nifi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mcgil...@apache.org
Subject incubator-nifi git commit: NIFI-65: - Code clean up.
Date Tue, 23 Dec 2014 18:47:21 GMT
Repository: incubator-nifi
Updated Branches:
  refs/heads/NIFI-65 469502f30 -> 2436b5338


NIFI-65:
- Code clean up.

Project: http://git-wip-us.apache.org/repos/asf/incubator-nifi/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-nifi/commit/2436b533
Tree: http://git-wip-us.apache.org/repos/asf/incubator-nifi/tree/2436b533
Diff: http://git-wip-us.apache.org/repos/asf/incubator-nifi/diff/2436b533

Branch: refs/heads/NIFI-65
Commit: 2436b5338ecf1752c0f5b51646f59c9a985ceb9c
Parents: 469502f
Author: Matt Gilman <matt.c.gilman@gmail.com>
Authored: Tue Dec 23 13:46:48 2014 -0500
Committer: Matt Gilman <matt.c.gilman@gmail.com>
Committed: Tue Dec 23 13:46:48 2014 -0500

----------------------------------------------------------------------
 .../authorization/NiFiAuthorizationService.java  | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-nifi/blob/2436b533/nar-bundles/framework-bundle/framework/web/web-security/src/main/java/org/apache/nifi/web/security/authorization/NiFiAuthorizationService.java
----------------------------------------------------------------------
diff --git a/nar-bundles/framework-bundle/framework/web/web-security/src/main/java/org/apache/nifi/web/security/authorization/NiFiAuthorizationService.java
b/nar-bundles/framework-bundle/framework/web/web-security/src/main/java/org/apache/nifi/web/security/authorization/NiFiAuthorizationService.java
index 33c4eb6..dec7c4b 100644
--- a/nar-bundles/framework-bundle/framework/web/web-security/src/main/java/org/apache/nifi/web/security/authorization/NiFiAuthorizationService.java
+++ b/nar-bundles/framework-bundle/framework/web/web-security/src/main/java/org/apache/nifi/web/security/authorization/NiFiAuthorizationService.java
@@ -51,10 +51,12 @@ public class NiFiAuthorizationService implements UserDetailsService {
     private NiFiProperties properties;
 
     /**
-     * Loads the user details for the specified dn. Method must be synchronized
-     * since multiple requests from the same user may be sent simultaneously.
-     * Since we don't want to run the account verification process multiple for
-     * the same user, we treat each request atomically.
+     * Loads the user details for the specified dn. 
+     * 
+     * Synchronizing because we want each request to be authorized atomically since
+     * each may contain any number of DNs. We wanted an access decision made
+     * for each individual request as a whole (without other request potentially
+     * impacting it).
      *
      * @param rawProxyChain
      * @return
@@ -111,6 +113,12 @@ public class NiFiAuthorizationService implements UserDetailsService {
                             throw new UsernameNotFoundException(String.format("An account
request was generated for the proxy '%s'.", dn));
                         } catch (AdministrationException ae) {
                             throw new AuthenticationServiceException(String.format("Unable
to create an account request for '%s': %s", dn, ae.getMessage()), ae);
+                        } catch (IllegalArgumentException iae) {
+                            // check then modified... account didn't exist when getting the
user details but did when
+                            // attempting to auto create the user account request
+                            final String message = String.format("Account request was already
submitted for '%s'", dn);
+                            logger.warn(message);
+                            throw new AccountStatusException(message) {};
                         }
                     } else {
                         logger.warn(String.format("Untrusted proxy '%s' must be authorized
with '%s' authority: %s", dn, Authority.ROLE_PROXY.toString(), unfe.getMessage()));
@@ -147,8 +155,7 @@ public class NiFiAuthorizationService implements UserDetailsService {
         } catch (AdministrationException ase) {
             throw new AuthenticationServiceException(String.format("An error occurred while
accessing the user credentials for '%s': %s", dn, ase.getMessage()), ase);
         } catch (AccountDisabledException | AccountPendingException e) {
-            throw new AccountStatusException(e.getMessage(), e) {
-            };
+            throw new AccountStatusException(e.getMessage(), e) {};
         } catch (AccountNotFoundException anfe) {
             throw new UsernameNotFoundException(anfe.getMessage());
         }


Mime
View raw message