You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Josef Zahner (Jira)" <ji...@apache.org> on 2022/09/19 06:29:00 UTC
[jira] [Commented] (NIFI-6860) Upgrade NiFi 1.9.2 to 1.10.0 - Java11 LDAP (START_TLS) Issue

    [ https://issues.apache.org/jira/browse/NIFI-6860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17606443#comment-17606443 ] 

Josef Zahner commented on NIFI-6860:
------------------------------------

We are now on NiFi 1.15.3 and Java OpenJDK 11.0.16. Issue seems to be gone, at least for us, NiFi starts now without an issue.

> Upgrade NiFi 1.9.2 to 1.10.0 - Java11 LDAP (START_TLS) Issue
> ------------------------------------------------------------
>
>                 Key: NIFI-6860
>                 URL: https://issues.apache.org/jira/browse/NIFI-6860
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.10.0
>         Environment: NiFi Single Node with HTTPS/LDAP enabled; CentOS 7.x
>            Reporter: Josef Zahner
>            Assignee: Troy Melhase
>            Priority: Blocker
>              Labels: Java11, LDAP, Nifi, START-TLS, security
>         Attachments: Screenshot 2019-11-11 at 11.14.52.png, authorizers.xml, login-identity-providers.xml
>
>
> We would like to upgrade from NiFi 1.9.2 to 1.10.0 and we have HTTPS with LDAP (START_TLS) authentication successfully enabled on 1.9.2. Now after upgrading,  we have an issue which prevents nifi from startup:
> {code:java}
> 2019-11-11 08:29:30,447 ERROR [main] o.s.web.context.ContextLoader Context initialization failed
> org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Unsatisfied dependency expressed through method 'setFilterChainProxySecurityConfigurer' parameter 1; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied dependency expressed through method 'setJwtAuthenticationProvider' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtAuthenticationProvider' defined in class path resource [nifi-web-security-context.xml]: Cannot resolve reference to bean 'authorizer' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authorizer': FactoryBean threw exception on object creation; nested exception is org.springframework.ldap.AuthenticationNotSupportedException: [LDAP: error code 13 - confidentiality required]; nested exception is javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 - confidentiality required]
>         at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:666)
>         at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
>         at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366)
>         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1269)
>         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:551)
>         at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:481)
>         at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)
>         at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
>         at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308)
>         at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
>         at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761)
>         at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867)
>         at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543)
>         at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:443)
>         at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:325)
>         at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107){code}
> In authorizers.xml we added the line “{{<property name="Group Membership - Enforce Case Sensitivity">false</property>}}”, but beside of that at least the authorizers.xml is the same. Anybody an idea what could cause the error? 
> NiFi-5839 seems to be related to the property above. Other than that I found no change regarding LDAP authentication...
>  https://issues.apache.org/jira/browse/NIFI-5839
> Any help would be appreciated



--
This message was sent by Atlassian Jira
(v8.20.10#820010)