I am hoping to restrict access to the Nifi webpage. The documentation says in the authorize.xml we can connect it to ldap. But I only want to hardcode some users in the file. Can provide a sample of how this can be done?
Apache NiFi provides three authentication mechanisms: 2-way TLS/SSL, LDAP, and Kerberos. There is no provided authentication mechanism for checking users/passwords against a file.
The authentication provider, also called a "login identity" provider is pluggable and anyone can implement their own. You could look at how the other ones are implemented:
Ok so there are two different concepts, authentication and authorization. What I described in my answer was the authentication options, which is what identifies a valid use and allows them in to the application, so you need one of those as the starting point.
After authentication, then authorization takes places which is the process of determining what the user can do. The document you linked to is how HDF 1.2/Apache NiFi 0.x configured authorization. In the latest version of HDF/NiFi there is a pluggable authorizer, and NiFi provides two implementations, NiFi's internal authorizer and an authorizer that uses Apache Ranger. The latest doc would be here http://docs.hortonworks.com/HDPDocuments/HDF2/HDF-2.0.1/bk_administration/content/multi-tenant-autho... You can also implement your own authorizer.