Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Secure NIFI 1.12.1 Untrusted Proxy

avatar
author-rank Kilynn
Contributor

Created ‎01-06-2021 12:56 PM

First let me say I've searched the board and I've seen the responses and I have a dilemma. Before my cluster establishes I can connect to my servers leveraging Initial Admin and the p12 that I've created.

 

I've verified that all of my nodes are in my authorizations.xml file and reference my users.xml accurately as /proxy resources

 

Kilynn_0-1609966093650.png

If I'm not attached to a node prior to joining the cluster the error appears like this

Kilynn_1-1609966166756.png

After clustering is complete attempt to connect yields the following response in the nifi-users.log

2021-01-06 20:38:38,206 WARN [NiFi Web Server-157] o.a.n.w.a.c.IllegalStateExceptionMapper java.lang.IllegalStateException: Kerberos ticket login not supported by this NiFi.. Returning Conflict response.
java.lang.IllegalStateException: Kerberos ticket login not supported by this NiFi.

I don't know where to go from here

957 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Kilynn
Contributor

Created ‎01-06-2021 02:29 PM

Well, I didn't RATW's...

My issue was NOT that my Initial Admin was wrong in the authorizers.xml file.  It was that my nodes weren't specified with a space between the , and the OU.

 

Make sure your authorizers.xml is EXACTLY as is created when you create your certificates... if you have issues stop NIFI fix the issue, delete users.xml and authorizations.xml and then restart NIFI.

 

Nothing to see here move along.

View solution in original post

938 Views
0 Kudos
1 REPLY 1

avatar
author-rank Kilynn
Contributor

Created ‎01-06-2021 02:29 PM

Well, I didn't RATW's...

My issue was NOT that my Initial Admin was wrong in the authorizers.xml file.  It was that my nodes weren't specified with a space between the , and the OU.

 

Make sure your authorizers.xml is EXACTLY as is created when you create your certificates... if you have issues stop NIFI fix the issue, delete users.xml and authorizations.xml and then restart NIFI.

 

Nothing to see here move along.

939 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements