ExceptionFactory

Producing content that a reasonable developer might want to read

Posts

Introducing Apache NiFi HTTP Request Logging

NiFi Logging HTTP

2022-04-26 • 8 minute read

Apache NiFi 1.16.0 added configurable logging for HTTP requests, which the framework processes during user interface actions or service operations. HTTP request logging supports a number of use cases, including access auditing, communication troubleshooting, and performance monitoring.

Read more

How Not to Write Unit Tests

Programming Testing Jocularity

2022-04-01 • 10 minute read

Writing unit tests is a common part of most software development projects. Following best practices for implementing tests is essential to maintaining robust and reliable applications. Reviewing optimal approaches to writing less than optimal tests can also inform development efforts.

Read more

Enabling Apache NiFi Support for OpenPGP Signatures

NiFi OpenPGP PGP Cryptography

2022-02-19 • 10 minute read

Apache NiFi 1.15.0 incorporates new processors for signing and verifying OpenPGP messages. SignContentPGP and VerifyContentPGP provide enhanced security for OpenPGP processing, supporting cryptographic signature handling as a standalone operation or in conjunction with encryption.

Read more

Introducing Socket Broker

Socket Proxy SOCKS HTTP

2022-01-24 • 10 minute read

Socket Broker is a Java library supporting SOCKS and HTTP proxy servers with authentication. Socket Broker provides TCP network connections through proxy servers with optional support for username and password credentials, without the need for configuring Java system properties.

Read more

Managing Logging Libraries in Apache NiFi

NiFi Logging Dependencies

2021-12-29 • 8 minute read

Vulnerabilities in Log4j 2 and other logging libraries have prompted increased scrutiny across many products. Apache NiFi integrates with a wide variety of services that require various dependencies, including multiple types of logging. NiFi 1.15.2 incorporated the removal and exclusion of several unnecessary libraries, highlighting the importance of managing logging dependencies.

Read more

Evaluating Log4Shell and Apache NiFi

NiFi Security Log4j Log4Shell

2021-12-14 • 12 minute read

The Apache Log4j 2 arbitrary code execution vulnerability known as Log4Shell has impacted numerous products and services. Although Apache NiFi does not use Log4j 2 directly, several extension components include library references that should be considered.

Read more

Configuring Apache NiFi Repository Encryption

NiFi Security Storage Encryption

2021-11-10 • 8 minute read

Configurable information storage is a core feature of Apache NiFi. Multiple releases have expanded support for encrypting information in application repositories. Recent updates in NiFi 1.15.0 have streamlined both the implementation and the configuration associated with repository encryption.

Read more

Improving JWT Authentication in Apache NiFi

NiFi JWT Security

2021-10-23 • 14 minute read

JSON Web Tokens provide authorized access to Apache NiFi for a number of authentication strategies. Recent changes to JWT handling have improved the security posture of several important elements including key generation, secret storage, signature verification, and token revocation.

Read more

Restructuring Apache NiFi Support for OpenPGP

NiFi OpenPGP PGP Encryption

2021-09-14 • 15 minute read

Apache NiFi 1.14.0 includes a redesigned approach for encrypting and decrypting OpenPGP messages. The introduction of new Processors and Controller Services for OpenPGP provides additional capabilities and address a number of issues with the original implementation. These new components support a variety of potential use cases and create opportunities for additional development efforts.

Read more

Surveying Pretty Good Privacy After Three Decades

Encryption GPG OpenPGP PGP

2021-08-16 • 8 minute read

Pretty Good Privacy has provided a common standard for message encryption and digital signatures for over 30 years. The OpenPGP specification is not without its detractors, but new development efforts have continued in the face of pointed criticisms. The current landscape includes both historical artifacts and new initiatives to bring current cryptographic standards to the specification.

Read more

Deciphering Apache NiFi Component Property Encryption

NiFi Security Encryption

2021-07-29 • 12 minute read

Encrypting sensitive component properties is one of the foundational features of Apache NiFi. Understanding and configuring the required settings is essential to deploying a secure system.

Read more

Single User Access and HTTPS in Apache NiFi

NiFi Security

2021-07-21 • 8 minute read

Apache NiFi 1.14.0 builds on a foundation of configurable security and provides a better starting point for simple deployments. Single user authentication and automatic certificate generation for HTTPS access close several gaps in the default configuration.

Read more