nifi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From marka...@apache.org
Subject [19/22] nifi git commit: NIFI-1551: - Removing the AuthorityProvider. - Refactoring REST API in preparation for introduction of the Authorizer. - Updating UI accordingly. - Removing unneeded properties from nifi.properties. - Addressing comments from PR.
Date Fri, 15 Apr 2016 20:04:11 GMT
http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
deleted file mode 100644
index 1d7941f..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/action/UpdateUserGroupAction.java
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.action;
-
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Set;
-import org.apache.nifi.admin.dao.DAOFactory;
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.dao.UserDAO;
-import org.apache.nifi.admin.service.AccountNotFoundException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.AuthorityProvider;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.user.AccountStatus;
-import org.apache.nifi.user.NiFiUser;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Updates all NiFiUser authorities in a specified group.
- */
-public class UpdateUserGroupAction extends AbstractUserAction<Void> {
-
-    private static final Logger logger = LoggerFactory.getLogger(UpdateUserGroupAction.class);
-
-    private final String group;
-    private final Set<String> userIds;
-    private final Set<Authority> authorities;
-
-    public UpdateUserGroupAction(String group, Set<String> userIds, Set<Authority> authorities) {
-        this.group = group;
-        this.userIds = userIds;
-        this.authorities = authorities;
-    }
-
-    @Override
-    public Void execute(DAOFactory daoFactory, AuthorityProvider authorityProvider) throws DataAccessException {
-        if (userIds == null && authorities == null) {
-            throw new IllegalArgumentException("Must specify user Ids or authorities.");
-        }
-
-        UserDAO userDao = daoFactory.getUserDAO();
-
-        // record the new users being added to this group
-        final Set<NiFiUser> newUsers = new HashSet<>();
-        final Set<String> newUserIdentities = new HashSet<>();
-
-        // if the user ids have been specified we need to create/update a group using the specified group name
-        if (userIds != null) {
-            if (userIds.isEmpty()) {
-                throw new IllegalArgumentException("When creating a group, at least one user id must be specified.");
-            }
-
-            // going to create a group using the specified user ids
-            for (final String userId : userIds) {
-                // get the user in question
-                final NiFiUser user = userDao.findUserById(userId);
-
-                // ensure the user exists
-                if (user == null) {
-                    throw new AccountNotFoundException(String.format("Unable to find account with ID %s.", userId));
-                }
-
-                try {
-                    // if the user is unknown to the authority provider we cannot continue
-                    if (!authorityProvider.doesDnExist(user.getIdentity()) || AccountStatus.DISABLED.equals(user.getStatus())) {
-                        throw new IllegalStateException(String.format("Unable to group these users because access for '%s' is not %s.", user.getIdentity(), AccountStatus.ACTIVE.toString()));
-                    }
-
-                    // record the user being added to this group
-                    newUsers.add(user);
-                    newUserIdentities.add(user.getIdentity());
-                } catch (final AuthorityAccessException aae) {
-                    throw new AdministrationException(String.format("Unable to access authority details: %s", aae.getMessage()), aae);
-                }
-            }
-
-            try {
-                // update the authority provider
-                authorityProvider.setUsersGroup(newUserIdentities, group);
-            } catch (UnknownIdentityException uie) {
-                throw new AccountNotFoundException(String.format("Unable to set user group '%s': %s", StringUtils.join(newUserIdentities, ", "), uie.getMessage()), uie);
-            } catch (AuthorityAccessException aae) {
-                throw new AdministrationException(String.format("Unable to set user group '%s': %s", StringUtils.join(newUserIdentities, ", "), aae.getMessage()), aae);
-            }
-        }
-
-        // get all the users that need to be updated
-        final Set<NiFiUser> users = new HashSet<>(userDao.findUsersForGroup(group));
-        users.addAll(newUsers);
-
-        // ensure the user exists
-        if (users.isEmpty()) {
-            throw new AccountNotFoundException(String.format("Unable to find user accounts with group id %s.", group));
-        }
-
-        // update each user in this group
-        for (final NiFiUser user : users) {
-            // if there are new authorities set them, otherwise refresh them according to the provider
-            if (authorities != null) {
-                try {
-                    // update the authority provider as approprivate
-                    authorityProvider.setAuthorities(user.getIdentity(), authorities);
-
-                    // since all the authorities were updated accordingly, set the authorities
-                    user.getAuthorities().clear();
-                    user.getAuthorities().addAll(authorities);
-                } catch (UnknownIdentityException uie) {
-                    throw new AccountNotFoundException(String.format("Unable to modify authorities for '%s': %s.", user.getIdentity(), uie.getMessage()), uie);
-                } catch (AuthorityAccessException aae) {
-                    throw new AdministrationException(String.format("Unable to access authorities for '%s': %s.", user.getIdentity(), aae.getMessage()), aae);
-                }
-            } else {
-                try {
-                    // refresh the authorities according to the provider
-                    user.getAuthorities().clear();
-                    user.getAuthorities().addAll(authorityProvider.getAuthorities(user.getIdentity()));
-                } catch (UnknownIdentityException uie) {
-                    throw new AccountNotFoundException(String.format("Unable to determine the authorities for '%s': %s.", user.getIdentity(), uie.getMessage()), uie);
-                } catch (AuthorityAccessException aae) {
-                    throw new AdministrationException(String.format("Unable to access authorities for '%s': %s.", user.getIdentity(), aae.getMessage()), aae);
-                }
-            }
-
-            try {
-                // get the user group
-                user.setUserGroup(authorityProvider.getGroupForUser(user.getIdentity()));
-            } catch (UnknownIdentityException uie) {
-                throw new AccountNotFoundException(String.format("Unable to determine the group for '%s': %s.", user.getIdentity(), uie.getMessage()), uie);
-            } catch (AuthorityAccessException aae) {
-                throw new AdministrationException(String.format("Unable to access the group for '%s': %s.", user.getIdentity(), aae.getMessage()), aae);
-            }
-
-            // update the users status in case they were previously pending or disabled
-            user.setStatus(AccountStatus.ACTIVE);
-
-            // update the users last verified time - this timestamp shouldn't be recorded
-            // until the both the user's authorities and group have been synced
-            Date now = new Date();
-            user.setLastVerified(now);
-
-            // persist the user's updates
-            UpdateUserCacheAction updateUser = new UpdateUserCacheAction(user);
-            updateUser.execute(daoFactory, authorityProvider);
-
-            // persist the user's authorities
-            UpdateUserAuthoritiesCacheAction updateUserAuthorities = new UpdateUserAuthoritiesCacheAction(user);
-            updateUserAuthorities.execute(daoFactory, authorityProvider);
-        }
-
-        return null;
-    }
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardKeyService.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardKeyService.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardKeyService.java
new file mode 100644
index 0000000..7a7f62d
--- /dev/null
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardKeyService.java
@@ -0,0 +1,161 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.nifi.admin.service.impl;
+
+import org.apache.nifi.admin.dao.DataAccessException;
+import org.apache.nifi.admin.service.AdministrationException;
+import org.apache.nifi.admin.service.KeyService;
+import org.apache.nifi.admin.service.action.DeleteKeysAction;
+import org.apache.nifi.admin.service.action.GetKeyByIdAction;
+import org.apache.nifi.admin.service.action.GetOrCreateKeyAction;
+import org.apache.nifi.admin.service.transaction.Transaction;
+import org.apache.nifi.admin.service.transaction.TransactionBuilder;
+import org.apache.nifi.admin.service.transaction.TransactionException;
+import org.apache.nifi.key.Key;
+import org.apache.nifi.util.NiFiProperties;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+
+/**
+ *
+ */
+public class StandardKeyService implements KeyService {
+
+    private static final Logger logger = LoggerFactory.getLogger(StandardKeyService.class);
+
+    private final ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
+    private final Lock readLock = lock.readLock();
+    private final Lock writeLock = lock.writeLock();
+
+    private TransactionBuilder transactionBuilder;
+    private NiFiProperties properties;
+
+    @Override
+    public Key getKey(int id) {
+        Transaction transaction = null;
+        Key key = null;
+
+        readLock.lock();
+        try {
+            // start the transaction
+            transaction = transactionBuilder.start();
+
+            // get the key
+            GetKeyByIdAction addActions = new GetKeyByIdAction(id);
+            key = transaction.execute(addActions);
+
+            // commit the transaction
+            transaction.commit();
+        } catch (TransactionException | DataAccessException te) {
+            rollback(transaction);
+            throw new AdministrationException(te);
+        } catch (Throwable t) {
+            rollback(transaction);
+            throw t;
+        } finally {
+            closeQuietly(transaction);
+            readLock.unlock();
+        }
+
+        return key;
+    }
+
+    @Override
+    public Key getOrCreateKey(String identity) {
+        Transaction transaction = null;
+        Key key = null;
+
+        writeLock.lock();
+        try {
+            // start the transaction
+            transaction = transactionBuilder.start();
+
+            // get or create a key
+            GetOrCreateKeyAction addActions = new GetOrCreateKeyAction(identity);
+            key = transaction.execute(addActions);
+
+            // commit the transaction
+            transaction.commit();
+        } catch (TransactionException | DataAccessException te) {
+            rollback(transaction);
+            throw new AdministrationException(te);
+        } catch (Throwable t) {
+            rollback(transaction);
+            throw t;
+        } finally {
+            closeQuietly(transaction);
+            writeLock.unlock();
+        }
+
+        return key;
+    }
+
+    @Override
+    public void deleteKey(String identity) {
+        Transaction transaction = null;
+
+        writeLock.lock();
+        try {
+            // start the transaction
+            transaction = transactionBuilder.start();
+
+            // delete the keys
+            DeleteKeysAction deleteKeys = new DeleteKeysAction(identity);
+            transaction.execute(deleteKeys);
+
+            // commit the transaction
+            transaction.commit();
+        } catch (TransactionException | DataAccessException te) {
+            rollback(transaction);
+            throw new AdministrationException(te);
+        } catch (Throwable t) {
+            rollback(transaction);
+            throw t;
+        } finally {
+            closeQuietly(transaction);
+            writeLock.unlock();
+        }
+    }
+
+    private void rollback(final Transaction transaction) {
+        if (transaction != null) {
+            transaction.rollback();
+        }
+    }
+
+    private void closeQuietly(final Transaction transaction) {
+        if (transaction != null) {
+            try {
+                transaction.close();
+            } catch (final IOException ioe) {
+            }
+        }
+    }
+
+    public void setTransactionBuilder(TransactionBuilder transactionBuilder) {
+        this.transactionBuilder = transactionBuilder;
+    }
+
+    public void setProperties(NiFiProperties properties) {
+        this.properties = properties;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
deleted file mode 100644
index c37a562..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardUserService.java
+++ /dev/null
@@ -1,731 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.admin.service.impl;
-
-import java.io.IOException;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
-
-import org.apache.nifi.admin.dao.DataAccessException;
-import org.apache.nifi.admin.service.AccountDisabledException;
-import org.apache.nifi.admin.service.AccountPendingException;
-import org.apache.nifi.admin.service.AdministrationException;
-import org.apache.nifi.admin.service.UserService;
-import org.apache.nifi.admin.service.action.AuthorizeDownloadAction;
-import org.apache.nifi.admin.service.action.AuthorizeUserAction;
-import org.apache.nifi.admin.service.action.DeleteKeysAction;
-import org.apache.nifi.admin.service.action.DeleteUserAction;
-import org.apache.nifi.admin.service.action.DisableUserAction;
-import org.apache.nifi.admin.service.action.DisableUserGroupAction;
-import org.apache.nifi.admin.service.action.FindUserByDnAction;
-import org.apache.nifi.admin.service.action.FindUserByIdAction;
-import org.apache.nifi.admin.service.action.GetKeyByIdAction;
-import org.apache.nifi.admin.service.action.GetOrCreateKeyAction;
-import org.apache.nifi.admin.service.action.GetUserGroupAction;
-import org.apache.nifi.admin.service.action.GetUsersAction;
-import org.apache.nifi.admin.service.action.HasPendingUserAccounts;
-import org.apache.nifi.admin.service.action.InvalidateUserAccountAction;
-import org.apache.nifi.admin.service.action.InvalidateUserGroupAccountsAction;
-import org.apache.nifi.admin.service.action.RequestUserAccountAction;
-import org.apache.nifi.admin.service.action.SeedUserAccountsAction;
-import org.apache.nifi.admin.service.action.UpdateUserAction;
-import org.apache.nifi.admin.service.action.UpdateUserGroupAction;
-import org.apache.nifi.admin.service.action.UngroupUserAction;
-import org.apache.nifi.admin.service.action.UngroupUserGroupAction;
-import org.apache.nifi.admin.service.transaction.Transaction;
-import org.apache.nifi.admin.service.transaction.TransactionBuilder;
-import org.apache.nifi.admin.service.transaction.TransactionException;
-import org.apache.nifi.authorization.Authority;
-import org.apache.nifi.authorization.DownloadAuthorization;
-import org.apache.nifi.key.Key;
-import org.apache.nifi.user.NiFiUser;
-import org.apache.nifi.user.NiFiUserGroup;
-import org.apache.nifi.util.FormatUtils;
-import org.apache.nifi.util.NiFiProperties;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- *
- */
-public class StandardUserService implements UserService {
-
-    private static final Logger logger = LoggerFactory.getLogger(StandardUserService.class);
-
-    private final ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
-    private final ReentrantReadWriteLock.ReadLock readLock = lock.readLock();
-    private final ReentrantReadWriteLock.WriteLock writeLock = lock.writeLock();
-
-    private TransactionBuilder transactionBuilder;
-    private NiFiProperties properties;
-
-    /**
-     * Seed any users from the authority provider that are not already present.
-     */
-    public void seedUserAccounts() {
-        // do not seed node's user cache. when/if the node disconnects its
-        // cache will be populated lazily (as needed)
-        if (properties.isNode()) {
-            return;
-        }
-
-        Transaction transaction = null;
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // seed the accounts
-            SeedUserAccountsAction seedUserAccounts = new SeedUserAccountsAction();
-            transaction.execute(seedUserAccounts);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (AdministrationException ae) {
-            rollback(transaction);
-            throw ae;
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser createPendingUserAccount(String dn, String justification) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // create the account request
-            RequestUserAccountAction requestUserAccount = new RequestUserAccountAction(dn, justification);
-            NiFiUser user = transaction.execute(requestUserAccount);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the nifi user
-            return user;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUserGroup updateGroup(final String group, final Set<String> userIds, final Set<Authority> authorities) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // if user ids have been specified, invalidate the user accounts before performing
-            // the desired updates. if case of an error, this will ensure that these users are
-            // authorized the next time the access the application
-            if (userIds != null) {
-                for (final String userId : userIds) {
-                    invalidateUserAccount(userId);
-                }
-            }
-
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // set the authorities for each user in this group if specified
-            final UpdateUserGroupAction updateUserGroup = new UpdateUserGroupAction(group, userIds, authorities);
-            transaction.execute(updateUserGroup);
-
-            // get all the users that are now in this group
-            final GetUserGroupAction getUserGroup = new GetUserGroupAction(group);
-            final NiFiUserGroup userGroup = transaction.execute(getUserGroup);
-
-            // commit the transaction
-            transaction.commit();
-
-            return userGroup;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public void ungroupUser(String id) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // ungroup the specified user
-            final UngroupUserAction ungroupUser = new UngroupUserAction(id);
-            transaction.execute(ungroupUser);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public void ungroup(String group) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // ungroup the specified user
-            final UngroupUserGroupAction ungroupUserGroup = new UngroupUserGroupAction(group);
-            transaction.execute(ungroupUserGroup);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser checkAuthorization(String dn) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // create the connection
-            transaction = transactionBuilder.start();
-
-            // determine how long the cache is valid for
-            final int cacheSeconds;
-            try {
-                cacheSeconds = (int) FormatUtils.getTimeDuration(properties.getUserCredentialCacheDuration(), TimeUnit.SECONDS);
-            } catch (IllegalArgumentException iae) {
-                throw new AdministrationException("User credential cache duration is not configured correctly.");
-            }
-
-            // attempt to authorize the user
-            AuthorizeUserAction authorizeUser = new AuthorizeUserAction(dn, cacheSeconds);
-            NiFiUser user = transaction.execute(authorizeUser);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the nifi user
