- Updated OidcBearerTokenRefreshFilter to maintain current Identity Provider Groups when generating refreshed application Bearer Tokens
- Refactored LoginAuthenticationToken to remove unnecessary optional constructors and use java.time.Instant for expiration
- Added Issuer Provider with implementation for Bearer Token Issuer based on host and port properties
The headers in the map that come back when replicating a request used to be in the case given; however they can be lowercased in the OkHttp Headers object when using HTTP/2 instead of HTTP/1.1. As a result, we need to ensure that we always use lower-case header names or check the map case-insensitive.
This closes#8163
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 231dbde4b30bfea5b711169fe6f125c9279ec450)
* NIFI-12470:
- Fixing forEach callback for usage with Object.entries() to address layout issue in Status History.
- Using es5 syntax.
This closes#8121
Fixed NPE in ThreadDumpTask
This closes#8032
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit b5c3e6f9aae9791b749ba3d908ce1b6672ee2124)
- Updated ExceptionFilter and AuthenticationFilter with standard messages
This closes#7957
(cherry picked from commit 97dd543c6a850f1076b05c7a9bcc28d37e184d5b)
- Added nar-packaging and war-packaging profiles to root Maven configuration
- Removed individual properties from NAR module configurations
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
This closes#7947.
(cherry picked from commit 2366132e92951a8fc27097c777d3104a1c396f7b)
- Clearing the password in the login form when login fails or unable to verify access once authentication succeeds.
This closes#11909
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 97dfe2d812a9fa8b0fcc2b1d0b7f352f656b530e)
- Added EntityStoreAuditService implementation using JetBrains Xodus libraries
- Added FlowConfigurationHistoryMigrator for checking and migrating H2 databases containing Flow Configuration History to Xodus persistent store implementation
Fixed bug where parameter context descriptions were not loaded on NiFi startup and overwritten as empty
This closes: #7787
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 0a47157640c1502a0379a7f66d764d2d7d344872)
- Extracted common logic from setState() and replace() into modifyState()
- Removed redundant code from createNode() because exceptions are handled on the caller side
- NodeExistsException and InterruptedException are handled in setState() and replace()
- Also used KeeperException's subclasses instead of KeeperException.code()
This closes#7324
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit ac80b9d900221fedb59142e4a4802bf4ab2a17f4)
* NIFI-10904 Changed the font color for dropdown menus to avoid the appearance of menu items being disabled
* NIFI-10904 Changed the CSS tag used to set the color of the dropdown menu text
* NIFI-10904 Used a new css class to set the color of dropdown options
* nifi-10904 Changed the css class for create/reference drop down menu items.
Merged #7502 into main.
- Added nifi-security-cert for reusable components without dependencies
- Added nifi-security-cert-builder for certificate generation
NIFI-12001: Changes related to backporting
Signed-off-by: Matt Burgess <mattyb149@apache.org>
- Moved StringUtils from nifi-properties to nifi-property-utils
- Moved Peer Identity methods from CertificateUtils to specific Site-to-Site classes
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#6977.
* NIFI-11303 Added a go-to entry on the right click context menu for the provenance lineage tree to take you to the specified component in the graph
* nifi-11303 Removed unused variable.
Merged #7461 into main.
When waiting for all controller services to reach the desired status in the ClusterReplicationComponentLifecycle component, return immediately if there are no services to wait for. Otherwise, request that referencing components not be included in the return value of the Controller Services
This closes#7493
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 7405dcb510d0740d7e0eaf3200ed2d8900f5b3f0)
- Added StandardOidcUserService supporting fallback claim names
- Updated StandardClientRegistrationProvider to use standard Subject claim
- Updated OIDC Security Configuration to use customized OidcUserService for claim handling
Signed-off-by: Joe Gresock <jgresock@gmail.com>
This closes#7468.
- Replaced Jetty KeyStoreScanner and custom TrustStoreScanner with shared StoreScanner
- New StoreScanner uses TLS Configuration to reload SSLContext instead of relying on Jetty SslContextFactory properties
This closes#7446
Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit a85ef2c1f49780be93b49ec6cb077a61c8cc063e)
