Commit Graph

305 Commits

Author SHA1 Message Date
Matt Gilman f4487dd5f6 NIFI-1492: - Limiting the amount of state entries returned to a client. - Code clean up.
Signed-off-by: joewitt <joewitt@apache.org>
2016-02-09 20:48:56 -05:00
Aldrin Piri 1c03fc7871 Removing unused import to remedy checkstyle error on previous documentation update. 2016-02-09 16:13:16 -05:00
Aldrin Piri a33289393d Correcting documentation on SnippetResource#createSnippet to reflect that it is creating a snippet. 2016-02-09 15:33:46 -05:00
Tony Kurc 5be83166ee NIFI-1485: Updated 'header' section of NiFi NOTICE files 2016-02-07 13:52:00 -05:00
Tony Kurc 303f8eabf1 NIFI-1379: Move to 0.5.0-SNAPSHOT, add tkurc code signing key to keys 2016-02-06 08:49:48 -05:00
Matt Gilman 7314af6177 NIFI-259: - Addressing issues that arose from a merge conflict.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-02-05 17:47:56 -05:00
Aldrin Piri 4df6512126 Merge branch 'NIFI-259' 2016-02-05 14:09:29 -05:00
Andy LoPresto 498b5023ce NIFI-1257 NIFI-1259
Added utility method to return the maximum acceptable password length for PBE ciphers on JVM with limited strength crypto because BC implementation is undocumented (based on empirical evidence).
Updated EncryptionMethod definitions to accurately reflect need for unlimited strength crypto according to algorithm key length.
Added processor logic to invoke keyed cipher.
Added EncryptContent processor property for raw hex key (always visible until NIFI-1121).
Added validations for KDF (keyed and PBE) and hex key.
Added utility method to return list of valid key lengths for algorithm.
Added description to allowable values for KDF and encryption method in EncryptContent processor.
Added IV read/write to KeyedCipherProvider and changed from interface to abstract class.
Added salt read/write logic to NifiLegacy and OpenSSL cipher providers.
Changed RandomIVPBECipherProvider from interface to abstract class.
Updated strong KDF implementations.
Renamed CipherFactory to CipherProviderFactory.
Added unit test for registered KDF resolution from factory.
Updated default iteration count for PBKDF2 cipher provider.
Implemented Scrypt cipher provider.
Added salt translator from mcrypt format to Java format.
Added unit tests for salt formatting and validation.
Added surefire block to groovy unit test profile to enforce 3072 MB heap for Scrypt test.
Added local Java implementation of Scrypt KDF (and underlying PBKDF2 KDF) from Will Glozer.
Defined interface for KeyedCipherProvider.
Implemented AES implementation for KeyedCipherProvider.
Added Ruby script to test/resources for external compatibility check.
Added key length check to PBKDF2 cipher provider.
Changed default PRF to SHA-512.
Added salt and key length check to PBKDF2 cipher provider.
Added utility method to check key length validity for cipher families.
Added Bcrypt implementation.
Implemented PBKDF2 cipher provider.
Added default constructor with strong choices for PBKDF2 cipher provider.
Implemented NiFiLegacyCipherProvider and added unit tests.
Added key length parameter to PBKDF2 cipher provider.
Added PRF resolution to PBKDF2 cipher provider.
Added RandomIVPBECipherProvider to allow for non-deterministic IVs.
Added new keyed encryption methods and added boolean field for compatibility with new KDFs.
Added CipherFactory.
Improved Javadoc in NiFi legacy cipher provider and OpenSSL cipher provider.
Added KeyedCipherProvider interface.
Added OpenSSL PKCS#5 v1.5 EVP_BytesToKey cipher provider and unit test.

This closes #201.

Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-02-04 19:40:55 -05:00
Matt Gilman 6f4c3db186 NIFI-259:
- Fixing the line height to ensure the multiline ellipsis is consistent across browsers.
2016-02-04 08:59:26 -05:00
Matt Gilman dbe8ff3f44 NIFI-1426:
- Ensuring we aren't preventing default when focused in a textarea.
2016-02-01 08:28:18 -05:00
Matt Gilman b3990ecdcf NIFI-1426: - Introducing a universal capture for key events to ensure a consistent behavior throughout the application. - Allowing backspace to remove components from the canvas. - Introducing a more consistent behavior around the escape button.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-28 12:23:02 -06:00
Andy LoPresto 93aac8cff3 NIFI-1365
Added Groovy support for unit tests to pom with skeleton test.
Added Groovy unit tests for OCSPCertificateValidator.
Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate.
Modified pom.xml to support Groovy unit tests with custom variable.

mvn clean test -Dgroovy=test

Added local cache injection into Groovy tests for OCSP certificate validation (see NIFI-1324 and NIFI-1364).
Set Java version to 1.7 for Groovy test src/target.
Moved Groovy unit test profile from nifi-web-security to root pom.
Added null check for algorithm argument in PGPUtil.
Changed buffer length check from ">= 0" to "> -1" because it was confusing other developers.
Resolved contrib-check line length issues.
Fixed contrib-check issues in OpenPGPKeyBasedEncryptorTest.
This closes #163

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-01-26 17:37:59 -05:00
Matt Gilman d71266502c NIFI-1435: - Addressing typo when initializing and showing the reporting task property table which prevented dynamic properties to be created. 2016-01-25 10:42:37 -05:00
Matt Gilman a7d3f8d75f NIFI-1428: - Adding a button to link from a flowfile in a queue listing to a provenance search for that flowfile.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 18:26:52 -05:00
Matt Gilman b25db650fd NIFI-1400: - Addressing sort issues with the controller service and reporting task tables. Specifically addressing bulletins, type, and state.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 16:41:14 -05:00
Matt Gilman 8392b46597 NIFI-1397: - Only resetting the node availability when closing the new controller service or reporting task dialog.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2016-01-22 13:20:58 -05:00
Mark Payne 3e13996512 Merge branch 'master' into NIFI-259 2016-01-21 15:02:00 -05:00
Mark Payne b07e13a1d8 NIFI-259: Bug fixes 2016-01-21 13:44:44 -05:00
Matt Gilman 53322c99ac NIFI-1383: - Ensuring appropriate access and state prior to attempting an action with hot keys. - Fixing contrib-check issue. 2016-01-21 12:39:45 -05:00
Matt Gilman 561f5b740a NIFI-1383: - Ensuring that nodes are not kicked out of the cluster when failing to successfully process a mutable request (like copy/paste). - Showing a more descriptive error message when possible. - Ensuring we don't try to instantiate an incomplete flow snippet. 2016-01-21 12:39:28 -05:00
Matt Gilman c18f75c597 NIFI-259:
- Ensuring component state is sorted accordingly when loaded in the table.
2016-01-21 11:25:17 -05:00
Mark Payne f6ec437bc7 Merge branch 'master' into NIFI-259 2016-01-21 09:32:02 -05:00
Matt Gilman 0d7edcb3ac NIFI-108:
- Removing sort from UI.
- Addressing issues with listing and flowfile retrieval when clustered.
- Making the context menu item available when source and destination are still running.
- Adding a refresh button to the queue listing table.
- Fixing the flowfile summary sorting in the cluster manager.
- Adding a message when the source or destination of a connection is actively running.
- Updating the documentation regarding queue interaction.
- Updating the error message when a flowfile is no longer in the active queue.
- Updated queue listing to allow listing to be done while source and destination are running but not sort or have ability to search
- Added heartbeat when we finish clearing queue
- Addressing comments from review.
2016-01-21 08:13:32 -05:00
Mark Payne 16dcf4595c Merge branch 'master' into NIFI-259 2016-01-18 08:48:30 -05:00
Mark Payne eba25ecaca NIFI-259, NIFI-1339: Added OnConfigurationRestored annotation, always invoke onPropertyModified even on restart when properties are changed from defaults, as was done previously 2016-01-17 14:40:27 -05:00
Matt Gilman 5b62ff0fc3 NIFI-259:
- Only providing the View State menu item for DFMs.
2016-01-14 15:36:57 -05:00
Matt Gilman 4236125f2b NIFI-259:
- Fixing Consumes for clear state endpoints.
2016-01-14 15:35:53 -05:00
Matt Gilman ae6f615365 NIFI-259:
- Code clean up.
- Adding component state actions to the controller service and reporting task tables.
2016-01-14 13:09:39 -05:00
Matt Gilman 65dfcd06a3 NIFI-259:
- Fixing contrib check issues.
2016-01-14 11:16:35 -05:00
Matt Gilman 1a7e6c735d NIFI-259:
- Exsuring the component state css file is included in aggregated builds.
2016-01-13 17:20:11 -05:00
Matt Gilman f0d8f73f26 NIFI-259:
- Addressing some minor layout issues with the view state dialog.
- Ensuring appropriate locking when attempting to clear state.
2016-01-13 16:57:59 -05:00
Matt Gilman 3f4bd919a9 NIFI-259:
- Merging responses when clustered to populate node details.
- Fixed bug when clearing processor state when clustered.
- Cleared the table after successfully clearing state.
2016-01-13 15:12:17 -05:00
Matt Gilman d05314c54b NIFI-259:
- Initial implementation of viewing and clearing state for a processor.
2016-01-13 13:35:24 -05:00
Matt Gilman bbd35a0258 NIFI-259:
- Adding endpoints for getting and clearing component state.
2016-01-12 10:43:30 -05:00
Andy LoPresto ffbfffce6d NIFI-1324:
Changed Maven dependencies for BouncyCastle bcprov and bcpg from jdk16:1.46 to jdk15on:1.53 (kept nifi-web-security on jdk16:1.46 because jdk15on:1.53 splits OCSP logic into new module bcpkix).
Added individual unit tests for PGP public keyring validation.
Passes all legacy unit tests.
Added TODOs for customizable brick encryption and refactoring shared code.
Cleaned up magic numbers to constants.
Added unit tests for OpenPGPPasswordBasedEncryptor (internal consistency and legacy file decrypt).
Began refactoring shared encrypt code from OpenPGP* implementations.
Extracted encrypt utility method from OpenPGPPasswordBasedEncryptor to PGPUtil class.
Added test resources (signed and unsigned key-encrypted files).
Added unit tests for OpenPGPKeyBasedEncryptor (internal consistency and external file decrypt).
Changed BC dependency for nifi-web-security to bcprov-jdk15on:1.53 and bcpkix-jdk15on:1.53.
Updated OCSPValidator to use new BC logic for OCSP validation. This code compiles but should be fully audited, as the legacy OCSP validation was not completely implemented.
Added skeleton of OCSP validator unit tests with successful keypair and certificate generation and signing code.
Added further unit tests for issued certificates.
Annotated unimplemented unit tests with note about Groovy integration.
Refactored Jersey call in OCSPCertificateValidator to internal method.
Added toString() to NiFi local OcspRequest.
Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate.
Resolved contrib-check issues.
Removed ignored code in unit test.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2016-01-12 09:22:51 -05:00
Mark Payne d2a969e3d6 NIFI-259: Initial implementation of State Management feature 2016-01-11 16:38:52 -05:00
Matt Gilman fdef994ead NIFI-1346: - Always showing input and output content for a provenance event.
Signed-off-by: joewitt <joewitt@apache.org>
2016-01-10 15:08:09 -05:00
Matt Gilman 6e9175459f NIFI-1363: - Using the appropriate namespace to call the function to detect if the content viewer is configured.
Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-01-07 17:15:44 -05:00
Aldrin Piri 3d487a5381 NIFI-1354 Using the newly generated keystore and truststore throughout the code base and updating an associated test to utilize the specified properties. 2016-01-06 18:16:37 -05:00
Mark Payne b330fd1601 NIFI-108: Built out 'skeleton' of the requests so that web tier can be written against it
NIFI-108: Implementing ability to list FlowFiles in a queue

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108: Added merging of response for listing of flowfiles in cluster manager

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108:
- Starting to add support for endpoints that will listing flowfiles in a queue.

NIFI-108:
- Adding checkstyle issues.

NIFI-108: Add clusterNodeId to FlowFileSummaryDTO

NIFI-108: Added unit tests; added verifyCanList method to queue; fixed bugs

NIFI-108:
- Adding compilation error for IOException from getFlowFile().
- Code clean up.
- Javadocs.

NIFI-108:
- Verifying two phase commit for queue listing.
- Fixing checkstyle.
- Ensuring drop and listing requests are merged when created when clustered.

NIFI-108:
- Adding initial listing capabilities.
- Passing through the sort column and direction.

NIFI-108:
- Removing Delete FlowFile button.
- Ensuring sort flags are being passed correctly.
- Setting column widths.
- Also including the cluster node address in the flowfile summaries.

NIFI-108:
- Including queue size statistics in listing request.
- Showing connection name.

NIFI-108:
- Including queue size statistics in listing request.
- Ensuring verifyCanList runs when appropriate.

NIFI-108:
- Adding initial support for viewing flowfile details dialog.
- Adding initial support for click to content.

NIFI-108:
- Allowing the flowfile details dialog to be draggable.

NIFI-108:
- Only showing the flowfile listing table when the listing is successful and the listing is not empty.

NIFI-108:
- Reseting the queue stats when closing the listing table.

NIFI-108: Implemented sorting when performing listing of FlowFiles

NIFI-108: Fixed bug that caused the listFlowFiles operation to wait on a readLock before returning and performing work asynchronously; fixed bug in Write-Ahead FlowFile Repository that caused ContentClaims to be queued up for destruction instead of ResourceClaims - this caused millions of ContentClaims to be queued up instead of a single ResourceClaim in some tests

NIFI-108:
- Ensured the column sort indicator is reset when a new listing is opened.
- Removing unused import.

NIFI-108:
- Addressed issues found during the review.
2016-01-06 16:20:23 -05:00
joewitt f4ac8d75c5 NIFI-1312-RC1 prepare for next development iteration 2015-12-19 00:41:04 -05:00
joewitt d624ea4866 NIFI-1312-RC1 prepare release nifi-0.4.1-RC1 2015-12-19 00:40:53 -05:00
Matt Gilman 43c7ecd221 NIFI-1298: - Addressing too many significant digits in the processor load average and [non]heap utilization.
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-18 17:02:40 -05:00
Matt Gilman 0436383f49 NIFI-1286: - Removing provenance option from the Label context menu
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-18 17:02:33 -05:00
Matt Gilman 608287f9fe NIFI-1309:
- Addressing issues around remote process groups automatically issuing new account requests.
- Ensuring authorization issues are updated with status refresh.
2015-12-18 15:57:38 -05:00
Matt Gilman b19ff7cf37 NIFI-1215:
- Only showing the run duration setting when applicable.
- Showing the user a warning that a source processor with a non 0 run duration could lose data when NiFi is restarted.
2015-12-16 10:53:15 -05:00
Matt Gilman 51b8ecd01b NIFI-1185:
- Using banners from the NCM rather than replicating to a node.
2015-12-15 12:51:14 -05:00
Matt Gilman c75b5cfcea NIFI-1119: - Addressing race condition that caused the revision to be checked before the flow was loaded.
Signed-off-by: jpercivall <joepercivall@yahoo.com>
2015-12-15 10:05:44 -05:00
Matt Gilman 17be1c2d9f NIFI-1206: - Only enabling the enable/disable toolbar icon when appropriate.
Signed-off-by: Joseph Percivall <joepercivall@yahoo.com>
2015-12-14 18:09:11 -05:00
Matt Gilman f9f04439fd NIFI-1119:
- Also refreshing flow revision when the user clicks Refresh status.
2015-12-14 12:41:45 -05:00
joewitt a7b09a57c5 NIFI-1122 release vote passess. Merge branch 'NIFI-1122_nifi-0.4.0-RC2' 2015-12-11 17:14:26 -05:00
Matt Gilman 8070a9f1cc NIFI-1104:
- Using the appropriate attributes based on the content direction.
2015-12-11 10:59:41 -05:00
joewitt d755e43ec8 NIFI-1122_nifi-0.4.0-RC2prepare for next development iteration 2015-12-08 13:00:10 -05:00
joewitt b66c029090 NIFI-1122_nifi-0.4.0-RC2prepare release nifi-0.4.0-RC2 2015-12-08 12:59:59 -05:00
Matt Gilman 08d0f3e596 NIFI-956: - Initialize the filter controls prior to the new processor table. Because of this, items were being incorrectly filtered on load. - Clean up in web.xml.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-07 20:12:44 -05:00
Matt Gilman ee7eeb0493 NIFI-1268: - In some environments it appears as though the row selection event is triggering when there is no items in the table. Verifying the item was found prior to continuing.
Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-07 19:50:37 -05:00
Matt Gilman 4c7894bccc NIFI-1260:
- Not pre-compiling message-page as it seems to be causign some runtime errors in some environments.
2015-12-07 12:20:18 -05:00
Mark Payne ee14d8f9dd Merge branch 'NIFI-1249' 2015-12-04 16:38:49 -05:00
Mark Payne f378ee9021 NIFI-1249: Allow Processors to add their own variables to those referencable by Expression Language. Make ReplaceText allow users to reference back-references of regex matches 2015-12-04 13:17:37 -05:00
Matt Gilman dae73c52a7 NIFI-1248:
- Initializing the actions file which ensures the progress bar is initialized.
2015-12-03 13:49:56 -08:00
Tony Kurc 3a7ddc6a35 NIFI-1054: Fixed DOS line endings in xml, java and js source files
Signed-off-by: joewitt <joewitt@apache.org>
2015-12-01 22:49:51 -05:00
Matt Gilman 7726d069cd Merge branch 'NIFI-655' 2015-12-01 11:20:56 -05:00
Matt Gilman e22b51f3a7 NIFI-655:
- Renaming spring tokens to avoid confusion over authentication and authorization.
2015-12-01 10:08:36 -05:00
Matt Gilman 85eb8defdd NIFI-655:
- Changing default expiration time to 12 hours.
2015-12-01 09:36:33 -05:00
Matt Gilman c100052dac NIFI-655:
- Adding additional logging when proceeding as an anonymous user.
2015-12-01 08:51:45 -05:00
Matt Gilman 2b0819a5f2 NIFI-655:
- Removing unused imports.
2015-11-30 16:33:11 -05:00
Matt Gilman 014b2ac4e8 NIFI-655:
- Removing proxied user chain as user details are already serialized.
2015-11-30 16:30:12 -05:00
Matt Gilman 774d626f88 NIFI-655:
- Adding documentation around the behavior of the authentication filters.
- Only passing along necessary parameters.
2015-11-30 15:07:40 -05:00
Matt Gilman c722b56335 NIFI-655:
- Ensuring the access token is not replicated when the user is already authenticated/authorized.
2015-11-30 14:57:38 -05:00
Matt Gilman a84e505bcd NIFI-655:
- Ensuring the access token is not replicated when the user is already authenticated/authorized.
2015-11-30 14:47:30 -05:00
Matt Gilman 64beeef593 NIFI-655:
- Ensuring anonymous user label and login links are rendered when appropriate.
- Ensuring responses are accurate when making requests with a token when user log in is not supported.
2015-11-27 14:13:40 -05:00
Matt Gilman c1cc165edb NIFI-655:
- Fixing issue with filter bean initialization when clustered.
2015-11-27 10:05:58 -05:00
Matt Gilman 6bce858e4a NIFI-655:
- Updated user guide with screenshots of login process.
- Tweaked wording in admin guide.
- Triggering login on enter press in login form.
2015-11-25 16:42:22 -05:00
Matt Gilman 0435911186 NIFI-1198: - Updating the connection source and destination when appropriate (deletion and (re)connection).
Signed-off-by: joewitt <joewitt@apache.org>
2015-11-25 14:50:56 -05:00
Matt Gilman c073253366 NIFI-655:
- Update admin guide with documentation for username/password authentication.
- Setting default anonymous roles to none.
- Making account status messages to users more clear.
- Deleting user keys when an admin revokes/deletes an account.
- Updating authentication filter to error back whenever authentication fails.
2015-11-25 14:17:23 -05:00
Matt Gilman 1312bde498 NIFI-655:
- Updating available links during login, registration, and account status review.
2015-11-24 00:37:47 -05:00
Matt Gilman aaf14c45c9 NIFI-655:
- Refactoring web security to use Spring Security Java Configuration.
- Introducing security in Web UI in order to get JWT.

NIFI-655:
- Setting up the resources (js/css) for the login page.

NIFI-655:
- Adding support for configuring anonymous roles.
- Addressing checkstyle violations.

NIFI-655:
- Moving to token api to web-api.
- Creating an LoginProvider API for user/pass based authentication.
- Creating a module for funneling access to the authorized useres.

NIFI-655:
- Moving away from usage of DN to identity throughout the application (from the user db to the authorization provider).
- Updating the authorized users schema to support login users.
- Creating an extension point for authentication of users based on username/password.

NIFI-655:
- Creating an endpoint for returning the identity of the current user.
- Updating the LoginAuthenticationFilter.

NIFI-655:
- Moving NiFi registration to the login page.
- Running the authentication filters in a different order to ensure we can disambiguate each case.
- Starting to layout each case... Forbidden, Login, Create User, Create NiFi Account.

NIFI-655:
- Addressing checkstyle issues.

NIFI-655:
- Making nf-storage available in the login page.
- Requiring use of local storage.
- Ignoring security for GET requests when obtaining the login configuration.

NIFI-655:
- Adding a new endpoint to obtain the status of a user registration.
- Updated the login page loading to ensure all possible states work.

NIFI-655:
- Ensuring we know the necessary state before we attempt to render the login page.
- Building the proxy chain in the JWT authentication filter.
- Only rendering the login when appropriate.

NIFI-655:
- Starting to style the login page.
- Added simple 'login' support by identifying username/password. Issuing JWT token coming...
- Added logout support
- Rendering the username when appropriate.

NIFI-655:
- Extracting certificate validation into a utility class.
- Fixing checkstyle issues.
- Cleaning up the web security context.
- Removing proxy chain checking where possible.

NIFI-655:
- Starting to add support for registration.
- Creating registration form.

NIFI-655:
- Starting to implement the JWT service.
- Parsing JWT on client side in order to render who the user currently is when logged in.

NIFI-655:
- Allowing the user to link back to the log in page from the new account page.
- Renaming DN to identity where possible.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding more/better support for logging out.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding a few new exceptions for the login identity provider.

NIFI-655:
- Disabling log in by default initially.
- Restoring authorization service unit test.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Updating packages for log in filters.
- Handling new registration exceptions.
- Code clean up.

NIFI-655:
- Removing registration support.
- Removing file based implementation.

NIFI-655:
- Removing file based implementation.

NIFI-655:
- Removing unused spring configuration files.

NIFI-655:
- Making the auto wiring more explicit.

NIFI-655:
- Removing unused dependencies.

NIFI-655:
- Removing unused filter.

NIFI-655:
- Updating the login API authenticate method to use a richer set of exceptions.
- UI code clean.

NIFI-655:
- Ensuring the login identity provider is able to switch context classloaders via the standard NAR mechanisms.

NIFI-655:
- Initial commit of the LDAP based identity providers.
- Fixed issue when attempting to log into a NiFi that does not support new account requests.

NIFI-655:
- Allowing the ldap provider to specify if client authentication is required/desired.

NIFI-655:
- Persisting keys to sign user tokens.
- Allowing the identity provider to specify the token expiration.
- Code clean up.

NIFI-655:
- Ensuring identities are unique in the key table.

NIFI-655:
- Adding support for specifying the user search base and user search filter in the active directory provider.

NIFI-655:
- Fixing checkstyle issues.

NIFI-655:
- Adding automatic client side token renewal.

NIFI-655:
- Ensuring the logout link is rendered when appropriate.

NIFI-655:
- Adding configuration options for referrals and connect/read timeouts

NIFI-655:
- Added an endpoint for access details including configuration, creating tokens, and checking status.
- Updated DTOs and client side to utilize new endpoints.

NIFI-655:
- Refactoring certificate extraction and validation.
- Refactoring how expiration is specified in the login identity providers.
- Adding unit tests for the access endpoints.
- Code clean up.

NIFI-655:
- Keeping token expiration between 1 minute and 12 hours.

NIFI-655:
- Using the user identity provided by the login identity provider.

NIFI-655: - Fixed typo in error message for unrecognized authentication strategy.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added logback-test.xml configuration resource for nifi-web-security.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Added issuer field to LoginAuthenticationToken. - Updated AccessResource to pass identity provider class name when creating LoginAuthenticationTokens. - Began refactoring JWT logic from request parsing logic in JwtService. - Added unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655. - Changed issuer field to use FQ class name because some classes return an empty string for getSimpleName(). - Finished refactoring JWT logic from request parsing logic in JwtService. - Updated AccessResource and JwtAuthenticationFilter to call new JwtService methods decoupled from request header parsing. - Added extensive unit tests for JWT logic.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Refactoring key service to expose the key id.
- Handling client side expiration better.
- Removing specialized active directory provider and abstract ldap provider.

NIFI-655. - Updated JwtService and JwtServiceTest to use Key POJO instead of raw String key from KeyService.

Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>

NIFI-655:
- Fixing typo when loading the ldap connect timeout.
- Providing a better experience for session expiration.
- Using ellipsis for lengthly user name.
- Adding an issuer to the authentication response so the LIP can specify the appropriate value.

NIFI-655:
- Showing a logging in notification during the log in process.

NIFI-655:
- Removing unnecessary class.

NIFI-655:
- Fixing checkstyle issues.
- Showing the progress spinner while submitting account justification.

NIFI-655:
- Removing deprecated authentication strategy.
- Renaming TLS to START_TLS.
- Allowing the protocol to be configured.

NIFI-655:
- Fixing issue detecting the presence of DN column

NIFI-655:
- Pre-populating the login-identity-providers.xml file with necessary properties and documentation.
- Renaming the Authentication Duration property name.

NIFI-655:
- Updating documentation for the failure response codes.

NIFI-655:
- Ensuring the user identity is not too long.

NIFI-655:
- Updating default authentication expiration to 12 hours.

NIFI-655:
- Remaining on the login form when there is any unsuccessful login attempt.
- Fixing checkstyle issues.
2015-11-23 14:50:13 -05:00
Aldrin Piri 08d59e4374 NIFI-1196 Providing handling of FETCH provenance events for their "unique" property, transit URI, within the framework and UI.
Reviewed by Tony Kurc (tkurc@apache.org)
2015-11-19 17:42:15 -05:00
Matt Gilman 64369f67f9 NIFI-1160:
- Addressing possible NPE when removing a drop request.
- Only updating a connection status once it's been retrieved for the first time.
2015-11-16 08:34:04 -05:00
Mark Payne da9f40b3f0 NIFI-973: Updated main Help page to provide a link to the Getting Started Guide.
Reviewed by Aldrin Piri (aldrin@apache.org)
2015-11-15 08:38:51 -05:00
Tony Kurc 528dab78d6 NIFI-1073: Fixing coverity discovered errors. Resource leaks, and statics
Reviewed by Bryan Bende (bbende@apache.org)
2015-11-14 18:56:43 -05:00
joewitt 99629646fe NIFI-1122 moved to 0.4.0-SNAPSHOT 2015-11-06 23:41:15 -05:00
Andrew Grande f1bd3d471d NIFI-1112 Fixed APIOperation Annotation on ReportingTaskResource.
Reviewed by Tony Kurc (tkurc@apache.org)
2015-11-04 18:31:34 -05:00
Mark Payne e4cebba3c7 Merge branch 'master' into NIFI-730 2015-11-02 14:02:16 -05:00
Matt Gilman 5a04021dd7 NIFI-730:
- Updating logic now that original is guaranteed to be non null.
- Always reporting 100% once the drop request has completed.
2015-11-02 08:59:11 -05:00
Bryan Bende 5cc2b04b91 NIFI-986 Refactoring of action classes from nifi-user-actions to have interfaces in nifi-api, and adding getFlowChanges to EventAccess
- Fixing empty java docs and adding sort by id asc to the history query
- Changing userDn to userIdentity in Action and FlowChangeAction
- Modifying NiFiAuditor to always save events locally, and implementing getFlowChanges for ClusteredEventAccess
2015-10-29 16:28:36 -04:00
Matt Gilman f8c3377c84 NIFI-820:
- Creating a context menu item for accessing provenance directly for a selected component.
2015-10-26 10:16:01 -04:00
Mark Payne 0636f0e731 NIFI-810: Merged master into branch 2015-10-25 11:02:40 -04:00
Matt Gilman 570202eb30 NIFI-730:
- Fixing capitalization to remain consistent.
2015-10-16 10:47:02 -04:00
Matt Gilman a872403831 NIFI-730:
- Updating the styling of the drop request status dialog.
- Rendering any errors that may have occurred.
2015-10-16 09:37:57 -04:00
Matt Gilman 39a050d2fd NIFI-730:
- Adding emptying a queue when clustered.
2015-10-14 17:47:06 -04:00
Matt Gilman cad0e7cf0f NIFI-730:
- Adding progress bar for showing current status of drop request.
- Allowing the user to cancel the current drop request.
2015-10-14 12:39:19 -04:00
Matt Gilman 4b41aaab02 NIFI-730:
- Fixing checkstyle violations.
- Wiring endpoints and framework model.
- Lowering the max delay while polling from 8 seconds to 4 seconds.
2015-10-13 13:43:10 -04:00
Matt Gilman 09d6fe5cdb NIFI-730:
- Fixing checkstyle violations.
- Renaming context menu item for emptying a queue.
2015-10-13 10:12:58 -04:00
Mark Payne 9be37914dd Merge branch 'NIFI-730' of https://git-wip-us.apache.org/repos/asf/nifi into NIFI-730 2015-10-13 10:03:31 -04:00
Mark Payne 49a781df2d NIFI-730: Implemented swapping in and out on-demand by the FlowFileQueue rather than in a background thread 2015-10-13 10:03:03 -04:00
Matt Gilman e0ac7cde37 NIFI-730:
- Starting to add support for deleting flow files from a queue by creating endpoints and starting to wire everything together.
- Adding context menu item for initiating the request to drop flow files.
2015-10-12 10:00:54 -04:00
Matt Gilman 2583d7869a NIFI-442:
NIFI-828:
- Always selecting the first item in the new component table.
- Enabling adding the selected component by typing Enter.
- Removing the 'filter by' in the new component dialogs and instead just searching every field.
2015-10-07 19:11:55 -04:00
Matt Gilman 13edcfda2e NIFI-810:
- Adding basic support for preventing connection when appropriate.
- Updating validation when [dis]connecting processors.
2015-10-07 17:26:14 -04:00
Matt Gilman ded74ec94c NIFI-876 prepare for next development iteration 2015-09-14 21:48:11 -04:00
Matt Gilman 2ec735e350 NIFI-876 prepare release nifi-0.3.0-RC1 2015-09-14 21:48:00 -04:00
Mark Payne 1ddd736558 NIFI-854: Ensure that controller services are included in template if any processor (or other service) in the template references it, regardless of how many levels deep the component's ProcessGroup is 2015-08-21 14:46:20 -04:00
Chin Huang 8f98f80938 NIFI-868 Configure advertised host name of Remote Process Group Input Port
Before this change, the host given out to clients to connect to a Remote
Process Group Input Port is the host where the NiFi instance runs.
However, sometimes the binding host is different from the host that
clients connect to. For example, when a NiFi instance runs inside a
Docker container, a client on a separate machine must connect to the
Docker host which forwards the connection to the container.

Add a configuration property to specify the host name to give out to
clients to connect to a Remote Process Group Input Port. If the property
is not configured, then give out the name of host running the NiFi
instance.
2015-08-18 21:35:28 -07:00
Matt Gilman ffa7ceb2b1 NIFI-861:
- Addressing issue with blank processor names when attempting to generate ellipsis on the canvas.
2015-08-17 15:23:36 -04:00
joewitt aa99884782 NIFI-850 removed nifi parent, updated nifi pom, moved all nifi subdirs up one level, fixed readme. 2015-08-15 13:12:22 -04:00