/** * Returns true if client certificates are required for REST API. Determined * if the following conditions are all true: * <p> * - login identity provider is not populated * - Kerberos service support is not enabled * - openid connect is not enabled * - knox sso is not enabled * </p> * * @return true if client certificates are required for access to the REST API */ public boolean isClientAuthRequiredForRestApi() { return !isLoginIdentityProviderEnabled() && !isKerberosSpnegoSupportEnabled() && !isOidcEnabled() && !isKnoxSsoEnabled(); }
if (!properties.isKerberosSpnegoSupportEnabled() || kerberosService == null) { throw new IllegalStateException("Kerberos ticket login not supported by this NiFi.");
@Override public KerberosService getObject() throws Exception { if (kerberosService == null && properties.isKerberosSpnegoSupportEnabled()) { final File krb5ConfigFile = properties.getKerberosConfigurationFile(); if (krb5ConfigFile != null) { final GlobalSunJaasKerberosConfig krb5Config = new GlobalSunJaasKerberosConfig(); krb5Config.setKrbConfLocation(krb5ConfigFile.getAbsolutePath()); krb5Config.afterPropertiesSet(); } kerberosService = new KerberosService(); kerberosService.setKerberosServiceAuthenticationProvider(createKerberosServiceAuthenticationProvider()); } return kerberosService; }
/** * Returns true if client certificates are required for REST API. Determined * if the following conditions are all true: * <p> * - login identity provider is not populated * - Kerberos service support is not enabled * - openid connect is not enabled * - knox sso is not enabled * </p> * * @return true if client certificates are required for access to the REST API */ public boolean isClientAuthRequiredForRestApi() { return !isLoginIdentityProviderEnabled() && !isKerberosSpnegoSupportEnabled() && !isOidcEnabled() && !isKnoxSsoEnabled(); }
@Override public KerberosService getObject() throws Exception { if (kerberosService == null && properties.isKerberosSpnegoSupportEnabled()) { final File krb5ConfigFile = properties.getKerberosConfigurationFile(); if (krb5ConfigFile != null) { final GlobalSunJaasKerberosConfig krb5Config = new GlobalSunJaasKerberosConfig(); krb5Config.setKrbConfLocation(krb5ConfigFile.getAbsolutePath()); krb5Config.afterPropertiesSet(); } kerberosService = new KerberosService(); kerberosService.setKerberosServiceAuthenticationProvider(createKerberosServiceAuthenticationProvider()); } return kerberosService; }