- Introducing support for OpenId Connect.
- Updating REST API and UI to support the authorization code flow.
- Adding/fixing documentation.
- Implementing time constant equality checks where appropriate.
- Corrected error handling during startup and throughout the OIDC login sequence.
- Redacting the token values from the user log.
- Defaulting to RS256 when not preferred algorithm is specified.
- Marking the OIDC endpoints as non-guaranteed in to allow for minor adjustments if/when additional SSO techniques are introduced.
This closes#2047.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
The JIRA issue asks for treating both node and its label as one unit.
Described cursor issues seems to be fixed already.
However, there is an annoying dead space between a node and label
preventing displaying context menu, etc. Due to SVG group's nature
there has been added an opaque joint to remove the dead space.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2059.
Added changes based on code review. Changed:
* Put record reader instantiation inside of try-with.
* Put a batch size for the insert List.
* Ensured that session.transfer() to the success relationship will always happen.
Removed an unused import to fix the style check.
This closes#1945.
Signed-off-by: Andy LoPresto <alopresto@apache.org>
- Moved key provider interface and implementations from nifi-data-provenance-utils module to nifi-security-utils module.
- Refactored duplicate byte[] concatenation methods from utility classes and removed deprecation warnings from CipherUtility.
- Created KeyProviderFactory to encapsulate key provider instantiation logic.
- Added logic to handle legacy package configuration values for key providers.
- Added unit tests.
- Added resource files for un/limited strength cryptography scenarios.
- Added ASL to test resources.
- Moved legacy FQCN handling logic to CryptUtils.
- Added unit tests to ensure application startup logic handles legacy FQCNs.
- Moved master key extraction/provision out of FBKP.
- Removed nifi-security-utils dependency on nifi-properties-loader module.
- Added unit tests.
NIFI-4082 - Added EL on DB, URI and Collection
NIFI-4082 - Added UT for EL evaluation (URI, DB, Collection) and fixed ex. message for document validator.
This closes#1969
* Added double-click shortcut opening config/details dialog to processors,
connections, ports and labels.
* Created a base for further default action selection, disabling, etc.
* Omitted default action configuration UI - that might be a separate JIRA ticket.
NiFi can now parse an Avro schema of a record that references an already defined record, including itself.
Signed-off-by: James Wing <jvwing@gmail.com>
This closes#2034.
NIFI-4032: - Generating the appropriate fingerprint for the ManagedRangerAuthorizer based on whether the UserGroupProvider is configurable. - Adding unit tests.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>
This closes#2019
Class org.apache.nifi.bootstrap.RunNiFi is not designed with extensibility
in mind: changes to allow RunNiFi to be subclassed in a test harness
Signed-off-by: James Wing <jvwing@gmail.com>
This closes#1972.
- Expose processors' counters in Stats History
- Only include counters in Processors' Status History if user has read access to corresponding Processor
- Addressed review feedback. Found and addressed bug where a counter is not present in all of the aggregate snaphot values for status history, resulting in the UI not rendering the chart properly
- This closes#1872
I needed to put some attributes on REMOTE_GROUP and REMOTE_OWNER, in order to achieve it i put expressionLanguageSupported(true) on the PropertyDescriptor of REMOTE_GROUP and REMOTE_OWNER
This closes#2007.
Signed-off-by: Davide <davidde85@hotmail.it>
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
Before this fix, it is possible that TailFile to produce duplicated data
if an already tailed file has newer timestamp and fewer or the same
amout of data.
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#2021.
- Capture Exception to prevent failed evaluations from yielding processor
- Further capture evaluation exceptions as per PR feedback
- Adjust jUnit to new exception behavior
- This closes#1644
Fix unit test for Date and Time type time zone problem
Enhance Time type to record milliseconds
This closes#1983.
Signed-off-by: Koji Kawamura <ijokarumawak@apache.org>
* Merging unnecessary layers
* MAINTAINER is deprecated
* Using JRE as base since JDK is not necessary
* Set GID=1000 since openjdk image already defines 50
* Add ability to specify Apache mirror site to reduce load on Apache Archive
* Created templates directory since this is not included in the binary
This closes#1910.
Signed-off-by: Aldrin Piri <aldrin@apache.org>