Skip to content

Instantly share code, notes, and snippets.

Avatar
🔏
Focusing on NiFi security...

Andy LoPresto alopresto

🔏
Focusing on NiFi security...
View GitHub Profile
View NiFi_Maven_profiler_output.txt
nifi (1785 s)
Run clean install on 2020/02/21 20:45:19 with parameters: {profile=true, surefire.skipAfterFailureCount=1}
nifi-standard-processors (357.6 s)
Plugin execution Duration
org.apache.maven.plugins:maven-surefire-plugin:2.22.0:test {execution: default-test} 334.5 s
org.apache.maven.plugins:maven-checkstyle-plugin:3.1.0:check {execution: check-style} 10.36 s
org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile {execution: default-compile} 4.118 s
org.apache.maven.plugins:maven-compiler-plugin:3.8.1:testCompile {execution: default-testCompile} 3.878 s
org.apache.maven.plugins:maven-compiler-plugin:3.8.1:testCompile {execution: groovy-tests} 2.314 s
View NiFi_Maven_profiler_output.html
This file has been truncated, but you can view the full file.
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Maven Profiler Report </title>
<style>
body {
padding: 30px 50px;
}
@alopresto
alopresto / gpg_el_gamal_nifi_test.txt
Last active Sep 25, 2019
CLI output from performing GPG El Gamal exploration for NiFi PGP integration.
View gpg_el_gamal_nifi_test.txt
...rkspace/scratch/ (master) 😉
🔒 0s @ 17:39:57 $ gpg --no-default-keyring --keyring ./nifi-unit-test-small-dsa.gpg --full-generate-key -vv
gpg: keybox './nifi-unit-test-small-dsa.gpg' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 2
DSA keys may be between 1024 and 3072 bits long.
@alopresto
alopresto / GroovyProcessor.groovy
Created Aug 27, 2019
Sample Apache NiFi custom processor written in Groovy.
View GroovyProcessor.groovy
class GroovyProcessor implements Processor {
def REL_SUCCESS = new Relationship.Builder().name("success")
.description("FlowFiles that were successfully processed").build()
def ProcessorLog log
@Override
void initialize(ProcessorInitializationContext context) {
log = context.getLogger()
}
View NIFI-5973_nifi-user.log
🔓 16s @ 20:33:44 $ cat logs/nifi-user.log
2019-06-18 19:06:15,032 INFO [main] o.a.n.a.FileUserGroupProvider Creating new users file at /Users/alopresto/Workspace/nifi/nifi-assembly/target/nifi-1.10.0-SNAPSHOT-bin/nifi-1.10.0-SNAPSHOT/./conf/users.xml
2019-06-18 19:06:15,040 DEBUG [main] o.a.n.a.util.IdentityMappingUtil Identity Mapping property nifi.security.identity.mapping.pattern.dn was found, but no transform was present. Using NONE.
2019-06-18 19:06:15,042 DEBUG [main] o.a.n.a.util.IdentityMappingUtil Found Identity Mapping with key = dn, pattern = (?i)^CN=([^,]*),.*$, value = $1, transform = NONE
2019-06-18 19:06:15,046 INFO [main] o.a.n.a.FileUserGroupProvider Users/Groups file loaded at Tue Jun 18 19:06:15 PDT 2019
2019-06-18 19:06:15,048 DEBUG [main] o.a.nifi.authorization.util.ShellRunner Run Command '<unknown>': [sh, -c, which dscl]
2019-06-18 19:06:15,067 DEBUG [main] o.a.nifi.authorization.util.ShellRunner Run Command 'Get Users List': [sh, -c, dscl . -readall /Users UniqueID PrimaryGroupID | awk
@alopresto
alopresto / NIFI-5973_authorizations.xml
Created Jun 19, 2019
authorizations.xml file generated automatically when testing NIFI-5973.
View NIFI-5973_authorizations.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<authorizations>
<policies>
<policy identifier="f99bccd1-a30e-3e4a-98a2-dbc708edc67f" resource="/flow" action="R">
<user identifier="502"/>
</policy>
<policy identifier="b8775bd4-704a-34c6-987b-84f2daf7a515" resource="/restricted-components" action="W">
<user identifier="502"/>
</policy>
<policy identifier="627410be-1717-35b4-a06f-e9362b89e0b7" resource="/tenants" action="R">
View NIFI-5973_nifi.properties
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
@alopresto
alopresto / NIFI-5973_login-identity-providers.xml
Created Jun 19, 2019
login-identity-providers.xml for testing NIFI-5973.
View NIFI-5973_login-identity-providers.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
@alopresto
alopresto / NIFI-5973_authorizers.xml
Created Jun 19, 2019
authorizers.xml file for testing NIFI-5973.
View NIFI-5973_authorizers.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
@alopresto
alopresto / Log_output_from_InvokeHTTP.txt
Created Jun 19, 2019
Excerpted and annotated log output from NiFi InvokeHTTP.
View Log_output_from_InvokeHTTP.txt
# This is the LogAttribute in the "HandleHTTPRequest/UpdateAttribute/HandleHTTPResponse" flow (on the right). Please note that the flowfile content is present (the JSON snippet with id and message keys), but the attribute1 and authorization values are not present. They were not sent via HTTP request.
2019-06-18 19:46:50,750 INFO [Timer-Driven Process Thread-5] o.a.n.processors.standard.LogAttribute LogAttribute[id=6d9bac97-016b-1000-1aab-863142f46b52] logging for flow file StandardFlowFileRecord[uuid=b2c07e72-6f23-41b2-9910-78a71d590b54,claim=StandardContentClaim [resourceClaim=StandardResourceClaim[id=1560912333372-1, container=default, section=1], offset=251, length=56],offset=0,name=b2c07e72-6f23-41b2-9910-78a71d590b54,size=56]
--------------------------------------------------
Standard FlowFile Attributes
Key: 'entryDate'
Value: 'Tue Jun 18 19:46:50 PDT 2019'
Key: 'lineageStartDate'
Value: 'Tue Jun 18 19:46:50 PDT 2019'
Key: 'fileSize'
You can’t perform that action at this time.