Created 10-25-2016 02:47 PM
Hi all,
In the WEB UI NFI, I can find where modifie the policies to have permission to list/empty queue
thanks for help.
Created on 10-25-2016 03:04 PM - edited 08-18-2019 06:07 AM
Want to get a detailed solution you have to login/registered on the community
Register/LoginCreated 10-25-2016 03:03 PM
I believe that "List Queue" would be a "View Data" policy on the source, and "Empty Queue" would be a "Modify Data" on the source component. Also keep in mind that if you are clustered, all of the nodes in the cluster also need to be part of this policy because all entities (users + machines) involved in the request need to be authorized for the data.
Created 07-24-2017 09:34 PM
Hi Bryan,
What Ranger's policy should be added for the "list queue" and "empty queue"? I tried /ViewData, /flowfile-queues, /View_Data but none of them works.
Thanks, SJ
Created 07-25-2017 01:04 PM
This question revolves around setting the correct file based authorizer permissions for listing and emptying queues.
Since you are using Ranger , I suggest starting a new question so as not add confusion as process is different.
Thanks,
Matt
Created 07-25-2017 01:28 PM
Hi Matt,
There is already one
Thanks
SJ
Created on 10-25-2016 03:04 PM - edited 08-18-2019 06:07 AM
Want to get a detailed solution you have to login/registered on the community
Register/LoginCreated 11-08-2020 11:07 AM
Thank you.
Created on 10-26-2016 09:21 AM - edited 08-18-2019 06:07 AM
Hi all
I've set 'admin nifi' in "view the data"
It's not work, I always permissions denied.
Admin Nifi contains my user, and all nifi nodes (nifi001..nifi004)
Created 10-26-2016 12:31 PM
view the data will give you the ability to list the queue, but will not give you the ability to empty the queue. You need to give yoru nodes and the user making teh request teh ability to "modify teh data" as well.
Created 10-26-2016 12:33 PM
If after adding "modify the data" policy it still does not work, check the nifi-user.log to see what entity it is having permissions problems with? Did you set processor level policies on the processors on each side of this queued connection?