exceptionfactory commented on a change in pull request #4843:
URL: https://github.com/apache/nifi/pull/4843#discussion_r583109867
##########
File path:
nifi-nar-bundles/nifi-azure-bundle/nifi-azure-processors/src/main/java/org/apache/nifi/services/azure/storage/ADLSCredentialsControllerService.java
##########
@@ -74,12 +75,56 @@
.addValidator(StandardValidators.BOOLEAN_VALIDATOR)
.build();
+ public static final PropertyDescriptor SERVICE_PRINCIPAL_TENANT_ID = new
PropertyDescriptor.Builder()
+ .name("service-principal-tenant-id")
+ .displayName("Service Principal Tenant ID")
+ .description("Tenant ID of the Azure Active Directory hosting the
Service Principal. The property is required when Service Principal
authentication is used.")
+ .sensitive(true)
+ .required(false)
+ .addValidator(StandardValidators.NON_BLANK_VALIDATOR)
+
.expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES)
+ .build();
+
+ public static final PropertyDescriptor SERVICE_PRINCIPAL_CLIENT_ID = new
PropertyDescriptor.Builder()
+ .name("service-principal-client-id")
+ .displayName("Service Principal Client ID")
+ .description("Client ID (or Application ID) of the
Client/Application having the Service Principal. The property is required when
Service Principal authentication is used. " +
+ "Also 'Service Principal Client Secret' or 'Service
Principal Client Certificate' must be specified in this case.")
+ .sensitive(true)
+ .required(false)
+ .addValidator(StandardValidators.NON_BLANK_VALIDATOR)
+
.expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES)
+ .build();
+
+ public static final PropertyDescriptor SERVICE_PRINCIPAL_CLIENT_SECRET =
new PropertyDescriptor.Builder()
+ .name("service-principal-client-Secret")
+ .displayName("Service Principal Client Secret")
+ .description("Password of the Client/Application.")
+ .sensitive(true)
+ .required(false)
+ .addValidator(StandardValidators.NON_BLANK_VALIDATOR)
+
.expressionLanguageSupported(ExpressionLanguageScope.FLOWFILE_ATTRIBUTES)
+ .build();
+
+ public static final PropertyDescriptor
SERVICE_PRINCIPAL_CLIENT_CERTIFICATE = new PropertyDescriptor.Builder()
+ .name("service-principal-client-certificate")
+ .displayName("Service Principal Client Certificate")
+ .description("SSL Context Service referencing the keystore with
the client certificate of the Client/Application. Only PKCS12 (.pfx) keystore
type is supported. " +
+ "The keystore must contain a single key and the password
of the keystore and the key must be the same.")
+ .identifiesControllerService(SSLContextService.class)
Review comment:
It is understandable that `SSLContextService` is used in other
components where both key store and trust store are necessary. In this case,
however, only the key store and associated password are necessary, so using
`SSLContextService` seems to imply that more properties are necessary to make
this work. Also given that only a PKCS12 key store is supported, it seems
better to have the two specific properties for key store and key store
password. In addition to the unused trust store properties, the
`SSLContextService` also has the TLS Protocol property, which is would not
apply to this service.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
