Member since
07-30-2019
155
Posts
107
Kudos Received
33
Solutions
My Accepted Solutions
Title | Views | Posted |
---|---|---|
7288 | 04-18-2019 08:27 PM | |
2422 | 12-31-2018 07:36 PM | |
4253 | 12-03-2018 06:47 PM | |
1364 | 06-02-2018 02:35 AM | |
3515 | 06-02-2018 01:30 AM |
09-17-2016
04:17 AM
2 Kudos
Hi @Mohit Sharma, You should look at the ExecuteScript and InvokeScriptedProcessor processors. Both of these processors can execute code written in Javascript directly from NiFi. @Matt Burgess has written very helpful blog posts on this functionality.
... View more
08-30-2016
04:15 AM
2 Kudos
David, While "individual canvases" are not available, NiFi 1.0.0 (released today) introduces the concept of multi-tenant authorization. This allows extremely granular security access controls for groups and users over components, process groups, controller services, etc. Using MTA, an administrator can provide multiple process groups at the root process group level and apply different read and write permissions to each, effectively allowing users to access their "own canvases", without being able to view or modify another user's process group. The official NiFi documentation on the website should be updated within the next 24 hours to reflect the new behavior, but for now you can download and build NiFi 1.0.0 and then click "Help" from the "hamburger menu" in the upper right corner of the canvas. The Admin Guide and User Guide have extensive documentation on using this feature.
... View more
07-14-2016
12:07 AM
This question is very nebulous. Please describe the Hortonworks product name (HDP, HDF, etc.) you are using as well as the version, and describe the specific problem you are trying to solve. This will help people answer your question.
... View more
06-23-2016
06:35 PM
2 Kudos
Yes, the connection cannot be deleted while it is providing data to a downstream component. The downstream component must be disabled or deleted before the connection can be deleted.
... View more
03-03-2016
07:09 PM
1 Kudo
It appears Hue uses Django for the web server, which can either run with its own embedded server (recommended for dev/test only) and using Apache httpd (recommended for production). To disable SSLv2/v3 in Apache, you should use the following config line in each VirtualHost block in the httpd.conf or ssl.conf files:
SSLProtocol all -SSLv2 -SSLv3
... View more
03-01-2016
08:23 PM
@Geoffrey Shelton Ogot My response is too long to fit here. I've posted it as a GitHub gist.
... View more
03-01-2016
07:25 PM
1 Kudo
@nejm hadj, as I answered to your comment on the other question, it sounds like you need to complete the following steps:
Download the Facebook server certificate (via the browser or using openssl).
$ openssl s_client -showcerts -connect graph.facebook.com:443 </dev/null
Import that certificate as a trusted certificate into a truststore file (not required in this case as explained below, but would be required if using an internal or custom organizational CA not pre-loaded in the JRE/JDK cacerts).
As you can see in the output of the above openssl command, the Facebook server certificate (identified by subject /C=US/ST=CA/L=Menlo Park/O=Facebook, Inc./CN=*.facebook.com ) is issued by the DigiCert certificate ( /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3 ), and that intermediate CA is in turn issued by the DigiCert Root CA ( /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA ). The Root CA is already present in the default Java cacerts truststore, located at $JAVA_HOME/jre/lib/security/cacerts . You can verify this by running the following command: $ keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts -alias digicerthighassuranceevrootca and comparing the SHA-1 fingerprints (also available at DigiCert's website). Configure the PostHTTP processor to use an SSLContext which references that truststore file.
The truststore type is JKS . The truststore location is $JAVA_HOME/jre/lib/security/cacerts . The truststore password is changeit .
... View more
03-01-2016
06:49 PM
@Geoffrey Shelton Ogot, that article describes how to configure certificates, a keystore, and a truststore in order to provide NiFi as an HTTPS server, and how to configure certificates for individual users to provide client authentication. It will not assist @nejm hadj in this case.
... View more
02-29-2016
06:43 PM
@nejm hadj it sounds like you need to complete the following steps: Download the Facebook server certificate (via the browser or using openssl). Import that certificate as a trusted certificate into a truststore file. Configure the PostHTTP processor to use an SSLContext which references that truststore file. As @Lubin Lemarchxnd noted above, there are explicit instructions for these steps available here.
... View more
02-26-2016
06:18 PM
1 Kudo
I'm not sure why you would want to ignore this. Facebook's servers present a certificate to allow you to verify that the resource you are communicating with is, in fact, Facebook and not an imposter. This also allows encryption of all content in transit between your server and Facebook's. If you honestly do not care about the protection of your data (and again, I would urge you to, especially considering you are communicating with Facebook, and therefore probably accessing personal information for customers/users), you can use the plain HTTP endpoint provided at http://graph.facebook.com and you won't need a truststore at all.
... View more
- « Previous
- Next »