- Adding support for KnoxSSO.
- Updated the docs for nifi.security.user.knox.audiences.
- The KnoxSSO cookie is removed prior to request replication.
This closes#2177
Forced HandleHTTPRequest to use RestrictedSSLContextService and removed extraneous SSL algorithm checks
Throw RuntimeException if the chosen SSL protocol isn't supported by HandleHttpRequest
This closes#1985.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
Added external compatibility regression test for StringEncryptor to ensure continued functionality during removal of Jasypt.
Documents custom salt lengths and iteration counts for each encryption method.
Added (ignored) failing tests for keyed encryption (Jasypt does not support keyed encryption).
Changed StringEncryptor to non-final class and added protected default constructor.
Added failing test for initialization status.
Added utility methods in CipherUtility.
Moved PBE cipher providers (and tests) from nifi-standard-processors to nifi-security-utils module.
Implemented PBE and keyed encryption/decryption logic.
Moved Scrypt unit test back into scrypt package.
Resolved test failures in limited strength cryptographic environment.
Implemented keyed encryption/decryption and enabled unit tests.
Removed Jasypt dependency from production scope (kept in test scope for backward compatibility tests).
Signed-off-by: joewitt <joewitt@apache.org>
The unit test for DATE type used GMT timezone, that causes an assertion error in timezones such as EST (-5).
We need to use local timezone instead of GMT, as Derby and PutSQL uses local timezone.
The unit test failed before as follows:
- Unit test code, passed: '2002-02-02 GMT'
- PutSQL code convertedi it to local: '2002-02-01 EST', and stored as '2002-02-01' in Derby database without timezone info
- Unit test code SELECT the inserted value, passed a GMT calender, then got epoch timestamp, which was '2002-01-31'
Support negative long value for timezones ahead of UTC.
- For timezones such as '+0800', it's possible that a local time e.g. '02:03:04' can be a negative epoch value. This commit changes LONG_PATTERN so that it can accept nevative values.
- Changed time values in unit tests to verify negative epoch values, and avoid using the same digits among different time unit for better readability.
This closes#2082
- Added XmlUtils class.
- Added unit test.
- Added XXE test resource.
- Refactored JAXB unmarshalling globally to prevent XXE attacks.
- Refactored duplicated/legacy code.
- Cleaned up commented code.
- Switched from FileInputStream back to StreamSource in AuthorizerFactoryBean.
- This closes#2134
- Unmatched fields were ignored, but the number of prepared statement
place holders were not correct.
- Added unit test code for generateUpdate.
- Added unit test code with "Ignore Unmatched Columns".
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2165.
This uses parseHeader() instead of getFrom() and getRecipients() in order to avoid strict addressing.
It also checks for null to solve a null pointer exception.
By contract, this processor should grab information "if available". Which means it should not fail if the info is unavailable.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2111.
NIFI-4377: Updated RecordPath Guide to include the new fieldName() function and improved unit test for the function
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2147.
...connection dialog if no relationships selected
Disabled confirmation button for both Create and Configure Connection
dialogs when no relationship was selected.
Signed-off-by: Scott Aslan <scottyaslan@gmail.com>
This closes#2152
- Removed FlowFile from RecordReaderFactory, RecordSetWriterFactory and SchemaAccessStrategy.
- Renamed variable 'allowableValue' to 'strategy' to represent its meaning better.
- Removed creation of temporal FlowFile to resolve Record Schema from ConsumerLease.
- Removed unnecessary 'InputStream content' argument from
RecordSetWriterFactory.getSchema method.
This closes#1877.
* Changed the tab title since sharing the name makes things
less clear for newcomers.
* Suggested info sentence is omitted.
This closes#2124.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
fix checkstyle issue, and added unit test showing data duplication issue, removed property
Signed-off-by: Matthew Burgess <mattyb149@apache.org>
This closes#2091
Jeff Storck
Koji Kawamura
Matt Gilman
m-hogue
Andy LoPresto
Arun Manivannan
Matthew Burgess
Bryan Bende
Mark Payne
Deon Huang
Mike Thomsen
Pierre Villard
cam
btwood
Sébastien Bouchex Bellomié
yuri1969
Gino Lisignoli
combine
Joe Percivall
Wesley-Lawrence
patricker