Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)
New Contributor

An HTTPS endpoint for receiving data in NiFi requires two processors and two controller services: HandleHttpRequest, HandleHttpResponse, SSLContextService, and HttpContextMap.

Note: The HandleHttpRequest processor in NiFi 0.6 does not have functional client authentication, but a fix will be implemented in the next version (see NIFI-1753).

SSL Context Service

  • This service can be created during the set up of the HandleHttpRequest processor
  • The following properties should be set:
    • Name = AgentSSLContextService
    • Keystore Filename = <Path to Keystore>
    • Keystore Password = <Keystore Password>
    • Keystore Type = JKS
    • SSL Protocol = TLS
  • Since Client Authentication will be disabled in the HandleHttpRequest processor, the Truststore configurations are not necessary.

HTTP Context Map

  • This service can be created during the set up of the HandleHttpRequest processor
  • The name should be set to AgentSSLContextMap

HandleHttpRequest

  • This processor receives HTTP requests
  • The following properties should be set:
    • Listening Port = 4444
    • SSL Context Service = AgentSSLContextService
    • HTTP Context Map = AgentSSLContextMap
    • Allow GET = false
    • Allow POST = true
    • Allow PUT = false
    • Allow DELETE = false
    • Allow HEAD = false
    • Allow OPTIONS = false
    • Client Authentication = No Authentication

HandleHttpResponse

  • This processor sends an HTTP response to the client
  • For this example, only one is needed with a status code set to 200.
  • The HTTP Context Map must be set to AgentSSLContextMap in order to link it to the HandleHttpRequest processor

Sample Client

  • The Java client will need a Truststore containing the certificate used by the SSLContextService.
  • The following Java code sample demonstrates the process for posting data to the NiFi flow:
//Set up SSL properties
System.setProperty("javax.net.ssl.trustStoreType","jks");
System.setProperty("javax.net.ssl.trustStore","agent_truststore.ts");
System.setProperty("javax.net.ssl.trustStorePassword","hadoop");
//System.setProperty("javax.net.debug","ssl"); //Verbose SSL logging

//Uncomment for client authentication
//System.setProperty("javax.net.ssl.keyStoreType","jks");
//System.setProperty("javax.net.ssl.keyStore","agent_keystore.jks");
//System.setProperty("javax.net.ssl.keyStorePassword","hadoop");

//Set up
connectionSSLSocketFactorysslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
URLurl = new URL("https://"+NiFiHostname+":"+port);
HttpsURLConnectionconn = (HttpsURLConnection)url.openConnection();
conn.setSSLSocketFactory(sslsocketfactory);

// Send POST
conn.setRequestMethod("POST");
conn.setReadTimeout(5000);
conn.setConnectTimeout(5000);
//Note: In NiFi HTTP headers are added as attributes with the following pattern: 
	//http.headers.{headerName}
conn.setRequestProperty("attr1","value");
conn.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes("test123");
wr.flush();
wr.close();

//Get Response Code
intcode = conn.getResponseCode();
System.out.println(code);
conn.disconnect();
7,642 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎04-11-2016 09:30 PM
Updated by:
 
Contributors
Top Kudoed Authors