You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/08/30 20:19:00 UTC
[jira] [Commented] (NIFI-10415) SAML Login Sequence Fails
[ https://issues.apache.org/jira/browse/NIFI-10415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17598048#comment-17598048 ]
David Handermann commented on NIFI-10415:
-----------------------------------------
Thanks for reporting this issue [~gregb].
NiFi SAML integration has been tested in load balanced and reverse proxied deployments, so the general configuration should work.
The {{login request identifier was not found}} error indicates that the NiFi node is not receiving the temporary cookie for tracking the login sequence.
Is NiFi deployed in a cluster, and have you configured session affinity for the proxy server that mediates access to NiFi?
> SAML Login Sequence Fails
> -------------------------
>
> Key: NIFI-10415
> URL: https://issues.apache.org/jira/browse/NIFI-10415
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.16.3
> Environment: RHEL OS. Proxied Environment
> Reporter: Greg Biddy
> Priority: Major
> Labels: SAML
>
> Hello,
> I am attempting to configure a NiFi cluster to authenticate via Okta using SAML. I am in a proxied environment. When I navigate to NiFi via Okta, I receive the following error in the UI:
> Unable to continue login sequence
> The login request identifier was not found in the request. Unable to continue.
>
> I have configured the nifi.security.user.saml.idp.metadata.url property to reference a local file containing the metadata since Nifi cannot communicate with the IDP through the Proxy.
> Please verify if NiFi's SAML integration will work in a proxied environment.
>
> Thanks,
> Greg
--
This message was sent by Atlassian Jira
(v8.20.10#820010)