-            return user;
-        } catch (DataAccessException | TransactionException dae) {
-            rollback(transaction);
-            throw new AdministrationException(dae);
-        } catch (AccountDisabledException | AccountPendingException ade) {
-            rollback(transaction);
-            throw ade;
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public void deleteUser(String id) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // create the connection
-            transaction = transactionBuilder.start();
-
-            // delete the user
-            DeleteUserAction deleteUser = new DeleteUserAction(id);
-            transaction.execute(deleteUser);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (DataAccessException | TransactionException dae) {
-            rollback(transaction);
-            throw new AdministrationException(dae);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser disable(String id) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // create the connection
-            transaction = transactionBuilder.start();
-
-            // disable the user
-            DisableUserAction disableUser = new DisableUserAction(id);
-            NiFiUser user = transaction.execute(disableUser);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the user
-            return user;
-        } catch (DataAccessException | TransactionException dae) {
-            rollback(transaction);
-            throw new AdministrationException(dae);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUserGroup disableGroup(String group) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // create the connection
-            transaction = transactionBuilder.start();
-
-            // disable the user
-            DisableUserGroupAction disableUser = new DisableUserGroupAction(group);
-            NiFiUserGroup userGroup = transaction.execute(disableUser);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the user
-            return userGroup;
-        } catch (DataAccessException | TransactionException dae) {
-            rollback(transaction);
-            throw new AdministrationException(dae);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser update(String id, Set<Authority> authorities) {
-        Transaction transaction = null;
-
-        // may be empty but not null
-        if (authorities == null) {
-            throw new IllegalArgumentException("The specified authorities cannot be null.");
-        }
-
-        writeLock.lock();
-        try {
-            // invalidate the user account in preparation for potential subsequent errors
-            invalidateUserAccount(id);
-
-            // at this point the current user account has been invalidated so we will
-            // attempt to update the account. if any part fails we are assured the
-            // user will be need to be given approval before they access the system at
-            // a later time
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // update the user authorities
-            UpdateUserAction setUserAuthorities = new UpdateUserAction(id, authorities);
-            NiFiUser user = transaction.execute(setUserAuthorities);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the user
-            return user;
-        } catch (TransactionException | DataAccessException e) {
-            rollback(transaction);
-            throw new AdministrationException(e);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    /**
-     * Invalidates the user with the specified id. This is done to ensure a user account will need to be re-validated in case an error occurs while modifying a user account. This method should only be
-     * invoked from within a write lock.
-     *
-     * @param id user account identifier
-     */
-    @Override
-    public void invalidateUserAccount(String id) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // invalidate the user account
-            InvalidateUserAccountAction invalidateUserAccount = new InvalidateUserAccountAction(id);
-            transaction.execute(invalidateUserAccount);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    @Override
-    public void invalidateUserGroupAccount(String group) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // invalidate the user account
-            InvalidateUserGroupAccountsAction invalidateUserGroupAccounts = new InvalidateUserGroupAccountsAction(group);
-            transaction.execute(invalidateUserGroupAccounts);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    // -----------------
-    // read only methods
-    // -----------------
-    @Override
-    public Boolean hasPendingUserAccount() {
-        Transaction transaction = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            final HasPendingUserAccounts hasPendingAccounts = new HasPendingUserAccounts();
-            final Boolean hasPendingUserAccounts = transaction.execute(hasPendingAccounts);
-
-            // commit the transaction
-            transaction.commit();
-
-            return hasPendingUserAccounts;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-    }
-
-    @Override
-    public DownloadAuthorization authorizeDownload(final List<String> dnChain, final Map<String, String> attributes) {
-        Transaction transaction = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // authorize the download
-            AuthorizeDownloadAction authorizeDownload = new AuthorizeDownloadAction(dnChain, attributes);
-            DownloadAuthorization downloadAuthorization = transaction.execute(authorizeDownload);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the authorization
-            return downloadAuthorization;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-    }
-
-    @Override
-    public Collection<NiFiUser> getUsers() {
-        Transaction transaction = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // get all users
-            GetUsersAction getUsers = new GetUsersAction();
-            Collection<NiFiUser> users = transaction.execute(getUsers);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the users
-            return users;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser getUserById(String id) {
-        Transaction transaction = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // return the desired user
-            FindUserByIdAction findUserById = new FindUserByIdAction(id);
-            NiFiUser user = transaction.execute(findUserById);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the user
-            return user;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-    }
-
-    @Override
-    public NiFiUser getUserByDn(String dn) {
-        Transaction transaction = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // return the desired user
-            FindUserByDnAction findUserByDn = new FindUserByDnAction(dn);
-            NiFiUser user = transaction.execute(findUserByDn);
-
-            // commit the transaction
-            transaction.commit();
-
-            // return the user
-            return user;
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-    }
-
-    @Override
-    public Key getKey(int id) {
-        Transaction transaction = null;
-        Key key = null;
-
-        readLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // get the key
-            GetKeyByIdAction addActions = new GetKeyByIdAction(id);
-            key = transaction.execute(addActions);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            readLock.unlock();
-        }
-
-        return key;
-    }
-
-    @Override
-    public Key getOrCreateKey(String identity) {
-        Transaction transaction = null;
-        Key key = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // get or create a key
-            GetOrCreateKeyAction addActions = new GetOrCreateKeyAction(identity);
-            key = transaction.execute(addActions);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-
-        return key;
-    }
-
-    @Override
-    public void deleteKey(String identity) {
-        Transaction transaction = null;
-
-        writeLock.lock();
-        try {
-            // start the transaction
-            transaction = transactionBuilder.start();
-
-            // delete the keys
-            DeleteKeysAction deleteKeys = new DeleteKeysAction(identity);
-            transaction.execute(deleteKeys);
-
-            // commit the transaction
-            transaction.commit();
-        } catch (TransactionException | DataAccessException te) {
-            rollback(transaction);
-            throw new AdministrationException(te);
-        } catch (Throwable t) {
-            rollback(transaction);
-            throw t;
-        } finally {
-            closeQuietly(transaction);
-            writeLock.unlock();
-        }
-    }
-
-    private void rollback(final Transaction transaction) {
-        if (transaction != null) {
-            transaction.rollback();
-        }
-    }
-
-    private void closeQuietly(final Transaction transaction) {
-        if (transaction != null) {
-            try {
-                transaction.close();
-            } catch (final IOException ioe) {
-            }
-        }
-    }
-
-    public void setTransactionBuilder(TransactionBuilder transactionBuilder) {
-        this.transactionBuilder = transactionBuilder;
-    }
-
-    public void setProperties(NiFiProperties properties) {
-        this.properties = properties;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransaction.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransaction.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransaction.java
index a3cfb5e..1390768 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransaction.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransaction.java
@@ -16,19 +16,19 @@
  */
 package org.apache.nifi.admin.service.transaction.impl;
 
