
- Avoiding unnecessary web requests in route guards.
* NIFI-11481:
- Edit Controller Service Dialog.
- View Property Table.
- Update component density.
* NIFI-11481:
- Supports Controller Service API tooltip and dialog content.
* NIFI-11481:
- Property table - NF Editor.
- Property table - Combo Editor.
* NIFI-11481:
- Making property table a control value accessor.
- Wiring up saving Controller Services from Edit Dialog.
- Handling Delete Property.
- Handling New Property.
- Updating how form submission is triggered throughout to address issue with incidental form submit events.
* NIFI-11481:
- Moving Settings into pages.
* NIFI-11481:
- Moving Canvas into pages.
* NIFI-11481:
- Moving Login into pages.
* NIFI-11481:
- Adding routing to the Controller Service listing and Reporting Task listing.
- Updating Canvas routing to follow similar pattern.
* NIFI-11481:
- Controller Service references.
* NIFI-11481:
- Create inline Controller Service.
- Edit Controller Service route.
- Go To Controller Service from Property Table.
- Switching to Event Emitter in New Property dialog.
* NIFI-11481:
- Saving spinner - Create Processor, Create Port, and Edit Port.
* NIFI-11481:
- Saving spinner - Create Controller Service, Edit Controller Service, and Create Reporting Task.
* NIFI-11481:
- Parameter Context Listing.
- Add new Parameter Context.
- Edit Parameter Context.
* NIFI-11481:
- New Paramter.
- Edit Parameter.
- Parameter table.
* NIFI-11481:
- Parameter references.
- Parameter Context update steps.
- Bound Process Group references.
* NIFI-11481:
- Parameter Context Inheritance.
* NIFI-11481:
- Processor configuration.
- Ensuring new Property names are unique.
- Trapping focus in nf and combo editors.
- Reloading component connections after updating a Processor.
* NIFI-11481:
- Navigation Control.
- Birdseye.
- Operation Control.
* NIFI-11481:
- Create Process Group.
- Upload Process Group.
* NIFI-11481:
- Implementing current Process Group context in operation palette.
* NIFI-11481:
- Connection creation.
* NIFI-11481:
- Connection configuration.
* NIFI-11481:
- Standardizing selection option model.
- Connection load balancing tooltip.
- Clean up.
* NIFI-11481:
- Move components in to/out of groups.
- Group components.
* NIFI-11481:
- Render connections for component action.
* NIFI-11481:
- CodeMirror for Parameter and EL configuration.
* NIFI-11481:
- Resizable.
- Moving tooltip directive.
* NIFI-11481:
- Ensuring all specs are bootstrapped and create successfully.
* NIFI-11481:
- Updating some interface names to avoid conflicting with various components in an attempt to better establish a naming convention.
* NIFI-11481:
- Show Source/Destination.
- Defaulting current Parameter Context in Create PG and Group dialogs.
- Handling disabled state in a few ControlValueAccessors.
- Ensuring Parameter Contest uri is set.
- Unit tests.
* NIFI-11481:
- Fixing checkstyle issue.
* NIFI-11481:
- LICENSE/NOTICE.
* NIFI-11481:
- RAT Plugin config.
* NIFI-12401:
- Addressing review feedback.
* NIFI-11481:
- Ensuring the option is disabled when there is no description.
* NIFI-11481:
- Only including parameters in the payload when they have been modified.
- Showing appropriate message after applying based on whether parameters were included or not.
* NIFI-11481:
- Fixing parameter deletion.
- Enforcing parameter name uniqueness.
- Preventing changing parameter sensitive.
* NIFI-11481:
- Only loading the service link once when considering updated property value.
- Ensuring existing parameter are set in all instances of opening the new Property dialog.
* NIFI-11481:
- Fixing tests that regressed.
* NIFI-11481:
- Adding default karma config which was needed in order to debug tests in IDE.
* NIFI-11481:
- Updating karma config to not watch for now. Can introduce new options for running in various contexts in the future.
This closes#8053
- Moved Java tests from groovy directory to java directory and removed groovy directory from nifi-web-utils
This closes#7333
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Replaced Groovy asserts with JUnit 5 assertions and Groovy shouldFail method Junit 5 with assertThrow method
This closes#6880
Signed-off-by: David Handermann <exceptionfactory@apache.org>
- Updated impacted classes to remove redundant import lines
- Removed WebUtilsGroovyTest.groovy class due to use of internal sun.security classes
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#6804.
