You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@nifi.apache.org by Sam Feng <ol...@gmail.com> on 2017/07/25 02:58:49 UTC
how can i enable nifi to perform user authentication overhttp���
Hello Kevinï¼
Your answers helps me a lot. Now i am trying to modify nifi`s sourcecode to enable http authentication, because the platform where i am using nifi is not that sensitive about security, and we use ldap as login-identity-providers whitch password is already encrypted by an unique key.
But i find it difficult to modify it`s sourceCode. there so many places that limit login and authentication from http, and i have to edit all of it, which will certainly take a lot of time to find them.
Do you have any idea on how to modify nifi`s code more efficiently, or if there are some other way to get what i want.
As you can see my English is poor, thanks for you patience.
Thanks for your reply.
Best Regards
YuNing
On 2017-07-21 19:07 (+0800), Kevin Doran <kd...@gmail.com> wrote:
> Hi,
>
> You are correct, NiFi requires an encrypted connection for user authentication. This is because client identity is established in one of two ways:
>
> - user name & password, which should not be sent over a non-encrypted connection
> - client certificate in a two-way TLS (HTTPS) connection
>
> I hope this answers your question. If HTTPS is suitable for your needs, here are some resources to help you get started:
>
> - NiFi System Administration Guide, specifically sections on User Authentication [1] and Multi-Tenant Authorization [2]
> - Bryan Bende's blog post on NiFi Authorization and Multi-Tenancy [3]
>
> I hope this helps! If you have any questions you can post back to this thread.
>
> Regards,
> Kevin
>
> [1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication
> [2] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#multi-tenant-authorization
> [3] http://bryanbende.com/development/2016/08/17/apache-nifi-1-0-0-authorization-and-multi-tenancy
>
>
> On 7/21/17, 02:02, "belvey@163.com" <be...@163.com> wrote:
>
>
> Helloï¼ I am a developer from china, i recently want to apply multi-tenant authorization on nifi, but find that nifi doesn't support authorization over http. can you tell me the reason, and can i enable authentication over http by modify it's source code.
>
> Thanks for your early reply.
> Best Regards
>
>
>
>
>
>