You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2019/02/19 16:48:34 UTC

[GitHub] MikeThomsen commented on a change in pull request #3126: NIFI-5753 Add SSL support to HortonworksSchemaRegistry service

MikeThomsen commented on a change in pull request #3126: NIFI-5753 Add SSL support to HortonworksSchemaRegistry service
URL: https://github.com/apache/nifi/pull/3126#discussion_r258104319
 
 

 ##########
 File path: nifi-nar-bundles/nifi-standard-services/nifi-hwx-schema-registry-bundle/nifi-hwx-schema-registry-service/src/main/java/org/apache/nifi/schemaregistry/hortonworks/HortonworksSchemaRegistry.java
 ##########
 @@ -120,9 +131,31 @@ public void enable(final ConfigurationContext context) throws InitializationExce
         schemaRegistryConfig.put(SchemaRegistryClient.Configuration.CLASSLOADER_CACHE_EXPIRY_INTERVAL_SECS.name(), context.getProperty(CACHE_EXPIRATION).asTimePeriod(TimeUnit.SECONDS));
         schemaRegistryConfig.put(SchemaRegistryClient.Configuration.SCHEMA_VERSION_CACHE_SIZE.name(), context.getProperty(CACHE_SIZE).asInteger());
         schemaRegistryConfig.put(SchemaRegistryClient.Configuration.SCHEMA_VERSION_CACHE_EXPIRY_INTERVAL_SECS.name(), context.getProperty(CACHE_EXPIRATION).asTimePeriod(TimeUnit.SECONDS));
+        Map<String, String> sslProperties = buildSslProperties(context);
+        if (!sslProperties.isEmpty()) {
+            schemaRegistryConfig.put(CLIENT_SSL_PROPERTY_PREFIX, sslProperties);
+        }
     }
 
-
+    private Map<String, String> buildSslProperties(final ConfigurationContext context) {
+        final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
+        ImmutableMap.Builder<String, String> propertiesBuilder = ImmutableMap.builder();
+        if (sslContextService != null) {
+            propertiesBuilder.put("protocol", sslContextService.getSslAlgorithm());
+            propertiesBuilder.put("keyPassword", sslContextService.getKeyPassword());
 
 Review comment:
   The builder doesn't handle `getKeyPassword()` returning a null value, so that will need to be fixed with a null or `StringUtils.isEmpty` (preferable)

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services