- Removed extension of deprecated WebSecurityConfigurerAdapter
- Moved Filter bean configuration associated configuration classes
- Set default Spring Security log level to INFO
- Adjusted CSRF Token Repository to leverage simplified RequestUriBuilder for retrieving allowed context paths
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6195
- Updated SAML Authentication Configuration with Spring Security SAML 2 components
- Updated Administration Guide with REST Resources
- Replaced SAMLAccessResource methods with applicable Spring Security Filters
- Removed IDP Credential Service and supporting components
- Removed message.logging.enabled, metadata.signing.enabled, and signature.digest.algorithm properties
- Added Access Token Expiration resource method
- Removed Saml2AccessResource and replaced with Access Token Expiration to avoid unnecessary conflicts with SAML login consumer
- Corrected Resource URI handling to support proxy server access
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#6149.
- Refactored nifi-bootstrap using JUnit 5
- Refactored nifi-maven-archetypes using JUnit 5
- Refactored nifi-stateless using JUnit 5
This closes#5912
Signed-off-by: Mike Thomsen <mthomsen@apache.org>
- Replaced use of Authorization header with custom Request-Token header for CSRF mitigation
- Added Request-Token cookie for CSRF mitigation
- Replaced session storage of JWT with expiration in seconds
- Removed and disabled CORS configuration
- Disabled HTTP OPTIONS method
- Refactored HTTP Proxy URI construction using RequestUriBuilder
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5417.
- Implemented ApplicationCookieService for adding and retrieving HTTP Cookies
- Added getCookieResourceUri() leveraging allowed proxy headers to support optional Cookie Paths
- Refactored Access Resources to use ApplicationCookieService for processing
- Changed __Host- prefix to __Secure- prefix for Bearer Token cookie to support Cookie Path processing
- Removed unnecessary jetty-http dependency from nifi-web-api
- Corrected NiFi path references in JavaScript to support prefixed paths
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#5329.
NIFI-8386: Addressed review feedback: removed unused call to determine permissions, null out bulletins in standalone mode if permissions not allowed. Also fixed automated tests that were failing due to changes
This closes#4955
- Added createTrustManager() on SSLContextService
- Removed nifi-security-utils and okhttp dependencies from nifi-web-utils
Signed-off-by: Nathan Gough <thenatog@gmail.com>
This closes#4869.
NIFI-8171 Increased response and idle timeouts for HTTP unit tests
NIFI-8171 Increased TestServer idle timeout to 45 seconds for HTTP unit tests
NIFI-8171 Adjusted timeout and sleep on TestPutTCPCommon.testPruneSenders
NIFI-8171 Increased TestServer idle timeout to 60 seconds and removed 500ms Thread.sleep() in TestInvokeHttpSSL
NIFI-8171 Optimized OkHttpClientUtils to avoid reading trust store twice during initialization
NIFI-8171 Added static variable for server startup sleep
NIFI-8171 Increased TestInvokeHTTP Connect Timeout and TestListenHTTP Response Timeout to 30 seconds
NIFI-8171 Refactored unit tests for InvokeHTTP and ListenHTTP to optimize SSLContext creation
NIFI-8171 Updated TestListenHTTP for static creation of SSLContext
NIFI-8171 Added started check for ListenHTTP Server in TestListenHTTP
NIFI-8171 Refactored TestPutTCP classes to optimize SSLContext creation
NIFI-8171 Increased TestListenHTTP timeout for server start to 120 seconds and added exception when not connected
NIFI-8171 Increased Connect and Read Timeouts for InvokeHTTP SSL unit tests
Signed-off-by: Joe Witt <joewitt@apache.org>
Changed JettyServer default SSL initialization and updated unit test.
Removed SecurityStoreTypes (unused).
Added StringUtils inverted blank and empty checks.
Added TlsConfiguration container object.
Enhanced KeystoreType enum.
Added clean #createSSLContext() method to serve as base method for special cases/other method signatures.
Added utility methods in KeyStoreUtils.
Added generic TlsException for callers that cannot resolve TLS-specific exceptions.
Added utility methods for component object debugging.
Enforced TLS protocol version on cluster comms socket creation.
Added utility method for SSL server socket creation.
Refactored (Server)SocketConfigurationFactoryBean to store relevant NiFiProperties in TlsConfiguration instead of stateful SSLContextFactory (Cluster comms now enforce modern TLS protocol version).
Removed duplicate SSLContextFactory.
Switched duplicate SslContextFactory to wrap shared SSLContextFactory.
Refactored SslContextFactoryTest for clarity (will move any unique tests to nifi-security-utils class test).
Added further validation & boundary checking in uses of TlsConfiguration.
Provided SSLSocketFactory accessor in SslContextFactory.
Refactored OkHttpReplicationClient tuple method.
Refactored OcspCertificateValidator TLS logic.
Added utility method to apply TLS configs to OkHttpClientBuilder.
Removed references to duplicate SslContextFactory.
Removed unnecessary SslContextFactory.
Moved OkHttpClientUtils to nifi-web-util module.
Updated module dependencies.
Removed now empty nifi-security module.
Enforced TLS protocol selection on LB server socket.
Enforced TLS protocol selection on S2S server socket.
Applied specified TLS protocol versions to S2S socket creation.
Completed removal of legacy SSLContext creation methods from only remaining SslContextFactory.
Replaced references to creation methods throughout codebase.
Replaced references to unnecessary NiFiProperties file reads throughout tests.
Removed duplicate ClientAuth enum from SSLContextService and changed all references to SslContextFactory.ClientAuth.
Suppressed repeated TLS exceptions in cluster, S2S, and load balance socket listeners.
Cleaned up legacy code.
Added external timing check to timing test assertion.
Made RestrictedSSLContextService TLS protocol versions allowable values explicit.
Enabled TLSv1.3 on Java 11.
Added explanations of TLS protocol versions in StandardSSLContextService and StandardRestrictedSSLContextService.
Resolved additional Java 11 test failures for NiFi internal classes that don't support TLSv1.3. Filed NIFI-7468 as follow on task.
This closes#4263.
Signed-off-by: Nathan Gough <thenatog@gmail.com>
Signed-off-by: Mark Payne <markap14@hotmail.com>
- Fixed proxy header support to use X-Forwarded-Host instead of X-ForwardedServer
- Added support for the context path header used by Traefik when proxying a service (X-Forwarded-Prefix)
- Added tests to ApplicationResourceTest for X-Forwarded-Context and X-Forwarded-Prefix
- Updated administration doc to include X-Forwarded-Prefix
- Added NIFI_WEB_PROXY_CONTEXT_PATH env var to dockerhub and dockermaven start.sh scripts
- Added documentation for NIFI_WEB_PROXY_CONTEXT_PATH to dockerhub README.md
- Updated ApplicationResource to handle a port specified in X-ProxyPort and X-Forwarded-Port headers
This closes#3129.
Signed-off-by: Kevin Doran <kdoran@apache.org>
Removed NiFiHostnameVerifier. Removed NiFi WebUtils usage of NiFiHostnameVerifier.
Added unit tests for the DefaultHostnameVerifier to WebUtils.java
Added groovy-eclipse-compiler definition to nifi-web-utils/pom.xml to execute Groovy unit tests.
This closes#2919.
Co-authored-by: Andy LoPresto <alopresto@apache.org>
Signed-off-by: Andy LoPresto <alopresto@apache.org>
NIFI-5442 Populate request contextPath attribute during AccessResource before displaying on message-page.jsp.
Refactored shared code from CatchAllFilter to WebUtils.
NIFI-5442 Refactored filter and context path code to shared parent filter and subclass.
NIFI-5442 Removed unnecessary initParams from nifi-web-ui web.xml.
NIFI-5442 Added explicit dispatchers to nifi-web-ui web.xml and removed unnecessary code from AccessResource.
This closes#2908
NIFI-950: Still seeing some slow response times when instantiating a large template in cluster mode so making some minor tweaks based on the results of CPU profiling
NIFI-5112: Refactored FlowSerializer so that it creates the desired intermediate data model that can be serialized, separate from serializing. This allows us to hold the FlowController's Read Lock only while creating the data model, not while actually serializing the data. Configured Jersey Client in ThreadPoolRequestReplicator not to look for features using the Service Loader for every request. Updated Template object to hold a DOM Node that represents the template contents instead of having to serialize the DTO, then parse the serialized form as a DOM object each time that it needs to be serialized.
NIFI-5112: Change ThreadPoolRequestReplicator to use OkHttp client instead of Jersey Client
NIFI-5111: Ensure that if a node is no longer cluster coordinator, that it clears any stale heartbeats.
NIFI-5110: Notify StandardProcessScheduler when a component is removed so that it will clean up any resource related to component lifecycle.
NIFI-950: Avoid gathering the Status objects for entire flow when we don't need them; removed unnecessary code
NIFI-950: Bug fixes
NIFI-950: Bug fix; added validation status to ProcessorDTO, ControllerServiceDTO, ReportingTaskDTO; updated DebugFlow to allow for pause time to be set in the customValidate method for testing functionality
NIFI-950: Addressing test failures
NIFI-950: Bug fixes
NIFI-950: Addressing review feedback
NIFI-950: Fixed validation logic in mock framework
This closes#2693
- Upgrading to Jersey 2.x.
- Updating NOTICE files where necessary.
- Fixing checkstyle issues.
This closes#2206.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Updating UI according to permissions through out the application.
- Shuffling provenance events, template, and cluster search REST APIs according to resources being authorized.
- Moving template upload controls.
- Removing username where appropriate.
- Addressing issues when authorizing flow configuration actions.
- Code clean up.
exceptionfactory
Matt Gilman
dan-s1
Mike Thomsen
Bryan Bende
Mark Payne
exceptionfactory
Andy LoPresto
Jeff Storck
thenatog
Andre F de Miranda
joewitt