This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new ee7a905c40 NIFI-13551 Fixed framework SSLContext loading for Headless
Server
ee7a905c40 is described below
commit ee7a905c4095e1aa1c449d2a7b53d30cbdff905a
Author: Ferenc Erdei <[email protected]>
AuthorDate: Tue Jul 16 09:52:06 2024 +0200
NIFI-13551 Fixed framework SSLContext loading for Headless Server
- Changed conditional from evaluating HTTPS port to evaluating store path
and password properties
This closes #9083
Signed-off-by: David Handermann <[email protected]>
---
.../apache/nifi/framework/ssl/FrameworkSslContextProvider.java | 9 +++++++--
.../main/java/org/apache/nifi/headless/HeadlessNiFiServer.java | 7 +++----
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/framework/ssl/FrameworkSslContextProvider.java
b/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/framework/ssl/FrameworkSslContextProvider.java
index 9374ea8550..7a651e2b97 100644
---
a/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/framework/ssl/FrameworkSslContextProvider.java
+++
b/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/framework/ssl/FrameworkSslContextProvider.java
@@ -82,7 +82,7 @@ public class FrameworkSslContextProvider {
private KeyManagerBuilder getKeyManagerBuilder() {
final KeyManagerBuilder keyManagerBuilder;
- if (properties.isHTTPSConfigured()) {
+ if (isPropertyConfigured(SECURITY_KEYSTORE) &&
isPropertyConfigured(SECURITY_KEYSTORE_PASSWD)) {
final Path keyStorePath = getKeyStorePath();
final String keyStorePassword =
properties.getProperty(SECURITY_KEYSTORE_PASSWD, EMPTY);
final char[] keyPassword =
properties.getProperty(SECURITY_KEY_PASSWD, keyStorePassword).toCharArray();
@@ -102,7 +102,7 @@ public class FrameworkSslContextProvider {
private TrustManagerBuilder getTrustManagerBuilder() {
final TrustManagerBuilder trustManagerBuilder;
- if (properties.isHTTPSConfigured()) {
+ if (isPropertyConfigured(SECURITY_TRUSTSTORE) &&
isPropertyConfigured(SECURITY_TRUSTSTORE_PASSWD)) {
final Path trustStorePath = getTrustStorePath();
final String trustStorePassword =
properties.getProperty(SECURITY_TRUSTSTORE_PASSWD, EMPTY);
final String trustStoreType =
properties.getProperty(SECURITY_TRUSTSTORE_TYPE);
@@ -134,4 +134,9 @@ public class FrameworkSslContextProvider {
return Paths.get(trustStoreProperty);
}
+
+ private boolean isPropertyConfigured(final String propertyName) {
+ final String value = properties.getProperty(propertyName);
+ return value != null && !value.isBlank();
+ }
}
diff --git
a/nifi-framework-bundle/nifi-framework/nifi-headless-server/src/main/java/org/apache/nifi/headless/HeadlessNiFiServer.java
b/nifi-framework-bundle/nifi-framework/nifi-headless-server/src/main/java/org/apache/nifi/headless/HeadlessNiFiServer.java
index b4e93ed218..f64a738358 100644
---
a/nifi-framework-bundle/nifi-framework/nifi-headless-server/src/main/java/org/apache/nifi/headless/HeadlessNiFiServer.java
+++
b/nifi-framework-bundle/nifi-framework/nifi-headless-server/src/main/java/org/apache/nifi/headless/HeadlessNiFiServer.java
@@ -47,7 +47,7 @@ import
org.apache.nifi.diagnostics.bootstrap.BootstrapDiagnosticsFactory;
import org.apache.nifi.encrypt.PropertyEncryptor;
import org.apache.nifi.encrypt.PropertyEncryptorBuilder;
import org.apache.nifi.events.VolatileBulletinRepository;
-import org.apache.nifi.framework.configuration.SslContextConfiguration;
+import org.apache.nifi.framework.ssl.FrameworkSslContextProvider;
import org.apache.nifi.nar.ExtensionManager;
import org.apache.nifi.nar.ExtensionManagerHolder;
import org.apache.nifi.nar.ExtensionMapping;
@@ -136,9 +136,8 @@ public class HeadlessNiFiServer implements NiFiServer {
final BulletinRepository bulletinRepository = new
VolatileBulletinRepository();
final StatusHistoryRepository statusHistoryRepository =
getStatusHistoryRepository(extensionManager);
- final SslContextConfiguration sslContextConfiguration = new
SslContextConfiguration();
- sslContextConfiguration.setProperties(props);
- final SSLContext sslContext = sslContextConfiguration.sslContext();
+ final FrameworkSslContextProvider sslContextProvider = new
FrameworkSslContextProvider(props);
+ final SSLContext sslContext =
sslContextProvider.loadSslContext().orElse(null);
final StateManagerProvider stateManagerProvider =
StandardStateManagerProvider.create(props, sslContext, extensionManager,
ParameterLookup.EMPTY);
flowController = FlowController.createStandaloneInstance(
