nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vitaly Krivoy <Vitaly_Kri...@jhancock.com>
Subject RE: Security issue when programmatically trying to create DBCP Controller Service
Date Fri, 20 Apr 2018 18:27:24 GMT
Thanks. It turned out that my swagger-generated API client is very old and I can't set properties
such as bundle, etc, which Is probably the cause of the problem.

-----Original Message-----
From: Bryan Bende [mailto:bbende@gmail.com]
Sent: Friday, April 20, 2018 11:24 AM
To: users@nifi.apache.org
Subject: Re: Security issue when programmatically trying to create DBCP Controller Service

There should be an exception in nifi-app.log for the message you received:

"Unable to create component to verify if it references any Controller Services"

If you can find the stacktrace for that exception in nifi-app.log and provide it here, it
may be helpful to see what is going on.


On Fri, Apr 20, 2018 at 11:00 AM, Vitaly Krivoy <Vitaly_Krivoy@jhancock.com> wrote:
> Charlie,
>
>
>
> I modified my code so that it would  create a controller first and
> then enable it thought the Post request, but I am getting the same
> error message during the initial creation step. Thank you for your
> suggestion about checking how this works out in the browser. I will check that next.
>
>     public ControllerServiceEntity createDbcp(String groupId,
>
>                                               String dbUrl,
>
>                                               String driverClass,
>
>                                               String driverDirectory,
>
>                                               String dbUser,
>
>                                               String pwd,
>
>                                               int    maxWaitTime,
>
>                                               int    maxConnectionTotal,
>
>                                               String validationQuery )
> {
>
>
>
>          Map<String,String> props = new HashMap<>();
>
>
>
>          props.put("Database Connection URL", "dbUrl");
>
>          props.put("Database Driver Class Name", "driverClass");
>
>          props.put("Database Driver Location(s)", "driverDirectory");
>
>          props.put("Database User", "dbUser");
>
>          props.put("Password", "pwd");
>
>          props.put("Max Wait Time", "maxWaitTime");
>
>          props.put("Max Total Connections", "maxConnectionTotal");
>
>          props.put("Validation query", "validationQuery");
>
>
>
>          RevisionDTO revision = new RevisionDTO()
>
>                  .clientId(clientId)
>
>                  .version(0L);
>
>
>
> //       ControllerServiceDTO component = new ControllerServiceDTO()
>
> //               .parentGroupId(groupId)
>
> //               .name("DBCPConnectionPool")
>
> //               .type("DBCPConnectionPool 1.6.0-SNAPSHOT")
>
> //               .state(ControllerServiceDTO.StateEnum.ENABLED)
>
> //               .properties(props);
>
>
>
>          ControllerServiceDTO component = new ControllerServiceDTO()
>
>                  .parentGroupId(groupId)
>
>                  .name("DBCPConnectionPool")
>
>                  .type("DBCPConnectionPool 1.6.0-SNAPSHOT")
>
>                  .properties(props);
>
>
>
>          ControllerServiceEntity dbcp = new ControllerServiceEntity()
>
>                  .component(component)
>
>                  .revision(revision);
>
>
>
>          dbcp = createControllerService(groupId, dbcp);
>
>
>
>          // now enable it
>
>     component.state(ControllerServiceDTO.StateEnum.ENABLED);
>
>          dbcp = updateControllerService(groupId, dbcp);
>
>
>
>
>
>          return dbcp;
>
>     }
>
>
>
>
>
> From: Charlie Meyer [mailto:charlie.meyer@civitaslearning.com]
> Sent: Tuesday, April 17, 2018 4:00 PM
> To: users@nifi.apache.org
> Subject: Re: Security issue when programmatically trying to create
> DBCP Controller Service
>
>
>
> We use a swagger-generated client as well and the main difference that
> I see is that I do not set
>
>
>
> .state(ControllerServiceDTO.StateEnum.ENABLED)
>
>
>
> But rather create it, then enable it as a next step.
>
>
>
> In debugging these things, I have extensively used the chrome
> developer tools as I make actions in the UI, then get my payloads from
> my java client to match those exactly. If a field isnt set by the UI,
> I dont set it in my payloads from my code either (and the inverse).
>
>
>
> Hope that helps
>
>
>
>
>
> On Tue, Apr 17, 2018 at 2:42 PM, Vitaly Krivoy
> <Vitaly_Krivoy@jhancock.com>
> wrote:
>
> Hi,
>
> I am trying to programmatically create a DBCP Controller Service from
> a Java program and I am getting an error returned from
> POST/process-groups/{id}/controller-services.
>
> Exception when calling: ControllerServicesApi#createControllerService
>
>                Response body: Unable to create component to verify if
> it references any Controller Services. Contact the system administrator.
>
>                io.swagger.client.ApiException: Unauthorized
>
>                               at
> io.swagger.client.ApiClient.handleResponse(ApiClient.java:1058)
>
>                               at
> io.swagger.client.ApiClient.execute(ApiClient.java:981)
>
>                               at
> io.swagger.client.api.ProcessgroupsApi.createControllerServiceWithHttp
> Info(ProcessgroupsApi.java:396)
>
>                               at
> io.swagger.client.api.ProcessgroupsApi.createControllerService(Process
> groupsApi.java:381)
>
>                               at
> com.bdss.nifi.trickle.NiFiRestClient.createControllerService(NiFiRestC
> lient.java:304)
>
>                               at
> com.bdss.nifi.trickle.NiFiRestClient.createDbcp(NiFiRestClient.java:34
> 7)
>
>                               at
> com.bdss.nifi.trickle.resources.NiFiResourceManager.getMdmDbcp(NiFiRes
> ourceManager.java:45)
>
>                               at
> com.bdss.nifi.trickle.Trickle.createTemplateConfig(Trickle.java:57)
>
>                               at
> com.bdss.nifi.trickle.Trickle.main(Trickle.java:212)
>
>
>
> I don’t have any security mechanisms enabled yet. I have no problems
> creating Database Connection Pooling Service Controller from NiFi gui
> and using it with ExecuteSQL processor. Below is my code which tries
> to generate DBCP Controller Service.
>
> processgroupsApi.createControllerService(groupId,
> controllerServiceEntity) call in createControllerService method maps
> directly to POST/process-groups/{id}/controller-services and the rest
> of the logic should be straight-forward.  What am I missing in my code? Thanks very much!
>
>
>
> public ControllerServiceEntity createControllerService(String groupId,
>
>
> ControllerServiceEntity  controllerServiceEntity) {
>
>
>
>                               try {
>
>                               //
> processgroupsApi.createControllerService
> wraps POST/process-groups/{id}/controller-services
>
>                                              controllerServiceEntity =
> processgroupsApi.createControllerService(groupId,
> controllerServiceEntity);
>
>                               } catch (ApiException e) {
>
>
> printException("ControllerServicesApi#createControllerService", e);
>
>                               }
>
>                               return controllerServiceEntity;
>
>                }
>
>
>
>                public ControllerServiceEntity createDbcp(String
> groupId,
>
>                                                          String dbUrl,
>
>                                                          String
> driverClass,
>
>                                                          String
> driverDirectory,
>
>                                                          String
> dbUser,
>
>                                                          String pwd,
>
>                                                          int    maxWaitTime,
>
>                                                          int
> maxConnectionTotal,
>
>                                                          String
> validationQuery ) {
>
>
>
>                               Map<String,String> props = new
> HashMap<>();
>
>
>
>                               props.put("Database Connection URL",
> "dbUrl");
>
>                               props.put("Database Driver Class Name",
> "driverClass");
>
>                               props.put("Database Driver Location(s)",
> "driverDirectory");
>
>                               props.put("Database User", "dbUser");
>
>                               props.put("Password", "pwd");
>
>                               props.put("Max Wait Time",
> "maxWaitTime");
>
>                               props.put("Max Total Connections",
> "maxConnectionTotal");
>
>                               props.put("Validation query",
> "validationQuery");
>
>
>
>                               RevisionDTO revision = new RevisionDTO()
>
>
> .clientId(clientId)
>
>
> .version(0L);
>
>
>
>                               ControllerServiceDTO component = new
> ControllerServiceDTO()
>
>
> .parentGroupId(groupId)
>
>
> .name("DBCPConnectionPool")
>
>
> .type("DBCPConnectionPool 1.6.0-SNAPSHOT")
>
>
> .state(ControllerServiceDTO.StateEnum.ENABLED)
>
>
> .properties(props);
>
>
>
>                               ControllerServiceEntity dbcp = new
> ControllerServiceEntity()
>
>
> .component(component)
>
>
> .revision(revision);
>
>
>
>                               dbcp = createControllerService(groupId,
> dbcp);
>
>
>
>                               return dbcp;
>
>                }
>
>
>
>
>
> STATEMENT OF CONFIDENTIALITY The information contained in this email
> message and any attachments may be confidential and legally privileged
> and is intended for the use of the addressee(s) only. If you are not
> an intended recipient, please: (1) notify me immediately by replying
> to this message;
> (2) do not use, disseminate, distribute or reproduce any part of the
> message or any attachment; and (3) destroy all copies of this message
> and any attachments.
>
>
>
>
>
> STATEMENT OF CONFIDENTIALITY The information contained in this email
> message and any attachments may be confidential and legally privileged
> and is intended for the use of the addressee(s) only. If you are not
> an intended recipient, please: (1) notify me immediately by replying
> to this message;
> (2) do not use, disseminate, distribute or reproduce any part of the
> message or any attachment; and (3) destroy all copies of this message
> and any attachments.


STATEMENT OF CONFIDENTIALITY The information contained in this email message and any attachments
may be confidential and legally privileged and is intended for the use of the addressee(s)
only. If you are not an intended recipient, please: (1) notify me immediately by replying
to this message; (2) do not use, disseminate, distribute or reproduce any part of the message
or any attachment; and (3) destroy all copies of this message and any attachments.
Mime
View raw message