[jira] [Commented] (NIFI-4199) NiFi processors should be able to share proxy settings

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/NIFI-4199?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16476634#comment-16476634
 ] 

ASF GitHub Bot commented on NIFI-4199:
--------------------------------------

Github user ijokarumawak commented on the issue:

    https://github.com/apache/nifi/pull/2704
  
    @jugi92 FTPTransfer supports SOCKS proxy. Specifically at these lines:
    ```
             if (proxyType == Proxy.Type.HTTP) {
    -            client = new FTPHTTPClient(proxyHost, proxyPort, 
ctx.getProperty(HTTP_PROXY_USERNAME).getValue(), 
ctx.getProperty(HTTP_PROXY_PASSWORD).getValue());
    +            client = new FTPHTTPClient(proxyHost, proxyPort, 
proxyConfig.getProxyUserName(), proxyConfig.getProxyUserPassword());
             } else {
                 client = new FTPClient();
                 if (proxyType == Proxy.Type.SOCKS) {
                     client.setSocketFactory(new SocksProxySocketFactory(new 
Proxy(proxyType, new InetSocketAddress(proxyHost, proxyPort))));
                 }
             }
    ```
    
https://github.com/apache/nifi/pull/2704/files#diff-6e7e715d42f332cbe404edd9afbcaafaL533
    
    For processors those don't support SOCKS proxy, following validation code 
should be added into their customValidate method, to confirm that 
ProxyConfigurationService is configured with the supported proxy type(s):
    ```
    ProxyConfiguration.validateProxyType(validationContext, results, 
Proxy.Type.HTTP);
    ```
    
    ProxyConfigurationService just holds the centralized proxy settings, each 
processor is responsible to use the settings with its own relying SDK/API way.
    
    I checked #2018 but the PR doesn't look active. I will take a closer look 
on SFTP processor and #2018 to see if I can include SFTP ones into this PR, too.


> NiFi processors should be able to share proxy settings
> ------------------------------------------------------
>
>                 Key: NIFI-4199
>                 URL: https://issues.apache.org/jira/browse/NIFI-4199
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Andre F de Miranda
>            Assignee: Koji Kawamura
>            Priority: Major
>
> Currently, configuring proxy settings for NiFi processors may be a tedious 
> process that requires the DFM to set proxy settings on individual processors. 
> This leads to:
> * Duplication of work
> * Management overhead (as password must be changed on multiple locations)
> * Lower security (as proxy credentials must be known by "n" DFMs)
> Ideally, NiFi should offer a way to minimise duplication of work by offering 
> a something similar to the Standard SSL Context services. This way, the DFM 
> could set the proxy settings once an all authorised users could tap into 
> those settings.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)