Created on 07-15-202012:18 PM - edited on 07-17-202003:06 AM by VidyaSargur
When NiFi is secured for TLS server authentication, at UI login time first it tries to use TLS certificates if loaded on the browser and then, it tries to use SPNEGO authentication, and finally, it falls back to your configured login provider.
If you KERBERISE the cluster via AMBARI and want to use login-providers like LDAP or KERBEROS, it automatically sets the following properties which enable SPNEGO authentication.
-s http or https
-l fqdn of ambari host
-t port number ambari is listening on
-n ambari cluster name ( you can get that from top right UI )
-u user that has edit privileges on ambari
-p the password for that user
-c the config type in this case nifi.properties
-k the key to change
-v the value to change
You can also do this for NiFi Registry with the following sample commands: