jfrazee commented on a change in pull request #4250:
URL: https://github.com/apache/nifi/pull/4250#discussion_r507950335
##########
File path:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/leader/election/CuratorLeaderElectionManager.java
##########
@@ -589,4 +601,44 @@ public void takeLeadership(final CuratorFramework client)
throws Exception {
}
}
}
+
+ public static class SecureClientZooKeeperFactory implements
ZookeeperFactory {
+
+ private static final String NETTY_CLIENT_CNXN_SOCKET =
+ "org.apache.zookeeper.ClientCnxnSocketNetty";
+
+ private ZKClientConfig zkSecureClientConfig;
+
+ public SecureClientZooKeeperFactory(final ZooKeeperClientConfig
zkConfig) {
+ this.zkSecureClientConfig = new ZKClientConfig();
+
+ // Netty is required for the secure client config.
+ final String cnxnSocket = zkConfig.getConnectionSocket();
+ if (!NETTY_CLIENT_CNXN_SOCKET.equals(cnxnSocket)) {
+ throw new IllegalArgumentException(String.format("connection
factory set to '%s', %s required", String.valueOf(cnxnSocket),
NETTY_CLIENT_CNXN_SOCKET));
+ }
+
zkSecureClientConfig.setProperty(ZKClientConfig.ZOOKEEPER_CLIENT_CNXN_SOCKET,
cnxnSocket);
+
+ // This should never happen but won't get checked elsewhere.
+ final boolean clientSecure = zkConfig.getClientSecure();
+ if (!clientSecure) {
Review comment:
@exceptionfactory This is the one change I didn't make based on your
suggestions (thanks for them BTW). While, yes, the secure factory knows what it
needs, I don't/didn't want to ignore or change the config the user provides
since their intent is either different or confused. I want them to know they're
using it wrong.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
