subject:"\[GitHub\] \[nifi\] gresockj commented on a change in pull request #4976\: NIFI\-3862\: Added Issuer DN support to ListenHTTP"

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

2021-04-07 Thread GitBox



gresockj commented on a change in pull request #4976:
URL: https://github.com/apache/nifi/pull/4976#discussion_r608586852



##
File path: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
##
@@ -298,6 +299,56 @@ public void 
testSecureTwoWaySslPOSTRequestsReceivedWithoutEL() throws Exception
 testPOSTRequestsReceived(HttpServletResponse.SC_OK, true, true);
 }
 
+@Test
+public void 
testSecureTwoWaySslPOSTRequestsReceivedWithAuthorizedSubjectDn() throws 
Exception {

Review comment:
   Good point, will remove this one.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

2021-04-07 Thread GitBox



gresockj commented on a change in pull request #4976:
URL: https://github.com/apache/nifi/pull/4976#discussion_r608586502



##
File path: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
##
@@ -298,6 +299,56 @@ public void 
testSecureTwoWaySslPOSTRequestsReceivedWithoutEL() throws Exception
 testPOSTRequestsReceived(HttpServletResponse.SC_OK, true, true);
 }
 
+@Test
+public void 
testSecureTwoWaySslPOSTRequestsReceivedWithAuthorizedSubjectDn() throws 
Exception {
+
configureProcessorSslContextService(ListenHTTP.ClientAuthentication.REQUIRED, 
serverConfiguration);
+
+runner.setProperty(ListenHTTP.PORT, Integer.toString(availablePort));
+runner.setProperty(ListenHTTP.AUTHORIZED_DN_PATTERN, LOCALHOST_DN);
+runner.setProperty(ListenHTTP.BASE_PATH, HTTP_BASE_PATH);
+runner.assertValid();
+
+testPOSTRequestsReceived(HttpServletResponse.SC_OK, true, true);
+}
+
+@Test
+public void 
testSecureTwoWaySslPOSTRequestsReceivedWithUnauthorizedSubjectDn() throws 
Exception {
+
configureProcessorSslContextService(ListenHTTP.ClientAuthentication.REQUIRED, 
serverConfiguration);
+
+runner.setProperty(ListenHTTP.PORT, Integer.toString(availablePort));
+runner.setProperty(ListenHTTP.AUTHORIZED_DN_PATTERN, "CN=other");
+runner.setProperty(ListenHTTP.BASE_PATH, HTTP_BASE_PATH);
+runner.assertValid();
+
+testPOSTRequestsReceived(HttpServletResponse.SC_FORBIDDEN, true, true);
+}
+
+@Test
+public void 
testSecureTwoWaySslPOSTRequestsReceivedWithAuthorizedIssuerDn() throws 
Exception {

Review comment:
   I wanted to show that configuring the subject and issuer DN patterns to 
something other than .* would actually work if the patterns matched, so I'd 
like to keep this one.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

2021-04-07 Thread GitBox



gresockj commented on a change in pull request #4976:
URL: https://github.com/apache/nifi/pull/4976#discussion_r608584778



##
File path: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/servlets/ListenHTTPServlet.java
##
@@ -335,8 +348,9 @@ public void process(final OutputStream rawOut) throws 
IOException {
 }
 
 flowFile = session.putAllAttributes(flowFile, attributes);
-flowFile = saveRequestDetailsAsAttributes(request, session, 
foundSubject, flowFile);
-session.getProvenanceReporter().receive(flowFile, 
request.getRequestURL().toString(), sourceSystemFlowFileIdentifier, "Remote 
DN=" + foundSubject, transferMillis);
+flowFile = saveRequestDetailsAsAttributes(request, session, 
foundSubject, foundIssuer, flowFile);
+final String details = String.format("Remote DN=%s, Issuer DN=%s", 
foundSubject, foundIssuer);
+session.getProvenanceReporter().receive(flowFile, 
request.getRequestURL().toString(), sourceSystemFlowFileIdentifier, details + 
foundIssuer, transferMillis);

Review comment:
   Yep, certainly a typo.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

[GitHub] [nifi] gresockj commented on a change in pull request #4976: NIFI-3862: Added Issuer DN support to ListenHTTP

3 matches

Site Navigation

Mail list logo

Footer information