-import java.io.IOException;
-import java.sql.Connection;
-import java.sql.SQLException;
 import org.apache.nifi.admin.RepositoryUtils;
 import org.apache.nifi.admin.dao.DAOFactory;
 import org.apache.nifi.admin.dao.impl.DAOFactoryImpl;
 import org.apache.nifi.admin.service.action.AdministrationAction;
-import org.apache.nifi.admin.service.transaction.TransactionException;
 import org.apache.nifi.admin.service.transaction.Transaction;
-import org.apache.nifi.authorization.AuthorityProvider;
+import org.apache.nifi.admin.service.transaction.TransactionException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.IOException;
+import java.sql.Connection;
+import java.sql.SQLException;
+
 /**
  * Transaction implementation that uses the specified SQL Connection and
  * AuthorityProvider.
@@ -37,11 +37,9 @@ public class StandardTransaction implements Transaction {
 
     private static final Logger logger = LoggerFactory.getLogger(StandardTransaction.class);
 
-    private final AuthorityProvider authorityProvider;
     private Connection connection;
 
-    public StandardTransaction(AuthorityProvider authorityProvider, Connection connection) {
-        this.authorityProvider = authorityProvider;
+    public StandardTransaction(Connection connection) {
         this.connection = connection;
     }
 
@@ -56,7 +54,7 @@ public class StandardTransaction implements Transaction {
         DAOFactory daoFactory = new DAOFactoryImpl(connection);
 
         // execute the specified action
-        return action.execute(daoFactory, authorityProvider);
+        return action.execute(daoFactory);
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransactionBuilder.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransactionBuilder.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransactionBuilder.java
index b6e5a30..7d4a1fc 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransactionBuilder.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/transaction/impl/StandardTransactionBuilder.java
@@ -22,7 +22,6 @@ import javax.sql.DataSource;
 import org.apache.nifi.admin.service.transaction.Transaction;
 import org.apache.nifi.admin.service.transaction.TransactionBuilder;
 import org.apache.nifi.admin.service.transaction.TransactionException;
-import org.apache.nifi.authorization.AuthorityProvider;
 
 /**
  *
@@ -30,7 +29,6 @@ import org.apache.nifi.authorization.AuthorityProvider;
 public class StandardTransactionBuilder implements TransactionBuilder {
 
     private DataSource dataSource;
-    private AuthorityProvider authorityProvider;
 
     @Override
     public Transaction start() throws TransactionException {
@@ -40,7 +38,7 @@ public class StandardTransactionBuilder implements TransactionBuilder {
             connection.setAutoCommit(false);
 
             // create a new transaction
-            return new StandardTransaction(authorityProvider, connection);
+            return new StandardTransaction(connection);
         } catch (SQLException sqle) {
             throw new TransactionException(sqle.getMessage());
         }
@@ -50,8 +48,4 @@ public class StandardTransactionBuilder implements TransactionBuilder {
     public void setDataSource(DataSource dataSource) {
         this.dataSource = dataSource;
     }
-
-    public void setAuthorityProvider(AuthorityProvider authorityProvider) {
-        this.authorityProvider = authorityProvider;
-    }
 }

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorityProviderFactoryBean.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorityProviderFactoryBean.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorityProviderFactoryBean.java
deleted file mode 100644
index e1a02b8..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorityProviderFactoryBean.java
+++ /dev/null
@@ -1,491 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.authorization;
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.nifi.authorization.annotation.AuthorityProviderContext;
-import org.apache.nifi.authorization.exception.AuthorityAccessException;
-import org.apache.nifi.authorization.exception.IdentityAlreadyExistsException;
-import org.apache.nifi.authorization.exception.ProviderCreationException;
-import org.apache.nifi.authorization.exception.ProviderDestructionException;
-import org.apache.nifi.authorization.exception.UnknownIdentityException;
-import org.apache.nifi.authorization.generated.AuthorityProviderProperty;
-import org.apache.nifi.authorization.generated.AuthorityProviders;
-import org.apache.nifi.authorization.generated.Provider;
-import org.apache.nifi.nar.ExtensionManager;
-import org.apache.nifi.nar.NarCloseable;
-import org.apache.nifi.util.NiFiProperties;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.DisposableBean;
-import org.springframework.beans.factory.FactoryBean;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.xml.sax.SAXException;
-
-import javax.xml.XMLConstants;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBElement;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.transform.stream.StreamSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.SchemaFactory;
-import java.io.File;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.Field;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.EnumSet;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * Factory bean for loading the configured authority provider.
- */
-public class AuthorityProviderFactoryBean implements FactoryBean, ApplicationContextAware, DisposableBean, AuthorityProviderLookup {
-
-    private static final Logger logger = LoggerFactory.getLogger(AuthorityProviderFactoryBean.class);
-    private static final String AUTHORITY_PROVIDERS_XSD = "/authority-providers.xsd";
-    private static final String JAXB_GENERATED_PATH = "org.apache.nifi.authorization.generated";
-    private static final JAXBContext JAXB_CONTEXT = initializeJaxbContext();
-
-    /**
-     * Load the JAXBContext.
-     */
-    private static JAXBContext initializeJaxbContext() {
-        try {
-            return JAXBContext.newInstance(JAXB_GENERATED_PATH, AuthorityProviderFactoryBean.class.getClassLoader());
-        } catch (JAXBException e) {
-            throw new RuntimeException("Unable to create JAXBContext.");
-        }
-    }
-
-    private ApplicationContext applicationContext;
-    private AuthorityProvider authorityProvider;
-    private NiFiProperties properties;
-    private final Map<String, AuthorityProvider> authorityProviders = new HashMap<>();
-
-    @Override
-    public AuthorityProvider getAuthorityProvider(String identifier) {
-        return authorityProviders.get(identifier);
-    }
-
-    @Override
-    public Object getObject() throws Exception {
-        if (authorityProvider == null) {
-            // look up the authority provider to use
-            final String authorityProviderIdentifier = properties.getProperty(NiFiProperties.SECURITY_USER_AUTHORITY_PROVIDER);
-
-            // ensure the authority provider class name was specified
-            if (StringUtils.isBlank(authorityProviderIdentifier)) {
-                // if configured for ssl, the authority provider must be specified
-                if (properties.getSslPort() != null) {
-                    throw new Exception("When running securely, the authority provider identifier must be specified in the nifi properties file.");
-                }
-
-                // use a default provider... only allowable when running not securely
-                authorityProvider = createDefaultProvider();
-            } else {
-                final AuthorityProviders authorityProviderConfiguration = loadAuthorityProvidersConfiguration();
-
-                // create each authority provider
-                for (final Provider provider : authorityProviderConfiguration.getProvider()) {
-                    authorityProviders.put(provider.getIdentifier(), createAuthorityProvider(provider.getIdentifier(), provider.getClazz()));
-                }
-
-                // configure each authority provider
-                for (final Provider provider : authorityProviderConfiguration.getProvider()) {
-                    final AuthorityProvider instance = authorityProviders.get(provider.getIdentifier());
-                    instance.onConfigured(loadAuthorityProviderConfiguration(provider));
-                }
-
-                // get the authority provider instance
-                authorityProvider = getAuthorityProvider(authorityProviderIdentifier);
-
-                // ensure it was found
-                if (authorityProvider == null) {
-                    throw new Exception(String.format("The specified authority provider '%s' could not be found.", authorityProviderIdentifier));
-                }
-            }
-        }
-
-        return authorityProvider;
-    }
-
-    private AuthorityProviders loadAuthorityProvidersConfiguration() throws Exception {
-        final File authorityProvidersConfigurationFile = properties.getAuthorityProviderConfiguraitonFile();
-
-        // load the users from the specified file
-        if (authorityProvidersConfigurationFile.exists()) {
-            try {
-                // find the schema
-                final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
-                final Schema schema = schemaFactory.newSchema(AuthorityProviders.class.getResource(AUTHORITY_PROVIDERS_XSD));
-
-                // attempt to unmarshal
-                final Unmarshaller unmarshaller = JAXB_CONTEXT.createUnmarshaller();
-                unmarshaller.setSchema(schema);
-                final JAXBElement<AuthorityProviders> element = unmarshaller.unmarshal(new StreamSource(authorityProvidersConfigurationFile), AuthorityProviders.class);
-                return element.getValue();
-            } catch (SAXException | JAXBException e) {
-                throw new Exception("Unable to load the authority provider configuration file at: " + authorityProvidersConfigurationFile.getAbsolutePath());
-            }
-        } else {
-            throw new Exception("Unable to find the authority provider configuration file at " + authorityProvidersConfigurationFile.getAbsolutePath());
-        }
-    }
-
-    private AuthorityProvider createAuthorityProvider(final String identifier, final String authorityProviderClassName) throws Exception {
-        // get the classloader for the specified authority provider
-        final ClassLoader authorityProviderClassLoader = ExtensionManager.getClassLoader(authorityProviderClassName);
-        if (authorityProviderClassLoader == null) {
-            throw new Exception(String.format("The specified authority provider class '%s' is not known to this nifi.", authorityProviderClassName));
-        }
-
-        // get the current context classloader
-        final ClassLoader currentClassLoader = Thread.currentThread().getContextClassLoader();
-
-        final AuthorityProvider instance;
-        try {
-            // set the appropriate class loader
-            Thread.currentThread().setContextClassLoader(authorityProviderClassLoader);
-
-            // attempt to load the class
-            Class<?> rawAuthorityProviderClass = Class.forName(authorityProviderClassName, true, authorityProviderClassLoader);
-            Class<? extends AuthorityProvider> authorityProviderClass = rawAuthorityProviderClass.asSubclass(AuthorityProvider.class);
-
-            // otherwise create a new instance
-            Constructor constructor = authorityProviderClass.getConstructor();
-            instance = (AuthorityProvider) constructor.newInstance();
-
-            // method injection
-            performMethodInjection(instance, authorityProviderClass);
-
-            // field injection
-            performFieldInjection(instance, authorityProviderClass);
-
-            // call post construction lifecycle event
-            instance.initialize(new StandardAuthorityProviderInitializationContext(identifier, this));
-        } finally {
-            if (currentClassLoader != null) {
-                Thread.currentThread().setContextClassLoader(currentClassLoader);
-            }
-        }
-
-        return withNarLoader(instance);
-    }
-
-    private AuthorityProviderConfigurationContext loadAuthorityProviderConfiguration(final Provider provider) {
-        final Map<String, String> providerProperties = new HashMap<>();
-
-        for (final AuthorityProviderProperty property : provider.getProperty()) {
-            providerProperties.put(property.getName(), property.getValue());
-        }
-
-        return new StandardAuthorityProviderConfigurationContext(provider.getIdentifier(), providerProperties);
-    }
-
-    private void performMethodInjection(final AuthorityProvider instance, final Class authorityProviderClass) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException {
-        for (final Method method : authorityProviderClass.getMethods()) {
-            if (method.isAnnotationPresent(AuthorityProviderContext.class)) {
-                // make the method accessible
-                final boolean isAccessible = method.isAccessible();
-                method.setAccessible(true);
-
-                try {
-                    final Class<?>[] argumentTypes = method.getParameterTypes();
-
-                    // look for setters (single argument)
-                    if (argumentTypes.length == 1) {
-                        final Class<?> argumentType = argumentTypes[0];
-
-                        // look for well known types
-                        if (NiFiProperties.class.isAssignableFrom(argumentType)) {
-                            // nifi properties injection
-                            method.invoke(instance, properties);
-                        } else if (ApplicationContext.class.isAssignableFrom(argumentType)) {
-                            // spring application context injection
-                            method.invoke(instance, applicationContext);
-                        }
-                    }
-                } finally {
-                    method.setAccessible(isAccessible);
-                }
-            }
-        }
-
-        final Class parentClass = authorityProviderClass.getSuperclass();
-        if (parentClass != null && AuthorityProvider.class.isAssignableFrom(parentClass)) {
-            performMethodInjection(instance, parentClass);
-        }
-    }
-
-    private void performFieldInjection(final AuthorityProvider instance, final Class authorityProviderClass) throws IllegalArgumentException, IllegalAccessException {
-        for (final Field field : authorityProviderClass.getDeclaredFields()) {
-            if (field.isAnnotationPresent(AuthorityProviderContext.class)) {
-                // make the method accessible
-                final boolean isAccessible = field.isAccessible();
-                field.setAccessible(true);
-
-                try {
-                    // get the type
-                    final Class<?> fieldType = field.getType();
-
-                    // only consider this field if it isn't set yet
-                    if (field.get(instance) == null) {
-                        // look for well known types
-                        if (NiFiProperties.class.isAssignableFrom(fieldType)) {
-                            // nifi properties injection
-                            field.set(instance, properties);
-                        } else if (ApplicationContext.class.isAssignableFrom(fieldType)) {
-                            // spring application context injection
-                            field.set(instance, applicationContext);
-                        }
-                    }
-
-                } finally {
-                    field.setAccessible(isAccessible);
-                }
-            }
-        }
-
-        final Class parentClass = authorityProviderClass.getSuperclass();
-        if (parentClass != null && AuthorityProvider.class.isAssignableFrom(parentClass)) {
-            performFieldInjection(instance, parentClass);
-        }
-    }
-
-    /**
-     * @return a default provider to use when running unsecurely with no
-     * provider configured
-     */
-    private AuthorityProvider createDefaultProvider() {
-        return new AuthorityProvider() {
-            @Override
-            public boolean doesDnExist(String dn) throws AuthorityAccessException {
-                return false;
-            }
-
-            @Override
-            public Set<Authority> getAuthorities(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                return EnumSet.noneOf(Authority.class);
-            }
-
-            @Override
-            public void setAuthorities(String dn, Set<Authority> authorities) throws UnknownIdentityException, AuthorityAccessException {
-            }
-
-            @Override
-            public Set<String> getUsers(Authority authority) throws AuthorityAccessException {
-                return new HashSet<>();
-            }
-
-            @Override
-            public void revokeUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-            }
-
-            @Override
-            public void addUser(String dn, String group) throws IdentityAlreadyExistsException, AuthorityAccessException {
-            }
-
-            @Override
-            public String getGroupForUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                return null;
-            }
-
-            @Override
-            public void revokeGroup(String group) throws UnknownIdentityException, AuthorityAccessException {
-            }
-
-            @Override
-            public void setUsersGroup(Set<String> dn, String group) throws UnknownIdentityException, AuthorityAccessException {
-            }
-
-            @Override
-            public void ungroupUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-            }
-
-            @Override
-            public void ungroup(String group) throws AuthorityAccessException {
-            }
-
-            @Override
-            public DownloadAuthorization authorizeDownload(List<String> dnChain, Map<String, String> attributes) throws UnknownIdentityException, AuthorityAccessException {
-                return DownloadAuthorization.approved();
-            }
-
-            @Override
-            public void initialize(AuthorityProviderInitializationContext initializationContext) throws ProviderCreationException {
-            }
-
-            @Override
-            public void onConfigured(AuthorityProviderConfigurationContext configurationContext) throws ProviderCreationException {
-            }
-
-            @Override
-            public void preDestruction() throws ProviderDestructionException {
-            }
-        };
-    }
-
-    /**
-     * Decorates the base provider to ensure the nar context classloader is used
-     * when invoking the underlying methods.
-     *
-     * @param baseProvider base provider
-     * @return provider
-     */
-    public AuthorityProvider withNarLoader(final AuthorityProvider baseProvider) {
-        return new AuthorityProvider() {
-            @Override
-            public boolean doesDnExist(String dn) throws AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    return baseProvider.doesDnExist(dn);
-                }
-            }
-
-            @Override
-            public Set<Authority> getAuthorities(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    return baseProvider.getAuthorities(dn);
-                }
-            }
-
-            @Override
-            public void setAuthorities(String dn, Set<Authority> authorities) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.setAuthorities(dn, authorities);
-                }
-            }
-
-            @Override
-            public Set<String> getUsers(Authority authority) throws AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    return baseProvider.getUsers(authority);
-                }
-            }
-
-            @Override
-            public void revokeUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.revokeUser(dn);
-                }
-            }
-
-            @Override
-            public void addUser(String dn, String group) throws IdentityAlreadyExistsException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.addUser(dn, group);
-                }
-            }
-
-            @Override
-            public String getGroupForUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    return baseProvider.getGroupForUser(dn);
-                }
-            }
-
-            @Override
-            public void revokeGroup(String group) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.revokeGroup(group);
-                }
-            }
-
-            @Override
-            public void setUsersGroup(Set<String> dns, String group) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.setUsersGroup(dns, group);
-                }
-            }
-
-            @Override
-            public void ungroupUser(String dn) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.ungroupUser(dn);
-                }
-            }
-
-            @Override
-            public void ungroup(String group) throws AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.ungroup(group);
-                }
-            }
-
-            @Override
-            public DownloadAuthorization authorizeDownload(List<String> dnChain, Map<String, String> attributes) throws UnknownIdentityException, AuthorityAccessException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    return baseProvider.authorizeDownload(dnChain, attributes);
-                }
-            }
-
-            @Override
-            public void initialize(AuthorityProviderInitializationContext initializationContext) throws ProviderCreationException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.initialize(initializationContext);
-                }
-            }
-
-            @Override
-            public void onConfigured(AuthorityProviderConfigurationContext configurationContext) throws ProviderCreationException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.onConfigured(configurationContext);
-                }
-            }
-
-            @Override
-            public void preDestruction() throws ProviderDestructionException {
-                try (final NarCloseable narCloseable = NarCloseable.withNarLoader()) {
-                    baseProvider.preDestruction();
-                }
-            }
-        };
-    }
-
-    @Override
-    public Class getObjectType() {
-        return AuthorityProvider.class;
-    }
-
-    @Override
-    public boolean isSingleton() {
-        return true;
-    }
-
-    @Override
-    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-        this.applicationContext = applicationContext;
-    }
-
-    @Override
-    public void destroy() throws Exception {
-        if (authorityProvider != null) {
-            authorityProvider.preDestruction();
-        }
-    }
-
-    public void setProperties(NiFiProperties properties) {
-        this.properties = properties;
-    }
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java
index 58caea9..cf35c15 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/AuthorizerFactoryBean.java
@@ -21,7 +21,6 @@ import org.apache.nifi.authorization.annotation.AuthorizerContext;
 import org.apache.nifi.authorization.exception.AuthorizationAccessException;
 import org.apache.nifi.authorization.exception.AuthorizerCreationException;
 import org.apache.nifi.authorization.exception.AuthorizerDestructionException;
-import org.apache.nifi.authorization.generated.AuthorityProviders;
 import org.apache.nifi.authorization.generated.Authorizers;
 import org.apache.nifi.authorization.generated.Property;
 import org.apache.nifi.nar.ExtensionManager;
@@ -83,7 +82,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, Autho
     public Object getObject() throws Exception {
         if (authorizer == null) {
             // look up the authorizer to use
-            final String authorizerIdentifier = properties.getProperty(NiFiProperties.SECURITY_USER_AUTHORITY_PROVIDER);
+            final String authorizerIdentifier = properties.getProperty(NiFiProperties.SECURITY_USER_AUTHORIZER);
 
             // ensure the authorizer class name was specified
             if (StringUtils.isBlank(authorizerIdentifier)) {
@@ -122,14 +121,14 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, Autho
     }
 
     private Authorizers loadAuthorizersConfiguration() throws Exception {
-        final File authorizersConfigurationFile = properties.getAuthorityProviderConfiguraitonFile();
+        final File authorizersConfigurationFile = properties.getAuthorizerConfiguraitonFile();
 
         // load the authorizers from the specified file
         if (authorizersConfigurationFile.exists()) {
             try {
                 // find the schema
                 final SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
-                final Schema schema = schemaFactory.newSchema(AuthorityProviders.class.getResource(AUTHORIZERS_XSD));
+                final Schema schema = schemaFactory.newSchema(Authorizers.class.getResource(AUTHORIZERS_XSD));
 
                 // attempt to unmarshal
                 final Unmarshaller unmarshaller = JAXB_CONTEXT.createUnmarshaller();
@@ -221,7 +220,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, Autho
         }
 
         final Class parentClass = authorizerClass.getSuperclass();
-        if (parentClass != null && AuthorityProvider.class.isAssignableFrom(parentClass)) {
+        if (parentClass != null && Authorizer.class.isAssignableFrom(parentClass)) {
             performMethodInjection(instance, parentClass);
         }
     }
@@ -253,7 +252,7 @@ public class AuthorizerFactoryBean implements FactoryBean, DisposableBean, Autho
         }
 
         final Class parentClass = authorizerClass.getSuperclass();
-        if (parentClass != null && AuthorityProvider.class.isAssignableFrom(parentClass)) {
+        if (parentClass != null && Authorizer.class.isAssignableFrom(parentClass)) {
             performFieldInjection(instance, parentClass);
         }
     }

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderConfigurationContext.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderConfigurationContext.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderConfigurationContext.java
deleted file mode 100644
index 45b84c8..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderConfigurationContext.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.authorization;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- *
- */
-public class StandardAuthorityProviderConfigurationContext implements AuthorityProviderConfigurationContext {
-
-    private final String identifier;
-    private final Map<String, String> properties;
-
-    public StandardAuthorityProviderConfigurationContext(String identifier, Map<String, String> properties) {
-        this.identifier = identifier;
-        this.properties = Collections.unmodifiableMap(new HashMap<String, String>(properties));
-    }
-
-    @Override
-    public String getIdentifier() {
-        return identifier;
-    }
-
-    @Override
-    public Map<String, String> getProperties() {
-        return properties;
-    }
-
-    @Override
-    public String getProperty(String property) {
-        return properties.get(property);
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderInitializationContext.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderInitializationContext.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderInitializationContext.java
deleted file mode 100644
index e4b16c4..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/authorization/StandardAuthorityProviderInitializationContext.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.authorization;
-
-/**
- *
- */
-public class StandardAuthorityProviderInitializationContext implements AuthorityProviderInitializationContext {
-
-    private final String identifier;
-    private final AuthorityProviderLookup authorityProviderLookup;
-
-    public StandardAuthorityProviderInitializationContext(String identifier, AuthorityProviderLookup authorityProviderLookup) {
-        this.identifier = identifier;
-        this.authorityProviderLookup = authorityProviderLookup;
-    }
-
-    @Override
-    public String getIdentifier() {
-        return identifier;
-    }
-
-    @Override
-    public AuthorityProviderLookup getAuthorityProviderLookup() {
-        return authorityProviderLookup;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/AccountStatus.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/AccountStatus.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/AccountStatus.java
deleted file mode 100644
index d7becf1..0000000
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/AccountStatus.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.nifi.user;
-
-/**
- * Represents the status of a user's account.
- */
-public enum AccountStatus {
-
-    ACTIVE,
-    PENDING,
-    DISABLED;
-
-    /**
-     * Returns the matching status or null if the specified status does not
-     * match any statuses.
-     *
-     * @param rawStatus string form of status
-     * @return account status object
-     */
-    public static AccountStatus valueOfStatus(String rawStatus) {
-        AccountStatus desiredStatus = null;
-
-        for (AccountStatus status : values()) {
-            if (status.toString().equals(rawStatus)) {
-                desiredStatus = status;
-                break;
-            }
-        }
-
-        return desiredStatus;
-    }
-}

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/NiFiUser.java
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/NiFiUser.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/NiFiUser.java
index 231b133..3a919ba 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/NiFiUser.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/user/NiFiUser.java
@@ -17,121 +17,54 @@
 package org.apache.nifi.user;
 
 import java.io.Serializable;
-import java.util.Date;
-import java.util.EnumSet;
 import java.util.Objects;
-import java.util.Set;
-import org.apache.nifi.authorization.Authority;
-import org.apache.commons.lang3.StringUtils;
 
 /**
  * An NiFiUser.
  */
 public class NiFiUser implements Serializable {
 
-    public static final String ANONYMOUS_USER_IDENTITY = "anonymous";
+    public static final NiFiUser ANONYMOUS = new NiFiUser("anonymous");
 
-    private String id;
     private String identity;
     private String userName;
-    private String userGroup;
-    private String justification;
-
-    private Date creation;
-    private Date lastVerified;
-    private Date lastAccessed;
-
-    private AccountStatus status;
-    private EnumSet<Authority> authorities;
 
     private NiFiUser chain;
 
-    /* getters / setters */
-    public Date getCreation() {
-        return creation;
+    public NiFiUser(String identity) {
+        this(identity, identity, null);
     }
 
-    public void setCreation(Date creation) {
-        this.creation = creation;
+    public NiFiUser(String identity, String userName) {
+        this(identity, userName, null);
     }
 
-    public String getIdentity() {
-        return identity;
+    public NiFiUser(String identity, NiFiUser chain) {
+        this(identity, identity, chain);
     }
 
-    public void setIdentity(String identity) {
+    public NiFiUser(String identity, String userName, NiFiUser chain) {
         this.identity = identity;
-    }
-
-    public String getUserName() {
-        return userName;
-    }
-
-    public void setUserName(String userName) {
         this.userName = userName;
+        this.chain = chain;
     }
 
-    public String getUserGroup() {
-        return userGroup;
-    }
-
-    public void setUserGroup(String userGroup) {
-        this.userGroup = userGroup;
-    }
-
-    public String getId() {
-        return id;
-    }
-
-    public void setId(String id) {
-        this.id = id;
-    }
-
-    public String getJustification() {
-        return justification;
-    }
-
-    public void setJustification(String justification) {
-        this.justification = justification;
-    }
-
-    public AccountStatus getStatus() {
-        return status;
-    }
-
-    public void setStatus(AccountStatus status) {
-        this.status = status;
-    }
-
-    public Date getLastVerified() {
-        return lastVerified;
-    }
-
-    public void setLastVerified(Date lastVerified) {
-        this.lastVerified = lastVerified;
-    }
+    /* getters / setters */
 
-    public Date getLastAccessed() {
-        return lastAccessed;
+    public String getIdentity() {
+        return identity;
     }
 
-    public void setLastAccessed(Date lastAccessed) {
-        this.lastAccessed = lastAccessed;
+    public String getUserName() {
+        return userName;
     }
 
     public NiFiUser getChain() {
         return chain;
     }
 
-    public void setChain(NiFiUser chain) {
-        this.chain = chain;
-    }
-
-    public Set<Authority> getAuthorities() {
-        if (authorities == null) {
-            authorities = EnumSet.noneOf(Authority.class);
-        }
-        return authorities;
+    public boolean isAnonymous() {
+        return this == ANONYMOUS;
     }
 
     @Override
@@ -158,7 +91,7 @@ public class NiFiUser implements Serializable {
 
     @Override
     public String toString() {
-        return String.format("identity[%s], userName[%s], justification[%s], authorities[%s]", getIdentity(), getUserName(), getJustification(), StringUtils.join(getAuthorities(), ", "));
+        return String.format("identity[%s], userName[%s]", getIdentity(), getUserName(), ", ");
     }
 
 }

http://git-wip-us.apache.org/repos/asf/nifi/blob/153f63ef/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/resources/nifi-administration-context.xml
----------------------------------------------------------------------
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/resources/nifi-administration-context.xml b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/resources/nifi-administration-context.xml
index 3a46314..deec073 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/resources/nifi-administration-context.xml
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/resources/nifi-administration-context.xml
@@ -18,41 +18,34 @@
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">
 
-    <!-- user authority provider -->
-    <bean id="authorityProvider" class="org.apache.nifi.authorization.AuthorityProviderFactoryBean" depends-on="clusterManager">
-        <property name="properties" ref="nifiProperties"/>
-    </bean>
-
     <!-- user/entity authorizer -->
-    <bean id="authorizer" class="org.apache.nifi.authorization.AuthorizerFactoryBean" depends-on="clusterManager">
+    <bean id="authorizer" class="org.apache.nifi.authorization.AuthorizerFactoryBean">
         <property name="properties" ref="nifiProperties"/>
     </bean>
 
-    <!-- initialize the user data source -->
-    <bean id="userDataSource" class="org.apache.nifi.admin.UserDataSourceFactoryBean" destroy-method="shutdown">
+    <!-- initialize the user key data source -->
+    <bean id="keyDataSource" class="org.apache.nifi.admin.KeyDataSourceFactoryBean" destroy-method="shutdown">
         <property name="properties" ref="nifiProperties"/>
     </bean>
 
-    <!-- initialize the data source -->
-    <bean id="auditDataSource" class="org.apache.nifi.admin.AuditDataSourceFactoryBean" destroy-method="shutdown" depends-on="userDataSource">
+    <!-- initialize the audit data source -->
+    <bean id="auditDataSource" class="org.apache.nifi.admin.AuditDataSourceFactoryBean" destroy-method="shutdown">
         <property name="properties" ref="nifiProperties"/>
     </bean>
-    
-    <!-- initialize the user transaction builder -->
-    <bean id="userTransactionBuilder" class="org.apache.nifi.admin.service.transaction.impl.StandardTransactionBuilder">
-        <property name="authorityProvider" ref="authorityProvider"/>
-        <property name="dataSource" ref="userDataSource"/>
+
+    <!-- initialize the user key transaction builder -->
+    <bean id="keyTransactionBuilder" class="org.apache.nifi.admin.service.transaction.impl.StandardTransactionBuilder">
+        <property name="dataSource" ref="keyDataSource"/>
     </bean>
-    
+
     <!-- initialize the audit transaction builder -->
     <bean id="auditTransactionBuilder" class="org.apache.nifi.admin.service.transaction.impl.StandardTransactionBuilder">
-        <property name="authorityProvider" ref="authorityProvider"/>
         <property name="dataSource" ref="auditDataSource"/>
     </bean>
-    
+
     <!-- administration service -->
-    <bean id="userService" class="org.apache.nifi.admin.service.impl.StandardUserService" init-method="seedUserAccounts">
-        <property name="transactionBuilder" ref="userTransactionBuilder"/>
+    <bean id="keyService" class="org.apache.nifi.admin.service.impl.StandardKeyService">
+        <property name="transactionBuilder" ref="keyTransactionBuilder"/>
         <property name="properties" ref="nifiProperties"/>
     </bean>
 


Mime
View raw message