Repository: nifi Updated Branches: refs/heads/master 3259b01f8 -> 31ec01b5f
NIFI-3004 Improved StandardSSLContextService customValidate Signed-off-by: Andy LoPresto <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/nifi/repo Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/970c46cc Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/970c46cc Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/970c46cc Branch: refs/heads/master Commit: 970c46ccfe55ad37b9f83dff016df334838e5293 Parents: 3259b01 Author: Pierre Villard <[email protected]> Authored: Fri Dec 30 12:37:04 2016 +0100 Committer: Andy LoPresto <[email protected]> Committed: Thu Jan 5 17:32:01 2017 -0800 ---------------------------------------------------------------------- .../nifi/ssl/StandardSSLContextService.java | 15 ++++++++++ .../apache/nifi/ssl/SSLContextServiceTest.java | 29 ++++++++++++++++++++ 2 files changed, 44 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/nifi/blob/970c46cc/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/main/java/org/apache/nifi/ssl/StandardSSLContextService.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/main/java/org/apache/nifi/ssl/StandardSSLContextService.java b/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/main/java/org/apache/nifi/ssl/StandardSSLContextService.java index 9817532..d10c840 100644 --- a/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/main/java/org/apache/nifi/ssl/StandardSSLContextService.java +++ b/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/main/java/org/apache/nifi/ssl/StandardSSLContextService.java @@ -118,6 +118,7 @@ public class StandardSSLContextService extends AbstractControllerService impleme private static final List<PropertyDescriptor> properties; private ConfigurationContext configContext; + private boolean isValidated; static { List<PropertyDescriptor> props = new ArrayList<>(); @@ -161,6 +162,12 @@ public class StandardSSLContextService extends AbstractControllerService impleme createSSLContext(ClientAuth.REQUIRED); } + @Override + public void onPropertyModified(PropertyDescriptor descriptor, String oldValue, String newValue) { + super.onPropertyModified(descriptor, oldValue, newValue); + isValidated = false; + } + private static Validator createFileExistsAndReadableValidator() { return new Validator() { // Not using the FILE_EXISTS_VALIDATOR because the default is to @@ -200,6 +207,11 @@ public class StandardSSLContextService extends AbstractControllerService impleme @Override protected Collection<ValidationResult> customValidate(ValidationContext validationContext) { final Collection<ValidationResult> results = new ArrayList<>(); + + if(isValidated) { + return results; + } + results.addAll(validateStore(validationContext.getProperties(), KeystoreValidationGroup.KEYSTORE)); results.addAll(validateStore(validationContext.getProperties(), KeystoreValidationGroup.TRUSTSTORE)); @@ -228,6 +240,9 @@ public class StandardSSLContextService extends AbstractControllerService impleme .build()); } } + + isValidated = results.isEmpty(); + return results; } http://git-wip-us.apache.org/repos/asf/nifi/blob/970c46cc/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/test/java/org/apache/nifi/ssl/SSLContextServiceTest.java ---------------------------------------------------------------------- diff --git a/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/test/java/org/apache/nifi/ssl/SSLContextServiceTest.java b/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/test/java/org/apache/nifi/ssl/SSLContextServiceTest.java index a771914..03aacc0 100644 --- a/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/test/java/org/apache/nifi/ssl/SSLContextServiceTest.java +++ b/nifi-nar-bundles/nifi-standard-services/nifi-ssl-context-bundle/nifi-ssl-context-service/src/test/java/org/apache/nifi/ssl/SSLContextServiceTest.java @@ -116,6 +116,35 @@ public class SSLContextServiceTest { } @Test + public void testWithChanges() throws InitializationException { + final TestRunner runner = TestRunners.newTestRunner(TestProcessor.class); + SSLContextService service = new StandardSSLContextService(); + runner.addControllerService("test-good1", service); + runner.setProperty(service, StandardSSLContextService.KEYSTORE.getName(), "src/test/resources/localhost-ks.jks"); + runner.setProperty(service, StandardSSLContextService.KEYSTORE_PASSWORD.getName(), "localtest"); + runner.setProperty(service, StandardSSLContextService.KEYSTORE_TYPE.getName(), "JKS"); + runner.setProperty(service, StandardSSLContextService.TRUSTSTORE.getName(), "src/test/resources/localhost-ts.jks"); + runner.setProperty(service, StandardSSLContextService.TRUSTSTORE_PASSWORD.getName(), "localtest"); + runner.setProperty(service, StandardSSLContextService.TRUSTSTORE_TYPE.getName(), "JKS"); + runner.enableControllerService(service); + + runner.setProperty("SSL Context Svc ID", "test-good1"); + runner.assertValid(service); + + runner.disableControllerService(service); + runner.setProperty(service,StandardSSLContextService.KEYSTORE.getName(), "src/test/resources/DOES-NOT-EXIST.jks"); + runner.assertNotValid(service); + + runner.setProperty(service, StandardSSLContextService.KEYSTORE.getName(), "src/test/resources/localhost-ks.jks"); + runner.setProperty(service, StandardSSLContextService.TRUSTSTORE_PASSWORD.getName(), "badpassword"); + runner.assertNotValid(service); + + runner.setProperty(service, StandardSSLContextService.TRUSTSTORE_PASSWORD.getName(), "localtest"); + runner.enableControllerService(service); + runner.assertValid(service); + } + + @Test public void testGoodTrustOnly() { try { TestRunner runner = TestRunners.newTestRunner(TestProcessor.class);
