Community Articles

Find and share helpful community-sourced technical articles.
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Labels (1)
avatar
Rising Star

An HTTPS endpoint for receiving data in NiFi requires two processors and two controller services: HandleHttpRequest, HandleHttpResponse, SSLContextService, and HttpContextMap.

Note: The HandleHttpRequest processor in NiFi 0.6 does not have functional client authentication, but a fix will be implemented in the next version (see NIFI-1753).

SSL Context Service

  • This service can be created during the set up of the HandleHttpRequest processor
  • The following properties should be set:
    • Name = AgentSSLContextService
    • Keystore Filename = <Path to Keystore>
    • Keystore Password = <Keystore Password>
    • Keystore Type = JKS
    • SSL Protocol = TLS
  • Since Client Authentication will be disabled in the HandleHttpRequest processor, the Truststore configurations are not necessary.

HTTP Context Map

  • This service can be created during the set up of the HandleHttpRequest processor
  • The name should be set to AgentSSLContextMap

HandleHttpRequest

  • This processor receives HTTP requests
  • The following properties should be set:
    • Listening Port = 4444
    • SSL Context Service = AgentSSLContextService
    • HTTP Context Map = AgentSSLContextMap
    • Allow GET = false
    • Allow POST = true
    • Allow PUT = false
    • Allow DELETE = false
    • Allow HEAD = false
    • Allow OPTIONS = false
    • Client Authentication = No Authentication

HandleHttpResponse

  • This processor sends an HTTP response to the client
  • For this example, only one is needed with a status code set to 200.
  • The HTTP Context Map must be set to AgentSSLContextMap in order to link it to the HandleHttpRequest processor

Sample Client

  • The Java client will need a Truststore containing the certificate used by the SSLContextService.
  • The following Java code sample demonstrates the process for posting data to the NiFi flow:
//Set up SSL properties
System.setProperty("javax.net.ssl.trustStoreType","jks");
System.setProperty("javax.net.ssl.trustStore","agent_truststore.ts");
System.setProperty("javax.net.ssl.trustStorePassword","hadoop");
//System.setProperty("javax.net.debug","ssl"); //Verbose SSL logging

//Uncomment for client authentication
//System.setProperty("javax.net.ssl.keyStoreType","jks");
//System.setProperty("javax.net.ssl.keyStore","agent_keystore.jks");
//System.setProperty("javax.net.ssl.keyStorePassword","hadoop");

//Set up
connectionSSLSocketFactorysslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
URLurl = new URL("https://"+NiFiHostname+":"+port);
HttpsURLConnectionconn = (HttpsURLConnection)url.openConnection();
conn.setSSLSocketFactory(sslsocketfactory);

// Send POST
conn.setRequestMethod("POST");
conn.setReadTimeout(5000);
conn.setConnectTimeout(5000);
//Note: In NiFi HTTP headers are added as attributes with the following pattern: 
	//http.headers.{headerName}
conn.setRequestProperty("attr1","value");
conn.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.writeBytes("test123");
wr.flush();
wr.close();

//Get Response Code
intcode = conn.getResponseCode();
System.out.println(code);
conn.disconnect();
11,380 Views
Version history
Last update:
‎04-11-2016 09:30 PM
Updated by:
Contributors