You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by mc...@apache.org on 2015/12/01 17:44:17 UTC
[39/51] [abbrv] nifi git commit: NIFI-655: - Updated user guide with
screenshots of login process. - Tweaked wording in admin guide. - Triggering
login on enter press in login form.
NIFI-655:
- Updated user guide with screenshots of login process.
- Tweaked wording in admin guide.
- Triggering login on enter press in login form.
Project: http://git-wip-us.apache.org/repos/asf/nifi/repo
Commit: http://git-wip-us.apache.org/repos/asf/nifi/commit/6bce858e
Tree: http://git-wip-us.apache.org/repos/asf/nifi/tree/6bce858e
Diff: http://git-wip-us.apache.org/repos/asf/nifi/diff/6bce858e
Branch: refs/heads/master
Commit: 6bce858e4ae37fd10a6651428741a99a4b893d52
Parents: c073253
Author: Matt Gilman <ma...@gmail.com>
Authored: Wed Nov 25 16:42:22 2015 -0500
Committer: Matt Gilman <ma...@gmail.com>
Committed: Wed Nov 25 16:42:22 2015 -0500
----------------------------------------------------------------------
.../src/main/asciidoc/administration-guide.adoc | 4 +--
.../main/asciidoc/images/anonymous-access.png | Bin 0 -> 81725 bytes
nifi-docs/src/main/asciidoc/images/login.png | Bin 0 -> 93233 bytes
.../src/main/asciidoc/images/request-access.png | Bin 0 -> 94494 bytes
nifi-docs/src/main/asciidoc/user-guide.adoc | 26 +++++++++++++++++++
.../org/apache/nifi/web/api/AccessResource.java | 4 +--
.../src/main/webapp/js/nf/login/nf-login.js | 11 ++++++++
7 files changed, 41 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-docs/src/main/asciidoc/administration-guide.adoc
----------------------------------------------------------------------
diff --git a/nifi-docs/src/main/asciidoc/administration-guide.adoc b/nifi-docs/src/main/asciidoc/administration-guide.adoc
index dcb1151..1e5d215 100644
--- a/nifi-docs/src/main/asciidoc/administration-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/administration-guide.adoc
@@ -150,8 +150,8 @@ NiFi provides several different configuration options for security purposes. The
by the NiFi cluster protocol. If the Truststore properties are not set, this must be `false`. Otherwise, a value
of `true` indicates that nodes in the cluster will be authenticated and must have certificates that are trusted
by the Truststores.
-|`nifi.security.anonymous.authorities` | Specifies the roles that should be granted to users that connect over HTTPS anonymously. All users will
- be given this level access, however if they have been granted a particular level of access by an administrator
+|`nifi.security.anonymous.authorities` | Specifies the roles that should be granted to users that connect over HTTPS anonymously. All users can make
+ use of anonymous access, however if they have been granted a particular level of access by an administrator
it will take precedence if they access NiFi using a client certificate or once they have logged in.
|==================================================================================================================================================
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-docs/src/main/asciidoc/images/anonymous-access.png
----------------------------------------------------------------------
diff --git a/nifi-docs/src/main/asciidoc/images/anonymous-access.png b/nifi-docs/src/main/asciidoc/images/anonymous-access.png
new file mode 100644
index 0000000..1ecabcd
Binary files /dev/null and b/nifi-docs/src/main/asciidoc/images/anonymous-access.png differ
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-docs/src/main/asciidoc/images/login.png
----------------------------------------------------------------------
diff --git a/nifi-docs/src/main/asciidoc/images/login.png b/nifi-docs/src/main/asciidoc/images/login.png
new file mode 100644
index 0000000..f474a9e
Binary files /dev/null and b/nifi-docs/src/main/asciidoc/images/login.png differ
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-docs/src/main/asciidoc/images/request-access.png
----------------------------------------------------------------------
diff --git a/nifi-docs/src/main/asciidoc/images/request-access.png b/nifi-docs/src/main/asciidoc/images/request-access.png
new file mode 100644
index 0000000..f556894
Binary files /dev/null and b/nifi-docs/src/main/asciidoc/images/request-access.png differ
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-docs/src/main/asciidoc/user-guide.adoc
----------------------------------------------------------------------
diff --git a/nifi-docs/src/main/asciidoc/user-guide.adoc b/nifi-docs/src/main/asciidoc/user-guide.adoc
index fd40526..64421d7 100644
--- a/nifi-docs/src/main/asciidoc/user-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/user-guide.adoc
@@ -157,6 +157,32 @@ are in the cluster and how many are currently connected.
image::status-bar.png["NiFi Status Bar"]
+[[logging-in]]
+Logging In
+---------
+
+If NiFi is configured to run securely, users will be able to request access to the DataFlow. For information on configuring NiFi to run
+securely, see the link:administration-guide.html[Admin Guide]. If NiFi supports anonymous access, users will be given access
+accordingly and given an option to log in.
+
+image::anonymous-access.png["Anonymous Access"]
+
+Clicking the 'login' link will open the log in page. If the user is logging in with their username/password they will be presented with
+a form to do so. If NiFi is not configured to support anonymous access and the user is logging in with their username/password, they will
+be immediately sent to the login form bypassing the canvas.
+
+image::login.png["Log In"]
+
+Once the user has logged in or if they are accessing NiFi using a client certificate loaded in their browser, they will be prompted
+to request access by submitting a justification if this is the first time they have accessed this NiFi. Fill in an optional justification
+that the administrator will review while granting the account access. If NiFi is not configured to support anonymous access and the
+user is using a client certificate, they will be immediately sent to the form to request access bypassing the canvas and login form.
+
+image::request-access.png["Request Access"]
+
+Press Submit to send the account request. If NiFi supports anonymous access, the user can continue accessing the DataFlow by closing the
+login page. Returning to the login page will check the status of the account request. If access has been granted, press the home link or
+reload the page to assume the new roles.
[[building-dataflow]]
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
index c73ec47..326aa00 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/api/AccessResource.java
@@ -208,7 +208,7 @@ public class AccessResource extends ApplicationResource {
// no issues with authorization... verify authorities
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
if (userDetails.getAuthorities().isEmpty()) {
- accessStatus.setMessage("Your account is active but is unauthorized as no authorities have been granted.");
+ accessStatus.setMessage("Your account is active but currently does not have any level of access.");
} else {
accessStatus.setMessage("Your account is active and you are already logged in.");
}
@@ -237,7 +237,7 @@ public class AccessResource extends ApplicationResource {
// no issues with authorization... verify authorities
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
if (userDetails.getAuthorities().isEmpty()) {
- accessStatus.setMessage("Your account is active but is unauthorized as no authorities have been granted.");
+ accessStatus.setMessage("Your account is active but currently does not have any level of access.");
} else {
accessStatus.setMessage("Your account is active and you are already logged in.");
}
http://git-wip-us.apache.org/repos/asf/nifi/blob/6bce858e/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/login/nf-login.js
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/login/nf-login.js b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/login/nf-login.js
index 6c05664..f2c9d2a 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/login/nf-login.js
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-ui/src/main/webapp/js/nf/login/nf-login.js
@@ -87,6 +87,9 @@ nf.Login = (function () {
};
var login = function () {
+ // remove focus
+ $('#username, #password').blur();
+
// show the logging message...
$('#login-progress-label').text('Logging in...');
$('#login-progress-container').show();
@@ -218,6 +221,14 @@ nf.Login = (function () {
if (nf.Storage.getItem('jwt') !== null) {
showLogoutLink();
}
+
+ // supporting logging in via enter press
+ $('#username, #password').on('keyup', function (e) {
+ var code = e.keyCode ? e.keyCode : e.which;
+ if (code === $.ui.keyCode.ENTER) {
+ login();
+ }
+ });
// access status
var accessStatus = $.ajax({