You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@nifi.apache.org by Etienne Jouvin <la...@gmail.com> on 2020/12/10 15:03:02 UTC
GUI functions not available in secure / cluster instance
Hello all.
Strange behaviour on the GUI.
For background, I have 3 nodes in cluster.
Authentication based on LDAP.
Groups based also on LDAP.
In nifi.properties
nifi.security.allow.anonymous.authentication=false
And with this, when I want to access the advanced setting of
UpdateAttribute :
[image: image.png]
In web console, I can see permission denied on ressources:
[image: image.png]
Same when I want to display the flowfile content :
[image: image.png]
I must put in nifi.properties
nifi.security.allow.anonymous.authentication=true
To have access to those functions.
So in my understanding, when I have secure instance, I must allow anonymous
authentication.
Etienne
Re: GUI functions not available in secure / cluster instance
Posted by Etienne Jouvin <la...@gmail.com>.
Ok.
Thanks a lot.
(By the way I keep in mind to document my problem with certificate and so
on)
Etienne
Le ven. 11 déc. 2020 à 16:54, Pierre Villard <pi...@gmail.com>
a écrit :
> This is a known problem and, for now, the workaround is to set:
>
> nifi.security.allow.anonymous.authentication=true
>
> The property name is unfortunately misleading. This does not change
> anything in terms of security. What it means is that static content of the
> UI (css, js, png, etc) can be accessed without the authentication token.
> There are discussions to find a solution for this.
>
> Thanks,
> Pierre
>
> Le jeu. 10 déc. 2020 à 16:03, Etienne Jouvin <la...@gmail.com> a
> écrit :
>
>> Hello all.
>>
>> Strange behaviour on the GUI.
>> For background, I have 3 nodes in cluster.
>> Authentication based on LDAP.
>> Groups based also on LDAP.
>>
>> In nifi.properties
>> nifi.security.allow.anonymous.authentication=false
>>
>> And with this, when I want to access the advanced setting of
>> UpdateAttribute :
>> [image: image.png]
>> In web console, I can see permission denied on ressources:
>> [image: image.png]
>>
>> Same when I want to display the flowfile content :
>> [image: image.png]
>>
>> I must put in nifi.properties
>> nifi.security.allow.anonymous.authentication=true
>>
>> To have access to those functions.
>>
>> So in my understanding, when I have secure instance, I must allow
>> anonymous authentication.
>>
>> Etienne
>>
>>
>>
Re: GUI functions not available in secure / cluster instance
Posted by Pierre Villard <pi...@gmail.com>.
This is a known problem and, for now, the workaround is to set:
nifi.security.allow.anonymous.authentication=true
The property name is unfortunately misleading. This does not change
anything in terms of security. What it means is that static content of the
UI (css, js, png, etc) can be accessed without the authentication token.
There are discussions to find a solution for this.
Thanks,
Pierre
Le jeu. 10 déc. 2020 à 16:03, Etienne Jouvin <la...@gmail.com> a
écrit :
> Hello all.
>
> Strange behaviour on the GUI.
> For background, I have 3 nodes in cluster.
> Authentication based on LDAP.
> Groups based also on LDAP.
>
> In nifi.properties
> nifi.security.allow.anonymous.authentication=false
>
> And with this, when I want to access the advanced setting of
> UpdateAttribute :
> [image: image.png]
> In web console, I can see permission denied on ressources:
> [image: image.png]
>
> Same when I want to display the flowfile content :
> [image: image.png]
>
> I must put in nifi.properties
> nifi.security.allow.anonymous.authentication=true
>
> To have access to those functions.
>
> So in my understanding, when I have secure instance, I must allow
> anonymous authentication.
>
> Etienne
>
>
>