Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

After Enabling the ssl in NIFI cluster its now showing up the user that logged into it ?

avatar
author-rank Jasthi
Contributor

Created ‎05-10-2018 02:23 PM

nifi-ssl.pngI have enabled SSL in NIFI cluster everything is seems to good but after logging into one of node its not showing up the user its suppose to be ?

For reference I have attached a image...

Could someone help on this ?

3,177 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎05-10-2018 02:34 PM

@Veerendra Nath Jasthi

-

Not sure I am following your question. The UI displays the user which is currently authenticated in to the UI.
-

Are you not expecting to see "CN=niifiadmin, OU=HORTONWORKS"? What are you expecting to see?
-

What forms of user authentication are you configured to use?
User/client certificate? <-- User name displayed in upper right comes from DN in user/client certificate
LDAP authentication? <-- User name can come from user DN in LDAP (USE_DN) or username entered in login window (USE_USERNAME)
Kerberos authentication? <-- User name comes from user entered principal. <user>@<domain> (so pretty sure you are not using kerberos for authentication.)

-

Thanks,

Matt

View solution in original post

3,066 Views
10 REPLIES 10

avatar
author-rank Jasthi
Contributor

Created ‎05-10-2018 02:26 PM

@Arti Wadhwani

2,883 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎05-10-2018 02:34 PM

@Veerendra Nath Jasthi

-

Not sure I am following your question. The UI displays the user which is currently authenticated in to the UI.
-

Are you not expecting to see "CN=niifiadmin, OU=HORTONWORKS"? What are you expecting to see?
-

What forms of user authentication are you configured to use?
User/client certificate? <-- User name displayed in upper right comes from DN in user/client certificate
LDAP authentication? <-- User name can come from user DN in LDAP (USE_DN) or username entered in login window (USE_USERNAME)
Kerberos authentication? <-- User name comes from user entered principal. <user>@<domain> (so pretty sure you are not using kerberos for authentication.)

-

Thanks,

Matt

3,067 Views

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎05-10-2018 04:57 PM

@Veerendra Nath Jasthi

*** Forum Tip: Please try to avoid responding to an existing Answer by starting a new Answer. This makes following multiple response threads difficult. Instead use "add comment" to respond to a posted answer.
-

The attached image shows that the user who is currently logged in as ""CN=niifiadmin, OU=HORTONWORKS". Your comment says you expect to see this and that is what is being shown, so I am little confused. Sorry if I am missing something here.

-
Are you saying that you expected the UI to instead show ""CN=niifiadmin, OU=CLOUD.HORTONWORKS.COM"?

-

The UI is only going to display what is presented in the certificate being used for authentication.

Try performing a verbose listing on your client certificate to see what the actual DN is.
-

Sharing your nifi-users.log, authorizers.xml, users.xml, and authorizations.xml files may shed some light on what is going on here.

also sharing the verbose output of your client cert would help.

-

Thanks,

Matt

2,883 Views
0 Kudos

avatar
author-rank Jasthi
Contributor

Created ‎05-10-2018 05:06 PM

nifi-ssl-my-screen.pngI got you. the image I have attached is from different blog so like the image its not showing up for me when I am logged into any of nifi nodes.

The earlier image is reference and the one now I have attached is my screen shot .

I hope this clears your doubt & its my bad It wasn't clear in earlier posts .

2,883 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎05-10-2018 05:16 PM

@Veerendra Nath Jasthi

The screenshot you just attached shows a non secure NiFi running over HTTP on port 9090. There is no user authentication that will occur for a unsecured NiFi. User authentication and authorization will only occur for a secured NiFi running over https.

Thanks,

Matt

2,883 Views
0 Kudos

avatar
author-rank Jasthi
Contributor

Created ‎05-10-2018 05:26 PM

yup got it thanks.By mistake I have unchecked Enable SSL checkbox in NIFI config after checking back I could see them .

Thanks @Matt Clarke

2,883 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎05-10-2018 05:29 PM

@Veerendra Nath Jasthi

Glad to hear we got this all worked out... 🙂
Please take a moment to login and click the "accept" link for this answer to close out the thread.

-

Thank you,
Matt

2,883 Views
0 Kudos

avatar
author-rank Jasthi
Contributor

Created ‎05-10-2018 02:40 PM

I am expecting to see user name (CN=niifiadmin, OU=HORTONWORKS) at top right corner that I mentioned in the image of the first post.

I am using the User/client certificate that are generated by NiFi TLS-toolkit

2,883 Views
0 Kudos

avatar
author-rank umair_khan
Expert Contributor

Created ‎05-10-2018 04:23 PM

What user are you seeing logged in? Is logged in user same as one defined in file authorizers.xml > "Initial Admin Identiry" ?

2,883 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements