Refine search
/** * Returns the path to the Knox public key. * * @return path to the Knox public key */ public Path getKnoxPublicKeyPath() { return Paths.get(getProperty(SECURITY_USER_KNOX_PUBLIC_KEY)); }
public List<Path> getNarLibraryDirectories() { List<Path> narLibraryPaths = new ArrayList<>(); // go through each property for (String propertyName : getPropertyKeys()) { // determine if the property is a nar library path if (StringUtils.startsWith(propertyName, NAR_LIBRARY_DIRECTORY_PREFIX) || NAR_LIBRARY_DIRECTORY.equals(propertyName) || NAR_LIBRARY_AUTOLOAD_DIRECTORY.equals(propertyName)) { // attempt to resolve the path specified String narLib = getProperty(propertyName); if (!StringUtils.isBlank(narLib)) { narLibraryPaths.add(Paths.get(narLib)); } } } if (narLibraryPaths.isEmpty()) { narLibraryPaths.add(Paths.get(DEFAULT_NAR_LIBRARY_DIR)); } return narLibraryPaths; }
public File getFlowConfigurationFileDir() { try { return getFlowConfigurationFile().getParentFile(); } catch (Exception ex) { return null; } }
private String determineServerHostname(NiFiProperties props) { if (props.getSslPort() != null) { return props.getProperty(NiFiProperties.WEB_HTTPS_HOST, "localhost"); } else { return props.getProperty(NiFiProperties.WEB_HTTP_HOST, "localhost"); } }
public static boolean isProvenanceRepositoryEncryptionConfigured(NiFiProperties niFiProperties) { final String implementationClassName = niFiProperties.getProperty(NiFiProperties.PROVENANCE_REPO_IMPLEMENTATION_CLASS); // Referencing EWAPR.class.getName() would require a dependency on the module boolean encryptedRepo = "org.apache.nifi.provenance.EncryptedWriteAheadProvenanceRepository".equals(implementationClassName); boolean keyProviderConfigured = isValidKeyProvider( niFiProperties.getProperty(NiFiProperties.PROVENANCE_REPO_ENCRYPTION_KEY_PROVIDER_IMPLEMENTATION_CLASS), niFiProperties.getProperty(NiFiProperties.PROVENANCE_REPO_ENCRYPTION_KEY_PROVIDER_LOCATION), niFiProperties.getProvenanceRepoEncryptionKeyId(), niFiProperties.getProvenanceRepoEncryptionKeys()); return encryptedRepo && keyProviderConfigured; }
public InetSocketAddress getClusterNodeProtocolAddress() { try { String socketAddress = getProperty(CLUSTER_NODE_ADDRESS); if (StringUtils.isBlank(socketAddress)) { socketAddress = "localhost"; } int socketPort = getClusterNodeProtocolPort(); return InetSocketAddress.createUnresolved(socketAddress, socketPort); } catch (Exception ex) { throw new RuntimeException("Invalid node protocol address/port due to: " + ex, ex); } }
private String getDatabaseUrl(File databaseFile) { String databaseUrl = "jdbc:h2:" + databaseFile + ";AUTOCOMMIT=OFF;DB_CLOSE_ON_EXIT=FALSE;LOCK_MODE=3"; String databaseUrlAppend = properties.getProperty(NiFiProperties.H2_URL_APPEND); if (StringUtils.isNotBlank(databaseUrlAppend)) { databaseUrl += databaseUrlAppend; } return databaseUrl; }
for (String propertyName : properties.getPropertyKeys()) { if (StringUtils.startsWith(propertyName, patternPrefix)) { final String key = StringUtils.substringAfter(propertyName, patternPrefix); final String identityPattern = properties.getProperty(propertyName); if (StringUtils.isBlank(identityPattern)) { LOGGER.warn("{} Mapping property {} was found, but was empty", new Object[] {getSubject.get(), propertyName}); continue; final String identityValue = properties.getProperty(identityValueProperty); if (StringUtils.isBlank(identityValue)) { String rawIdentityTransform = properties.getProperty(identityTransformProperty); if (StringUtils.isBlank(rawIdentityTransform)) {
flowXml = Paths.get(nifiProperties.getProperty(NiFiProperties.FLOW_CONFIGURATION_FILE)); gracefulShutdownSeconds = (int) FormatUtils.getTimeDuration(nifiProperties.getProperty(NiFiProperties.FLOW_CONTROLLER_GRACEFUL_SHUTDOWN_PERIOD), TimeUnit.SECONDS); autoResumeState = nifiProperties.getAutoResumeState(); senderListener.addHandler(this); final InetSocketAddress nodeApiAddress = nifiProperties.getNodeApiAddress(); final InetSocketAddress nodeSocketAddress = nifiProperties.getClusterNodeProtocolAddress(); final InetSocketAddress loadBalanceAddress = nifiProperties.getClusterLoadBalanceAddress(); nodeSocketAddress.getHostName(), nodeSocketAddress.getPort(), loadBalanceAddress.getHostName(), loadBalanceAddress.getPort(), nifiProperties.getRemoteInputHost(), nifiProperties.getRemoteInputPort(), nifiProperties.getRemoteInputHttpPort(), nifiProperties.isSiteToSiteSecure());
public static RepositoryConfiguration create(final NiFiProperties nifiProperties) { final Map<String, Path> storageDirectories = nifiProperties.getProvenanceRepositoryPaths(); if (storageDirectories.isEmpty()) { storageDirectories.put("provenance_repository", Paths.get("provenance_repository")); final String storageTime = nifiProperties.getProperty(NiFiProperties.PROVENANCE_MAX_STORAGE_TIME, "24 hours"); final String storageSize = nifiProperties.getProperty(NiFiProperties.PROVENANCE_MAX_STORAGE_SIZE, "1 GB"); final String rolloverTime = nifiProperties.getProperty(NiFiProperties.PROVENANCE_ROLLOVER_TIME, "5 mins"); final String rolloverSize = nifiProperties.getProperty(NiFiProperties.PROVENANCE_ROLLOVER_SIZE, "100 MB"); final String shardSize = nifiProperties.getProperty(NiFiProperties.PROVENANCE_INDEX_SHARD_SIZE, "500 MB"); final int queryThreads = nifiProperties.getIntegerProperty(NiFiProperties.PROVENANCE_QUERY_THREAD_POOL_SIZE, 2); final int indexThreads = nifiProperties.getIntegerProperty(NiFiProperties.PROVENANCE_INDEX_THREAD_POOL_SIZE, 2); final int journalCount = nifiProperties.getIntegerProperty(NiFiProperties.PROVENANCE_JOURNAL_COUNT, 16); final int concurrentMergeThreads = nifiProperties.getIntegerProperty(CONCURRENT_MERGE_THREADS, 2); final String warmCacheFrequency = nifiProperties.getProperty(WARM_CACHE_FREQUENCY); final boolean compressOnRollover = Boolean.parseBoolean(nifiProperties.getProperty(NiFiProperties.PROVENANCE_COMPRESS_ON_ROLLOVER)); final String indexedFieldString = nifiProperties.getProperty(NiFiProperties.PROVENANCE_INDEXED_FIELDS); final String indexedAttrString = nifiProperties.getProperty(NiFiProperties.PROVENANCE_INDEXED_ATTRIBUTES); final Boolean alwaysSync = Boolean.parseBoolean(nifiProperties.getProperty("nifi.provenance.repository.always.sync", "false")); final String maxAttrLength = nifiProperties.getProperty("nifi.provenance.repository.max.attribute.length", String.valueOf(defaultMaxAttrChars)); int maxAttrChars; try { config.setDebugFrequency(nifiProperties.getIntegerProperty(NiFiProperties.PROVENANCE_REPO_DEBUG_FREQUENCY, config.getDebugFrequency())); final String implementationClassName = nifiProperties.getProperty(NiFiProperties.PROVENANCE_REPO_IMPLEMENTATION_CLASS); if (EncryptedWriteAheadProvenanceRepository.class.getName().equals(implementationClassName)) {
protected static void configureSslContextFactory(SslContextFactory contextFactory, NiFiProperties props) { if (props.isClientAuthRequiredForRestApi()) { contextFactory.setNeedClientAuth(true); } else { if (StringUtils.isNotBlank(props.getProperty(NiFiProperties.SECURITY_KEYSTORE))) { contextFactory.setKeyStorePath(props.getProperty(NiFiProperties.SECURITY_KEYSTORE)); String keyStoreType = props.getProperty(NiFiProperties.SECURITY_KEYSTORE_TYPE); if (StringUtils.isNotBlank(keyStoreType)) { contextFactory.setKeyStoreType(keyStoreType); String keyStoreProvider = KeyStoreUtils.getKeyStoreProvider(keyStoreType); if (StringUtils.isNoneEmpty(keyStoreProvider)) { contextFactory.setKeyStoreProvider(keyStoreProvider); final String keystorePassword = props.getProperty(NiFiProperties.SECURITY_KEYSTORE_PASSWD); final String keyPassword = props.getProperty(NiFiProperties.SECURITY_KEY_PASSWD); if (StringUtils.isNotBlank(keystorePassword)) { if (StringUtils.isNotBlank(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE))) { contextFactory.setTrustStorePath(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE)); String trustStoreType = props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_TYPE); if (StringUtils.isNotBlank(trustStoreType)) { contextFactory.setTrustStoreType(trustStoreType); if (StringUtils.isNotBlank(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD))) { contextFactory.setTrustStorePassword(props.getProperty(NiFiProperties.SECURITY_TRUSTSTORE_PASSWD));
/** * Creates an instance of the NiFi sensitive property encryptor. * * @param niFiProperties properties * @return encryptor * @throws EncryptionException if any issues arise initializing or * validating the encryptor * @see #createEncryptor(String, String, String) * @deprecated as of NiFi 1.4.0 because the entire {@link NiFiProperties} object is not necessary to generate the encryptor. */ @Deprecated public static StringEncryptor createEncryptor(final NiFiProperties niFiProperties) throws EncryptionException { // Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); final String sensitivePropAlgorithmVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_ALGORITHM); final String sensitivePropProviderVal = niFiProperties.getProperty(NF_SENSITIVE_PROPS_PROVIDER); String sensitivePropValueNifiPropVar = niFiProperties.getProperty(NF_SENSITIVE_PROPS_KEY); // TODO: This method should be removed in 2.0.0 and replaced globally with the String, String, String method if (StringUtils.isBlank(sensitivePropValueNifiPropVar)) { printBlankKeyWarning(); sensitivePropValueNifiPropVar = DEFAULT_SENSITIVE_PROPS_KEY; } return createEncryptor(sensitivePropAlgorithmVal, sensitivePropProviderVal, sensitivePropValueNifiPropVar); }
@Override public Object getObject() throws Exception { if (authorizer == null) { if (properties.getSslPort() == null) { final String authorizerIdentifier = properties.getProperty(NiFiProperties.SECURITY_USER_AUTHORIZER); if (StringUtils.isBlank(authorizerIdentifier)) { throw new Exception("When running securely, the authorizer identifier must be specified in the nifi properties file."); } else {
public FileSystemRepository(final NiFiProperties nifiProperties) throws IOException { this.nifiProperties = nifiProperties; final Map<String, Path> fileRespositoryPaths = nifiProperties.getContentRepositoryPaths(); for (final Path path : fileRespositoryPaths.values()) { Files.createDirectories(path); this.maxFlowFilesPerClaim = nifiProperties.getMaxFlowFilesPerClaim(); this.writableClaimQueue = new LinkedBlockingQueue<>(maxFlowFilesPerClaim); final long configuredAppendableClaimLength = DataUnit.parseDataSize(nifiProperties.getMaxAppendableClaimSize(), DataUnit.B).longValue(); final long appendableClaimLengthCap = DataUnit.parseDataSize(APPENDABLE_CLAIM_LENGTH_CAP, DataUnit.B).longValue(); if (configuredAppendableClaimLength > appendableClaimLengthCap) { final String enableArchiving = nifiProperties.getProperty(NiFiProperties.CONTENT_ARCHIVE_ENABLED); final String maxArchiveRetentionPeriod = nifiProperties.getProperty(NiFiProperties.CONTENT_ARCHIVE_MAX_RETENTION_PERIOD); final String maxArchiveSize = nifiProperties.getProperty(NiFiProperties.CONTENT_ARCHIVE_MAX_USAGE_PERCENTAGE); final String archiveBackPressureSize = nifiProperties.getProperty(NiFiProperties.CONTENT_ARCHIVE_BACK_PRESSURE_PERCENTAGE); maxArchiveMillis = 0L; } else { maxArchiveMillis = StringUtils.isEmpty(maxArchiveRetentionPeriod) ? Long.MAX_VALUE : FormatUtils.getTimeDuration(maxArchiveRetentionPeriod, TimeUnit.MILLISECONDS); this.alwaysSync = Boolean.parseBoolean(nifiProperties.getProperty("nifi.content.repository.always.sync")); LOG.info("Initializing FileSystemRepository with 'Always Sync' set to {}", alwaysSync); initializeRepository();
final String gracefulShutdownSecondsVal = nifiProperties.getProperty(GRACEFUL_SHUTDOWN_PERIOD); long shutdownSecs; try { remoteInputSocketPort = nifiProperties.getRemoteInputPort(); remoteInputHttpPort = nifiProperties.getRemoteInputHttpPort(); isSiteToSiteSecure = nifiProperties.isSiteToSiteSecure(); this.heartbeatDelaySeconds = (int) FormatUtils.getTimeDuration(nifiProperties.getNodeHeartbeatInterval(), TimeUnit.SECONDS); final String snapshotFrequency = nifiProperties.getProperty(NiFiProperties.COMPONENT_STATUS_SNAPSHOT_FREQUENCY, NiFiProperties.DEFAULT_COMPONENT_STATUS_SNAPSHOT_FREQUENCY); long snapshotMillis; try { if (nifiProperties.isStartEmbeddedZooKeeper() && configuredForClustering) { try { zooKeeperStateServer = ZooKeeperStateServer.create(nifiProperties); final InetSocketAddress loadBalanceAddress = nifiProperties.getClusterLoadBalanceAddress(); final int numThreads = nifiProperties.getIntegerProperty(NiFiProperties.LOAD_BALANCE_MAX_THREAD_COUNT, NiFiProperties.DEFAULT_LOAD_BALANCE_MAX_THREAD_COUNT); final String timeoutPeriod = nifiProperties.getProperty(NiFiProperties.LOAD_BALANCE_COMMS_TIMEOUT, NiFiProperties.DEFAULT_LOAD_BALANCE_COMMS_TIMEOUT); final int timeoutMillis = (int) FormatUtils.getTimeDuration(timeoutPeriod, TimeUnit.MILLISECONDS); final int connectionsPerNode = nifiProperties.getIntegerProperty(NiFiProperties.LOAD_BALANCE_CONNECTIONS_PER_NODE, NiFiProperties.DEFAULT_LOAD_BALANCE_CONNECTIONS_PER_NODE); final NioAsyncLoadBalanceClientFactory asyncClientFactory = new NioAsyncLoadBalanceClientFactory(sslContext, timeoutMillis, new ContentRepositoryFlowFileAccess(contentRepository), eventReporter, new StandardLoadBalanceFlowFileCodec()); loadBalanceClientRegistry = new NioAsyncLoadBalanceClientRegistry(asyncClientFactory, connectionsPerNode);
/** * Returns the OpenId Connect (OIDC) URL. Null otherwise. * * @return OIDC discovery url */ public String getOidcDiscoveryUrl() { return getProperty(SECURITY_USER_OIDC_DISCOVERY_URL); }
