Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

After Enabling the ssl in NIFI cluster its now showing up the user that logged into it ?

avatar
Contributor

nifi-ssl.pngI have enabled SSL in NIFI cluster everything is seems to good but after logging into one of node its not showing up the user its suppose to be ?

For reference I have attached a image...

Could someone help on this ?

1 ACCEPTED SOLUTION

avatar
Super Mentor

@Veerendra Nath Jasthi

-

Not sure I am following your question. The UI displays the user which is currently authenticated in to the UI.
-

Are you not expecting to see "CN=niifiadmin, OU=HORTONWORKS"? What are you expecting to see?
-

What forms of user authentication are you configured to use?
User/client certificate? <-- User name displayed in upper right comes from DN in user/client certificate
LDAP authentication? <-- User name can come from user DN in LDAP (USE_DN) or username entered in login window (USE_USERNAME)
Kerberos authentication? <-- User name comes from user entered principal. <user>@<domain> (so pretty sure you are not using kerberos for authentication.)

-

Thanks,

Matt

View solution in original post

10 REPLIES 10

avatar
Contributor

avatar
Super Mentor

@Veerendra Nath Jasthi

-

Not sure I am following your question. The UI displays the user which is currently authenticated in to the UI.
-

Are you not expecting to see "CN=niifiadmin, OU=HORTONWORKS"? What are you expecting to see?
-

What forms of user authentication are you configured to use?
User/client certificate? <-- User name displayed in upper right comes from DN in user/client certificate
LDAP authentication? <-- User name can come from user DN in LDAP (USE_DN) or username entered in login window (USE_USERNAME)
Kerberos authentication? <-- User name comes from user entered principal. <user>@<domain> (so pretty sure you are not using kerberos for authentication.)

-

Thanks,

Matt

avatar
Super Mentor

@Veerendra Nath Jasthi

*** Forum Tip: Please try to avoid responding to an existing Answer by starting a new Answer. This makes following multiple response threads difficult. Instead use "add comment" to respond to a posted answer.
-

The attached image shows that the user who is currently logged in as ""CN=niifiadmin, OU=HORTONWORKS". Your comment says you expect to see this and that is what is being shown, so I am little confused. Sorry if I am missing something here.

-
Are you saying that you expected the UI to instead show ""CN=niifiadmin, OU=CLOUD.HORTONWORKS.COM"?

-

The UI is only going to display what is presented in the certificate being used for authentication.

Try performing a verbose listing on your client certificate to see what the actual DN is.
-

Sharing your nifi-users.log, authorizers.xml, users.xml, and authorizations.xml files may shed some light on what is going on here.

also sharing the verbose output of your client cert would help.

-

Thanks,

Matt

avatar
Contributor

nifi-ssl-my-screen.pngI got you. the image I have attached is from different blog so like the image its not showing up for me when I am logged into any of nifi nodes.

The earlier image is reference and the one now I have attached is my screen shot .

I hope this clears your doubt & its my bad It wasn't clear in earlier posts .

avatar
Super Mentor

@Veerendra Nath Jasthi

The screenshot you just attached shows a non secure NiFi running over HTTP on port 9090. There is no user authentication that will occur for a unsecured NiFi. User authentication and authorization will only occur for a secured NiFi running over https.

Thanks,

Matt

avatar
Contributor

yup got it thanks.By mistake I have unchecked Enable SSL checkbox in NIFI config after checking back I could see them .

Thanks @Matt Clarke

avatar
Super Mentor

@Veerendra Nath Jasthi

Glad to hear we got this all worked out... 🙂
Please take a moment to login and click the "accept" link for this answer to close out the thread.

-

Thank you,
Matt

avatar
Contributor

I am expecting to see user name (CN=niifiadmin, OU=HORTONWORKS) at top right corner that I mentioned in the image of the first post.

I am using the User/client certificate that are generated by NiFi TLS-toolkit

avatar
Expert Contributor

What user are you seeing logged in? Is logged in user same as one defined in file authorizers.xml > "Initial Admin Identiry" ?