Commit Graph

192 Commits

Author SHA1 Message Date
Matt Gilman aaf14c45c9 NIFI-655:
- Refactoring web security to use Spring Security Java Configuration.
- Introducing security in Web UI in order to get JWT.

NIFI-655:
- Setting up the resources (js/css) for the login page.

NIFI-655:
- Adding support for configuring anonymous roles.
- Addressing checkstyle violations.

NIFI-655:
- Moving to token api to web-api.
- Creating an LoginProvider API for user/pass based authentication.
- Creating a module for funneling access to the authorized useres.

NIFI-655:
- Moving away from usage of DN to identity throughout the application (from the user db to the authorization provider).
- Updating the authorized users schema to support login users.
- Creating an extension point for authentication of users based on username/password.

NIFI-655:
- Creating an endpoint for returning the identity of the current user.
- Updating the LoginAuthenticationFilter.

NIFI-655:
- Moving NiFi registration to the login page.
- Running the authentication filters in a different order to ensure we can disambiguate each case.
- Starting to layout each case... Forbidden, Login, Create User, Create NiFi Account.

NIFI-655:
- Addressing checkstyle issues.

NIFI-655:
- Making nf-storage available in the login page.
- Requiring use of local storage.
- Ignoring security for GET requests when obtaining the login configuration.

NIFI-655:
- Adding a new endpoint to obtain the status of a user registration.
- Updated the login page loading to ensure all possible states work.

NIFI-655:
- Ensuring we know the necessary state before we attempt to render the login page.
- Building the proxy chain in the JWT authentication filter.
- Only rendering the login when appropriate.

NIFI-655:
- Starting to style the login page.
- Added simple 'login' support by identifying username/password. Issuing JWT token coming...
- Added logout support
- Rendering the username when appropriate.

NIFI-655:
- Extracting certificate validation into a utility class.
- Fixing checkstyle issues.
- Cleaning up the web security context.
- Removing proxy chain checking where possible.

NIFI-655:
- Starting to add support for registration.
- Creating registration form.

NIFI-655:
- Starting to implement the JWT service.
- Parsing JWT on client side in order to render who the user currently is when logged in.

NIFI-655:
- Allowing the user to link back to the log in page from the new account page.
- Renaming DN to identity where possible.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding more/better support for logging out.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding a few new exceptions for the login identity provider.

NIFI-655:
- Disabling log in by default initially.
- Restoring authorization service unit test.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Updating packages for log in filters.
- Handling new registration exceptions.
- Code clean up.

NIFI-655:
- Removing registration support.
- Removing file based implementation.

NIFI-655:
- Removing file based implementation.

NIFI-655:
- Removing unused spring configuration files.

NIFI-655:
- Making the auto wiring more explicit.

NIFI-655:
- Removing unused dependencies.

NIFI-655:
- Removing unused filter.

NIFI-655:
- Updating the login API authenticate method to use a richer set of exceptions.
- UI code clean.

NIFI-655:
- Ensuring the login identity provider is able to switch context classloaders via the standard NAR mechanisms.

NIFI-655:
- Initial commit of the LDAP based identity providers.
- Fixed issue when attempting to log into a NiFi that does not support new account requests.

NIFI-655:
- Allowing the ldap provider to specify if client authentication is required/desired.

NIFI-655:
- Persisting keys to sign user tokens.
- Allowing the identity provider to specify the token expiration.
- Code clean up.

NIFI-655:
- Ensuring identities are unique in the key table.

NIFI-655:
- Adding support for specifying the user search base and user search filter in the active directory provider.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding automatic client side token renewal.

NIFI-655:
- Ensuring the logout link is rendered when appropriate.

NIFI-655:
- Adding configuration options for referrals and connect/read timeouts

NIFI-655:
- Added an endpoint for access details including configuration, creating tokens, and checking status.
- Updated DTOs and client side to utilize new endpoints.

NIFI-655:
- Refactoring certificate extraction and validation.
- Refactoring how expiration is specified in the login identity providers.
- Adding unit tests for the access endpoints.
- Code clean up.

NIFI-655:
- Keeping token expiration between 1 minute and 12 hours.

NIFI-655:
- Using the user identity provided by the login identity provider.

NIFI-655: - Fixed typo in error message for unrecognized authentication strategy.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added logback-test.xml configuration resource for nifi-web-security.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added issuer field to LoginAuthenticationToken. - Updated AccessResource to pass identity provider class name when creating LoginAuthenticationTokens. - Began refactoring JWT logic from request parsing logic in JwtService. - Added unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Changed issuer field to use FQ class name because some classes return an empty string for getSimpleName(). - Finished refactoring JWT logic from request parsing logic in JwtService. - Updated AccessResource and JwtAuthenticationFilter to call new JwtService methods decoupled from request header parsing. - Added extensive unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Refactoring key service to expose the key id.
- Handling client side expiration better.
- Removing specialized active directory provider and abstract ldap provider.

NIFI-655. - Updated JwtService and JwtServiceTest to use Key POJO instead of raw String key from KeyService.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Fixing typo when loading the ldap connect timeout.
- Providing a better experience for session expiration.
- Using ellipsis for lengthly user name.
- Adding an issuer to the authentication response so the LIP can specify the appropriate value.

NIFI-655:
- Showing a logging in notification during the log in process.

NIFI-655:
- Removing unnecessary class.

NIFI-655:
- Fixing checkstyle issues.
- Showing the progress spinner while submitting account justification.

NIFI-655:
- Removing deprecated authentication strategy.
- Renaming TLS to START_TLS.
- Allowing the protocol to be configured.

NIFI-655:
- Fixing issue detecting the presence of DN column

NIFI-655:
- Pre-populating the login-identity-providers.xml file with necessary properties and documentation.
- Renaming the Authentication Duration property name.

NIFI-655:
- Updating documentation for the failure response codes.

NIFI-655:
- Ensuring the user identity is not too long.

NIFI-655:
- Updating default authentication expiration to 12 hours.

NIFI-655:
- Remaining on the login form when there is any unsuccessful login attempt.
- Fixing checkstyle issues.
2015-11-23 14:50:13 -05:00
Joseph Percivall 8c2323dc8d NIFI-1086 Provide refactoring of InvokeHTTP
NIFI-980 Add support for HTTP Digest authentication to InvokeHttp
NIFI-1080 Provide additional InvokeHttp unit tests
NIFI-1133 InvokeHTTP Processor does not save Location header for 3xx responses
NIFI-1009 InvokeHTTP should be able to be scheduled without any incoming connection for GET operations
NIFI-61 Multiple improvements for InvokeHTTP inclusive of providing unique tx.id across clusters, dynamic HTTP header properties

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-11-19 01:40:21 -05:00
Jeremy Dyer c82fc18f8e HTML Parsing Processors Bundle
NIFI-1156 HTML Parsing Processors Bundle
2015-11-13 15:01:10 -05:00
Mark Payne 56ad22aea6 NIFI-900: Created Processors for interacting with Microsoft Azure EventHubs
Reviewed (with amendments needed for clean merge, whitespace and NOTICEs) by Tony Kurc (tkurc@apache.org)
2015-11-11 23:06:04 -05:00
Mark Payne 72008035b1 Merge branch 'NIFI-1000' 2015-11-10 15:02:02 -05:00
Mark Payne 8f942fcdcc NIFI-1000: Fixed checkstyle violation in TestGetJSMQueue use activemq-broker with test scope and activemq-client with default scope rather than pulling in activemq-all; this reduces size of standard nar from 30 MB to 18 MB 2015-11-10 14:31:20 -05:00
Bryan Bende e748fd5848 NIFI-817 Processors for interacting with HBase
- Refactoring PutHBaseCell to batch Puts by table
- Adding optional Columns property to GetHBase to return only selected column families or columns
- Making GetHBase cluster friendly by storing state in the distributed cache and a local file
- Adding Initial Time Range property to GetHBase
- Adding Filter Expression property and custom validate to prevent using columns and a filter at the same time
- Creating an HBaseClientService controller service to isolate the HBase client and support multiple versions
- Creating appropriate LICENSE/NOTICE files
- Adding @InputRequirement to processors
- Addressing comments from review, moving hbase client services under standard services
- Making sure result of session.penalize() is assinged to FlowFile variable before transferring
2015-11-10 11:13:51 -05:00
Oleg Zhurakousky ef0be5a5d6 NIFI-1000 Fixed JmsFactory to properly obtain destiniation name
Re-enabled JMS Tests that were annotated with @Ignore
2015-11-09 18:35:31 -05:00
Jean-Baptiste Onofré de498df4c9 NIFI-925 - Upgrade to hadoop 2.6.2. This closes #83.
Signed-off-by: joewitt <joewitt@apache.org>
2015-11-08 22:10:30 -05:00
Venkatesh Sellappa 77de51df19 NIFI-1025 Updated aws-sdk and joda-time to resolve AWS issues with Java 1.8 update 60.
- Refactored tests - created AbstractS3Test for common utility methods
 - Corrected incorrect unit test in TestDeleteS3Object, and adjusted processor documentation to reflect behavior
 - moved aws dependency management to root pom

This closes #107

Tested, Reviewed and Amended by Tony Kurc (<tkurc@apache.org>)
2015-11-07 21:09:18 -05:00
joewitt 99629646fe NIFI-1122 moved to 0.4.0-SNAPSHOT 2015-11-06 23:41:15 -05:00
Jean-Baptiste Onofré bd47f36c06 NIFI-922: Upgrade to ActiveMQ 5.12.0. closes #81.
Signed-off-by: joewitt <joewitt@apache.org>
2015-10-18 19:13:26 -04:00
ijokarumawak 2466a24530 nifi-992 Adding nifi-couchbase-bundle.
- new CouchbaseClusterControllerService
- new Processors
  - GetCouchbaseKey
  - PutCouchbaseKey

