Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

NiFi v0.6.1 vs NiFi v1.5.0 - Provide access to users via NiFi UI

avatar
Contributor

Hi,

I am currently working on upgrading NiFi from v0.6.1 to v1.5.0.

One thing I noticed is that in v0.6.1, when a user tries to login to NiFi and doesn't have permissions to login, he will be routed to a new justification window as below and will be asked to provide justification for access. Once he provides justification, the user's username will be added to the list of users in NiFi UI saying that the request is pending. The admin can then login and provide the access to that user.

But in v1.5.0, when a user with insufficient permissions tries to login to NiFi, the UI is routed to a new window which says Insufficient Permissions but does not add the user id to the list of users for the admin to process the request.

Was this feature removed in latest versions of NiFi?

If so, why was it removed? If not, how can I enable it in v1.5.0?

1 ACCEPTED SOLUTION

avatar
Super Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login
14 REPLIES 14

avatar
Contributor

@Felix Albani @Timothy Spann can you please help me with this?

avatar
Super Mentor
hide-solution

This problem has been solved!

Want to get a detailed solution you have to login/registered on the community

Register/Login

avatar
Contributor

@Matt Clarke

so the only way to add new users is to login to NiFi as admin and then add the users via UI?

avatar
Super Mentor

@Harish Vaibhav Kali

Yes, unless you are using ldap and can setup a ldap sync to add the users for you.

avatar
Contributor

@Matt Clarke

Hi Matt,

Let's say if I have a list of users that have access to an instance of NiFi. Is there any way I can retain those users even after I re-install NiFi on that particular instance?

avatar
Super Mentor
@Harish Vaibhav Kali

Are we still talking about users created in a NiFi 0.x version being used in a NiFi 1.x+ version?
How user authorization is handled is different between each of those major release versions.

-

Lets assume you are working with purely NiFi 1.x+ versions.
There are three tightly couple files when it comes to user authorization (assuming you are using NiFi default file based authorizer):

1. users.xml <-- contains all user to which authorizations will be granted. Each user is assigned a unique UUID.

2. Authorizations.xml <-- Contains all authorization policies (some policies will be based off specific components uuids) User UUIDs are associated to one or more policies.

3. flow.xml.gz <-- contains all components add to NiFi and their configurations

-

So saving off these three files before your re-install your NiFi instance will allow you to put them back afterwards. Keep in mind that sensitive properties (i.e - passwords) in the flow.xml.gz file are encrypted using the sensitive props key set in the nifi.properties file. So you must use same sensitive props key on re-installed NiFi version or NiFi will fail to start because it cannot decrypt the sensitive props.

-

Thanks

Matt

avatar
Contributor

Hi Matt,

I know that when the users are added via NiFi UI, it reflects in the users.xml file. What I am asking is, if suppose I have added 10 users via NiFi UI and now I have 10 users in my users.xml file. So now can I use this users.xml file in future installations. If suppose I use the same users.xml in a new installation, will those 10 users be able to login to the newly installed NiFi?

avatar
Super Mentor

@Harish Vaibhav Kali

-

The users.xml only contains all the users and the UUID each has been assigned. It has nothing to do with authorizations for those users. While you can copy the users.xml file to another NiFi install which will result in those 10 users existing in that new NiFi, the authorizations for those 10 users will not exist on new server since the actual authorizations are stored in the authorizations.xml file.

-

Thanks,

Matt

avatar
Contributor

@Matt Clarke

So is there any way I can migrate the users I added manually via UI in one installation of NiFi to a different installation?

If so, how?

The reason I am asking this is because, I dont want to manually add the users everytime I reinstall NiFi