Support Questions
Find answers, ask questions, and share your expertise

Multi user configuration in Nifi, how to?

Rising Star

Hello all,

I do not know how to configure multi users on 3 nodes Nifi Cluster:

Currently, i use the following to generate client & server certificates using TLS toolkit:

./tls-toolkit.sh standalone -B password -C 'CN=nifiadmin, OU=NIFI' -n 'node1,node2,node3' --nifiDnPrefix 'CN=' --nifiDnSuffix ', OU=NIFI' -o /shared_folder/vm_shared/certs_100722/ -K password -P password -S password

 

I want to configure 3 users for this 3 nodes cluster.

Your help would be greatly appreciated.

Thank you.

1 ACCEPTED SOLUTION

Master Guru

@rafy 
Once you have created the certificates for your other two users as @DigitalPlumber suggested, you would need to connect to your NiFi as the admin user you setup during initial securing of your NiFi and these two new users via the NiFi global menu (upper right corner) --> Users.   Then you would need to authorize those new user identities against any policies needed for them to perform the actions you want them to be allowed. 
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#config-users-access-policies

 

Hope this helps,

Matt

View solution in original post

3 REPLIES 3

Rising Star

Hi @rafy please refer to the user authentication portion of this doc:

https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user_authentication
Given that you are familiar with the toolkit and you only want to autheticate 3 users, then creating 3 user certs is simplest approach.
Just have them add the created certs to their browser.

 

Master Guru

@rafy 
Once you have created the certificates for your other two users as @DigitalPlumber suggested, you would need to connect to your NiFi as the admin user you setup during initial securing of your NiFi and these two new users via the NiFi global menu (upper right corner) --> Users.   Then you would need to authorize those new user identities against any policies needed for them to perform the actions you want them to be allowed. 
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#config-users-access-policies

 

Hope this helps,

Matt

Rising Star

Thank you sir. I was able to generate more users/client certificates by specifying multiple "-C CN=user1, OU=nifi" in addition to the initial command i have.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.