timeabarna commented on a change in pull request #4973: URL: https://github.com/apache/nifi/pull/4973#discussion_r617204260
########## File path: nifi-nar-bundles/nifi-accumulo-bundle/nifi-accumulo-services/src/main/java/org/apache/nifi/accumulo/controllerservices/AccumuloService.java ########## @@ -150,61 +176,92 @@ private AuthenticationToken getToken(final AuthenticationType type, final Config problems.add(new ValidationResult.Builder().valid(false).subject(ZOOKEEPER_QUORUM.getName()).explanation("Zookeepers must be supplied").build()); } - if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ - problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied").build()); - } - final AuthenticationType type = validationContext.getProperty( - AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.PASSWORD; + AUTHENTICATION_TYPE).isSet() ? AuthenticationType.valueOf( validationContext.getProperty(AUTHENTICATION_TYPE).getValue() ) : AuthenticationType.NONE; switch(type){ case PASSWORD: + if (!validationContext.getProperty(ACCUMULO_USER).isSet()){ + problems.add( + new ValidationResult.Builder().valid(false).subject(ACCUMULO_USER.getName()).explanation("Accumulo user must be supplied for the Password Authentication type").build()); + } if (!validationContext.getProperty(ACCUMULO_PASSWORD).isSet()){ problems.add( - new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Password must be supplied for the Password Authentication type").build()); + new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()) + .explanation("Password must be supplied for the Password Authentication type").build()); + } + break; + case KERBEROS: + if (!validationContext.getProperty(KERBEROS_CREDENTIALS_SERVICE).isSet()){ + problems.add(new ValidationResult.Builder().valid(false).subject(KERBEROS_CREDENTIALS_SERVICE.getName()) + .explanation("Kerberos credential service must be supplied for the Kerberos Authentication type").build()); } break; default: - problems.add(new ValidationResult.Builder().valid(false).subject(ACCUMULO_PASSWORD.getName()).explanation("Non supported Authentication type").build()); + problems.add(new ValidationResult.Builder().valid(false).subject(AUTHENTICATION_TYPE.getName()).explanation("Non supported Authentication type").build()); } return problems; } @OnEnabled - public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException, InterruptedException { - if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet() || !context.getProperty(ACCUMULO_USER).isSet()){ + public void onEnabled(final ConfigurationContext context) throws InitializationException, IOException { + if (!context.getProperty(INSTANCE_NAME).isSet() || !context.getProperty(ZOOKEEPER_QUORUM).isSet()) { throw new InitializationException("Instance name and Zookeeper Quorum must be specified"); } - - + final KerberosCredentialsService kerberosService = context.getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final String instanceName = context.getProperty(INSTANCE_NAME).evaluateAttributeExpressions().getValue(); final String zookeepers = context.getProperty(ZOOKEEPER_QUORUM).evaluateAttributeExpressions().getValue(); - final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); + authType = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue()); + AuthenticationToken token; - final AuthenticationType type = AuthenticationType.valueOf( context.getProperty(AUTHENTICATION_TYPE).getValue() ); + final Properties clientConf = new Properties(); + clientConf.setProperty("instance.zookeepers", zookeepers); + clientConf.setProperty("instance.name", instanceName); + switch(authType){ + case PASSWORD: + final String accumuloUser = context.getProperty(ACCUMULO_USER).evaluateAttributeExpressions().getValue(); + token = new PasswordToken(context.getProperty(ACCUMULO_PASSWORD).getValue()); - final AuthenticationToken token = getToken(type,context); + this.client = Accumulo.newClient().from(clientConf).as(accumuloUser,token).build(); + break; + case KERBEROS: + final String principal = kerberosService.getPrincipal(); + + clientConf.setProperty("sasl.enabled", "true"); Review comment: Thanks @joshelser -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org