| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| http://www.apache.org/licenses/LICENSE-2.0 |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <beans xmlns="http://www.springframework.org/schema/beans" |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> |
| |
| <!-- certificate extractor --> |
| <bean id="certificateExtractor" class="org.apache.nifi.web.security.x509.X509CertificateExtractor"/> |
| |
| <!-- principal extractor --> |
| <bean id="principalExtractor" class="org.apache.nifi.web.security.x509.SubjectDnX509PrincipalExtractor"/> |
| |
| <!-- ocsp validator --> |
| <bean id="ocspValidator" class="org.apache.nifi.web.security.x509.ocsp.OcspCertificateValidator"> |
| <constructor-arg ref="nifiProperties"/> |
| </bean> |
| |
| <!-- x509 validator --> |
| <bean id="certificateValidator" class="org.apache.nifi.web.security.x509.X509CertificateValidator"> |
| <property name="ocspValidator" ref="ocspValidator"/> |
| </bean> |
| |
| <!-- x509 identity provider --> |
| <bean id="certificateIdentityProvider" class="org.apache.nifi.web.security.x509.X509IdentityProvider"> |
| <property name="principalExtractor" ref="principalExtractor"/> |
| <property name="certificateValidator" ref="certificateValidator"/> |
| </bean> |
| |
| <!-- x509 authentication provider --> |
| <bean id="x509AuthenticationProvider" class="org.apache.nifi.web.security.x509.X509AuthenticationProvider"> |
| <constructor-arg ref="certificateIdentityProvider" index="0"/> |
| <constructor-arg ref="authorizer" index="1"/> |
| <constructor-arg ref="nifiProperties" index="2"/> |
| </bean> |
| |
| <!-- jwt service --> |
| <bean id="jwtService" class="org.apache.nifi.web.security.jwt.JwtService"> |
| <constructor-arg ref="keyService"/> |
| </bean> |
| |
| <!-- jwt authentication provider --> |
| <bean id="jwtAuthenticationProvider" class="org.apache.nifi.web.security.jwt.JwtAuthenticationProvider"> |
| <constructor-arg ref="jwtService" index="0"/> |
| <constructor-arg ref="nifiProperties" index="1"/> |
| <constructor-arg ref="authorizer" index="2"/> |
| <constructor-arg ref="idpUserGroupService" index="3"/> |
| </bean> |
| |
| <!-- knox service --> |
| <bean id="knoxService" class="org.apache.nifi.web.security.knox.KnoxServiceFactoryBean"> |
| <property name="properties" ref="nifiProperties"/> |
| </bean> |
| |
| <!-- knox authentication provider --> |
| <bean id="knoxAuthenticationProvider" class="org.apache.nifi.web.security.knox.KnoxAuthenticationProvider"> |
| <constructor-arg ref="knoxService" index="0"/> |
| <constructor-arg ref="nifiProperties" index="1"/> |
| <constructor-arg ref="authorizer" index="2"/> |
| </bean> |
| |
| <!-- Kerberos service --> |
| <bean id="kerberosService" class="org.apache.nifi.web.security.spring.KerberosServiceFactoryBean"> |
| <property name="properties" ref="nifiProperties"/> |
| </bean> |
| |
| <!-- login identity provider --> |
| <bean id="loginIdentityProvider" class="org.apache.nifi.web.security.spring.LoginIdentityProviderFactoryBean"> |
| <property name="properties" ref="nifiProperties"/> |
| <property name="extensionManager" ref="extensionManager" /> |
| </bean> |
| |
| <!-- oidc --> |
| <bean id="oidcProvider" class="org.apache.nifi.web.security.oidc.StandardOidcIdentityProvider"> |
| <constructor-arg ref="jwtService" index="0"/> |
| <constructor-arg ref="nifiProperties" index="1"/> |
| </bean> |
| <bean id="oidcService" class="org.apache.nifi.web.security.oidc.OidcService"> |
| <constructor-arg ref="oidcProvider"/> |
| </bean> |
| |
| <!-- saml --> |
| <bean id="samlConfigurationFactory" class="org.apache.nifi.web.security.saml.impl.StandardSAMLConfigurationFactory" /> |
| |
| <bean id="samlService" class="org.apache.nifi.web.security.saml.impl.StandardSAMLService" init-method="initialize" destroy-method="shutdown"> |
| <constructor-arg ref="samlConfigurationFactory" index="0"/> |
| <constructor-arg ref="nifiProperties" index="1"/> |
| </bean> |
| |
| <bean id="samlStateManager" class="org.apache.nifi.web.security.saml.impl.StandardSAMLStateManager"> |
| <constructor-arg ref="jwtService" index="0"/> |
| </bean> |
| |
| <bean id="samlCredentialStore" class="org.apache.nifi.web.security.saml.impl.StandardSAMLCredentialStore"> |
| <constructor-arg ref="idpCredentialService" index="0"/> |
| </bean> |
| |
| <!-- logout --> |
| <bean id="logoutRequestManager" class="org.apache.nifi.web.security.logout.LogoutRequestManager" scope="singleton"/> |
| |
| <!-- anonymous --> |
| <bean id="anonymousAuthenticationProvider" class="org.apache.nifi.web.security.anonymous.NiFiAnonymousAuthenticationProvider"> |
| <constructor-arg ref="nifiProperties" index="0"/> |
| <constructor-arg ref="authorizer" index="1"/> |
| </bean> |
| |
| </beans> |