/** * Returns the network interface list to use for HTTPS. This method returns a mapping of * network interface property names to network interface names. * * @return the property name and network interface name of all HTTPS network interfaces */ public Map<String, String> getHttpsNetworkInterfaces() { final Map<String, String> networkInterfaces = new HashMap<>(); // go through each property for (String propertyName : getPropertyKeys()) { // determine if the property is a network interface name if (StringUtils.startsWith(propertyName, WEB_HTTPS_NETWORK_INTERFACE_PREFIX)) { // get the network interface property key final String key = StringUtils.substringAfter(propertyName, WEB_HTTPS_NETWORK_INTERFACE_PREFIX); networkInterfaces.put(key, getProperty(propertyName)); } } return networkInterfaces; }
public WriteAheadFlowFileRepository(final NiFiProperties nifiProperties) { alwaysSync = Boolean.parseBoolean(nifiProperties.getProperty(NiFiProperties.FLOWFILE_REPOSITORY_ALWAYS_SYNC, "false")); this.nifiProperties = nifiProperties; // determine the database file path and ensure it exists String writeAheadLogImpl = nifiProperties.getProperty(WRITE_AHEAD_LOG_IMPL); if (writeAheadLogImpl == null) { writeAheadLogImpl = DEFAULT_WAL_IMPLEMENTATION; } this.walImplementation = writeAheadLogImpl; // We used to use one implementation of the write-ahead log, but we now want to use the other, we must address this. Since the // MinimalLockingWriteAheadLog supports multiple partitions, we need to ensure that we recover records from all // partitions, so we build up a List of Files for the recovery files. for (final String propertyName : nifiProperties.getPropertyKeys()) { if (propertyName.startsWith(FLOWFILE_REPOSITORY_DIRECTORY_PREFIX)) { final String dirName = nifiProperties.getProperty(propertyName); recoveryFiles.add(new File(dirName)); } } if (walImplementation.equals(SEQUENTIAL_ACCESS_WAL)) { final String directoryName = nifiProperties.getProperty(FLOWFILE_REPOSITORY_DIRECTORY_PREFIX); flowFileRepositoryPaths.add(new File(directoryName)); } else { flowFileRepositoryPaths.addAll(recoveryFiles); } numPartitions = nifiProperties.getFlowFileRepositoryPartitions(); checkpointDelayMillis = FormatUtils.getTimeDuration(nifiProperties.getFlowFileRepositoryCheckpointInterval(), TimeUnit.MILLISECONDS); checkpointExecutor = Executors.newSingleThreadScheduledExecutor(); }
public static ExtensionMapping unpackNars(final NiFiProperties props, final Bundle systemBundle) { final List<Path> narLibraryDirs = props.getNarLibraryDirectories(); final File frameworkWorkingDir = props.getFrameworkWorkingDirectory(); final File extensionsWorkingDir = props.getExtensionsWorkingDirectory(); final File docsWorkingDir = props.getComponentDocumentationWorkingDirectory(); final Map<File, BundleCoordinate> unpackedNars = new HashMap<>();
public StandardProcessScheduler(final FlowEngine componentLifecycleThreadPool, final FlowController flowController, final StringEncryptor encryptor, final StateManagerProvider stateManagerProvider, final NiFiProperties nifiProperties) { this.componentLifeCycleThreadPool = componentLifecycleThreadPool; this.flowController = flowController; this.encryptor = encryptor; this.stateManagerProvider = stateManagerProvider; administrativeYieldDuration = nifiProperties.getAdministrativeYieldDuration(); administrativeYieldMillis = FormatUtils.getTimeDuration(administrativeYieldDuration, TimeUnit.MILLISECONDS); final String timeoutString = nifiProperties.getProperty(NiFiProperties.PROCESSOR_SCHEDULING_TIMEOUT); processorStartTimeoutMillis = timeoutString == null ? 60000 : FormatUtils.getTimeDuration(timeoutString.trim(), TimeUnit.MILLISECONDS); frameworkTaskExecutor = new FlowEngine(4, "Framework Task Thread"); }