[jira] [Commented] (NIFI-4199) NiFi processors should be able to share proxy settings

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/NIFI-4199?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16478400#comment-16478400
 ] 

ASF GitHub Bot commented on NIFI-4199:
--------------------------------------

Github user ijokarumawak commented on a diff in the pull request:

    https://github.com/apache/nifi/pull/2704#discussion_r188823744
  
    --- Diff: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/util/SFTPTransfer.java
 ---
    @@ -418,6 +424,23 @@ protected ChannelSftp getChannel(final FlowFile 
flowFile) throws IOException {
                     
ctx.getProperty(HOSTNAME).evaluateAttributeExpressions(flowFile).getValue(),
                     
ctx.getProperty(PORT).evaluateAttributeExpressions(flowFile).asInteger().intValue());
     
    +            final ProxyConfiguration proxyConfig = 
ProxyConfiguration.getConfiguration(ctx, 
createComponentProxyConfigSupplier(ctx));
    +            switch (proxyConfig.getProxyType()) {
    +                case HTTP:
    +                    final ProxyHTTP proxyHTTP = new 
ProxyHTTP(proxyConfig.getProxyServerHost(), proxyConfig.getProxyServerPort());
    +                    // Check if Username is set and populate the proxy 
accordingly
    +                    if (proxyConfig.hasCredential()) {
    +                        
proxyHTTP.setUserPasswd(proxyConfig.getProxyUserName(), 
proxyConfig.getProxyUserPassword());
    +                    }
    +                    session.setProxy(proxyHTTP);
    +                    break;
    +                case SOCKS:
    +                    final ProxySOCKS5 proxySOCKS5 = new 
ProxySOCKS5(proxyConfig.getProxyServerHost(), proxyConfig.getProxyServerPort());
    +                    session.setProxy(proxySOCKS5);
    --- End diff --
    
    @jugi92 Thanks! I actually didn't know SOCKS protocol supports user 
authentication.. It seems SFTP processors (thanks to the underlying jsch) 
support that. I've added your suggestion and confirmed with Dante SOCKS server 
with authentication.
    https://gist.github.com/ijokarumawak/b3a31378bdc0a6c6b9922a138e9ec9c1
    
    I will update this PR shortly.


> NiFi processors should be able to share proxy settings
> ------------------------------------------------------
>
>                 Key: NIFI-4199
>                 URL: https://issues.apache.org/jira/browse/NIFI-4199
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Andre F de Miranda
>            Assignee: Koji Kawamura
>            Priority: Major
>
> Currently, configuring proxy settings for NiFi processors may be a tedious 
> process that requires the DFM to set proxy settings on individual processors. 
> This leads to:
> * Duplication of work
> * Management overhead (as password must be changed on multiple locations)
> * Lower security (as proxy credentials must be known by "n" DFMs)
> Ideally, NiFi should offer a way to minimise duplication of work by offering 
> a something similar to the Standard SSL Context services. This way, the DFM 
> could set the proxy settings once an all authorised users could tap into 
> those settings.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)