[jira] [Created] (NIFI-7012) Using sensitive parameter in sensitive property of InvokeScriptedProcessor causes Jetty shutdown on NiFi restart

Fri, 10 Jan 2020 08:48:23 -0800 

Dariusz Chmielewski created NIFI-7012:
-----------------------------------------

             Summary: Using sensitive parameter in sensitive property of 
InvokeScriptedProcessor causes Jetty shutdown on NiFi restart
                 Key: NIFI-7012
                 URL: https://issues.apache.org/jira/browse/NIFI-7012
             Project: Apache NiFi
          Issue Type: Bug
    Affects Versions: 1.10.0
         Environment: OpenJDK 1.8.0_232 on Ubuntu 18.04.3 LTS
            Reporter: Dariusz Chmielewski
         Attachments: groovy_sample.txt

To simulate this add a new InvokeScriptedProcessor to your flow with attached 
example basic Groovy script as the Script Body. This will create a "Password" 
sensitive property on the processor, then using UI enter sensitive parameter 
(ex: "#\{test_pass}") in the value of this property. At this point everything 
will work fine, no errors in UI or nifi-app.log during this processor 
execution, but when you restart NiFi you will notice the below warning in 
nifi-app.log. To get around this issue and have Jetty start again I had to 
manually edit flow.xml and set the parameter ("test_pass") sensitive value to 
false. Note that both the processor property and parameter appear as sensitive 
in UI (before making changes to flow.xml) and their values are encrypted in 
flow.xml.
{quote}2020-01-10 15:37:28,492 INFO [main] org.eclipse.jetty.server.Server 
Started @29687ms
 2020-01-10 15:37:28,493 WARN [main] org.apache.nifi.web.server.JettyServer 
Failed to start web server... shutting down.
 org.apache.nifi.controller.serialization.FlowSynchronizationException: 
java.lang.IllegalArgumentException: The property 'Password' cannot reference 
Parameter 'test_pass' because Sensitive Parameters may only be referenced by 
Sensitive Properties.
 at 
org.apache.nifi.controller.StandardFlowSynchronizer.sync(StandardFlowSynchronizer.java:510)
 at 
org.apache.nifi.controller.FlowController.synchronize(FlowController.java:1368)
 at 
org.apache.nifi.persistence.StandardXMLFlowConfigurationDAO.load(StandardXMLFlowConfigurationDAO.java:88)
 at 
org.apache.nifi.controller.StandardFlowService.loadFromBytes(StandardFlowService.java:812)
 at 
org.apache.nifi.controller.StandardFlowService.load(StandardFlowService.java:557)
 at 
org.apache.nifi.web.contextlistener.ApplicationStartupContextListener.contextInitialized(ApplicationStartupContextListener.java:72)
 at 
org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:959)
 at 
org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:553)
 at 
org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:924)
 at 
org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:365)
 at org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1497)
 at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1459)
 at 
org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:854)
 at 
org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:278)
 at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:545)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
 at 
org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110)
 at 
org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113)
 at 
org.eclipse.jetty.server.handler.gzip.GzipHandler.doStart(GzipHandler.java:406)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
 at 
org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
 at 
org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
 at org.eclipse.jetty.server.Server.start(Server.java:418)
 at 
org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:110)
 at 
org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113)
 at org.eclipse.jetty.server.Server.doStart(Server.java:382)
 at 
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
 at org.apache.nifi.web.server.JettyServer.start(JettyServer.java:952)
 at org.apache.nifi.NiFi.<init>(NiFi.java:158)
 at org.apache.nifi.NiFi.<init>(NiFi.java:72)
 at org.apache.nifi.NiFi.main(NiFi.java:301)
 Caused by: java.lang.IllegalArgumentException: The property 'Password' cannot 
reference Parameter 'test_pass' because Sensitive Parameters may only be 
referenced by Sensitive Properties.
 at 
org.apache.nifi.controller.AbstractComponentNode.verifyCanUpdateProperties(AbstractComponentNode.java:307)
 at 
org.apache.nifi.controller.AbstractComponentNode.setProperties(AbstractComponentNode.java:192)
 at 
org.apache.nifi.controller.ComponentNode.setProperties(ComponentNode.java:60)
 at 
org.apache.nifi.controller.StandardFlowSynchronizer.updateProcessor(StandardFlowSynchronizer.java:1227)
 at 
org.apache.nifi.controller.StandardFlowSynchronizer.addProcessGroup(StandardFlowSynchronizer.java:1334)
 at 
org.apache.nifi.controller.StandardFlowSynchronizer.addProcessGroup(StandardFlowSynchronizer.java:1458)
 at 
org.apache.nifi.controller.StandardFlowSynchronizer.sync(StandardFlowSynchronizer.java:393)
 ... 42 common frames omitted
 2020-01-10 15:37:28,494 INFO [Thread-1] org.apache.nifi.NiFi Initiating 
shutdown of Jetty web server...
{quote}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to