Signed-off-by: Bryan Bende <bbende@apache.org>
2015-09-28 11:21:42 -04:00
Matt Gilman ded74ec94c NIFI-876 prepare for next development iteration 2015-09-14 21:48:11 -04:00
Matt Gilman 2ec735e350 NIFI-876 prepare release nifi-0.3.0-RC1 2015-09-14 21:48:00 -04:00
Matt Gilman 291e65c6ef NIFI-947:
- Added a profile to disable doclint when running jdk 1.8.
2015-09-11 10:17:33 -04:00
Matt Gilman 6f8eb9f5e3 NIFI-876:
- Updating the version of the nifi-nar-maven-plugin.
- Updating the minimum version of maven.
2015-08-23 12:32:52 -04:00
Mark Payne a9c2bf58b8 NIFI-844: Initial import of the ConvertAvroToJSON processor 2015-08-21 17:11:56 -04:00
Mark Payne 28549c2b1e NIFI-853: Made updates to processors 2015-08-19 17:36:29 -04:00
Bryan Bende 1c34478eb8 NIFI-790 Create reporting task to deliver metrics to Apache Ambari
- Adding NOTICE for nifi-ambari-nar, and fixing formatting issues in nifi-ambari-reporting-task pom
- Addressing review feedback: updating assembly NOTICE, fixing unit test, and minor clean up
- Adding additionalDetails.html
2015-08-17 15:47:49 -04:00
joewitt aa99884782 NIFI-850 removed nifi parent, updated nifi pom, moved all nifi subdirs up one level, fixed readme. 2015-08-15 13:12:22 -04:00
joewitt 300952a984 Reworked overall directory structure to make releasing nifi vs maven plugis easier 2015-01-15 21:11:07 -05:00
Mark Payne 94a06fc5d5 NIFI-265: Fixed typos 2015-01-14 20:41:18 -05:00
joewitt 7ded9970a2 NIFI-242 additional rat exclusion for ide generated file already ignored by Git - wish Rat honored Git ignores 2015-01-10 22:49:57 -05:00
joewitt 7d85962e4d NIFI-242 RTC process deviation as this changeset is for must-have license headers. Apache RAT now integrated and working in build 2015-01-10 22:29:13 -05:00
joewitt ed8b2f6027 NIFI-242 added more stuff i learned from accumulo's pom. 2015-01-09 15:46:14 -05:00
joewitt 002926882b NIFI-242 added section for generating release sources and signing and running apache rat - borrowed from accumulo 2015-01-09 14:56:59 -05:00
Mark Payne 2d0b163961 NIFI-221: included controller service needed in nar-bundles pom 2015-01-06 10:16:00 -05:00
joewitt 9e35c7da9f NIFI-222 moved away from project.version and instead use explicit version declaration. Release plugin should take care of it anyway 2015-01-03 00:58:58 -05:00
Mark Payne 3e2f790672 NIFI-220: Initial Import of GetKafka and PutKafka processors 2015-01-01 20:52:36 -05:00
joewitt 87b07384a5 NIFI-162 filled in a basic overview. Definitely still needs work though. Too wordy. Too specific. 2014-12-28 15:23:45 -05:00
joewitt 9b0a9a6415 NIFI-198 formatting adjustment, removed comments provided as guides to understand previous patch 2014-12-23 22:28:42 -05:00
joewitt 32bc17db85 Merge branch 'NIFI-199' of https://github.com/khmarbaise/incubator-nifi into develop 2014-12-23 22:12:14 -05:00
Karl-Heinz Marbaise 03f2ce5000 [NIFI-199] Removed plugin dependencies from main project cause they are
not needed at the moment.
2014-12-23 22:58:39 +01:00
Karl-Heinz Marbaise 07547a74f1 [NIFI-198] Prerequisites is not correctly checked
Using maven-enforcer-plugin to check the correct maven version.
2014-12-23 22:53:33 +01:00
Karl-Heinz Marbaise 31921212da [NIFI-195] Take advantage of inheritance from ASF parent version 16 2014-12-22 22:41:07 +01:00
joewitt 0d8da145bd NIFI-183 Updated LICENSE and NOTICE based on thorough analysis of all dependencies. Removed HORNETQ and c3p0 as they are incompatible with ASF licensing policies. 2014-12-21 15:14:53 -05:00
joewitt 1357a17b67 NIFI-189 Collapsed several commons libs into one 2014-12-20 00:40:14 -05:00
joewitt 21182ac260 NIFI-150 updated to ensure docs get built and end up in the assembly under docs. 2014-12-19 16:34:25 -05:00
Mark Payne a23c7f2e2b NIFI-150: Added documentation in asciidoc format 2014-12-18 17:10:42 -05:00
joewitt 614349bdfd NIFI-169 updating a few tests and build 2014-12-15 10:43:07 -05:00
joewitt 19d4a150a8 NIFI-169 well it finally all builds. There is a classpath issue still to sort out which impacts startup 2014-12-15 05:14:32 -05:00