Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Template import error

Labels:
avatar
author-rank linssab
Contributor

Created on ‎07-07-2022 03:41 AM - edited ‎07-07-2022 03:51 AM

I am trying to import an *.xml template made with NiFi version 1.13.2 into a 1.14 version client (in docker).

When trying to upload the *.xml file with the Upload Template button under the Operate panel, I get the following error message:

 

<html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 403 Forbidden</title> </head> <body><h2>HTTP ERROR 403 Forbidden</h2> <table> <tr><th>URI:</th><td>/nifi-api/process-groups/8f8e29ed-0181-1000-d7d0-76467ebfce01/templates/upload</td></tr> <tr><th>STATUS:</th><td>403</td></tr> <tr><th>MESSAGE:</th><td>Forbidden</td></tr> <tr><th>SERVLET:</th><td>jerseySpring</td></tr> </table> <hr><a href="https://eclipse.org/jetty">Powered by Jetty:// 9.4.42.v20210604</a><hr/> </body> </html>

 

I have never seen this error before. Any clue of what the problem is?

1,821 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank DigitalPlumber author-rank
Expert Contributor

Created ‎07-07-2022 09:17 AM

@linssab I am not well versed with the docker aspect of this however I see this:

GET http://localhost:8443/nifi-api/flow/current-user

That is going to http

 

I feel the reason this is happening is because you have this in your yaml file:

ports:
            - '8443:8080'
        cpus : 2
        mem_limit: 2G
        mem_reservation: 2G
        environment:
            - NIFI_WEB_HTTP_PORT=8080

That to me tells me that anything going in on 8443 route it to 8080 and 8080 is set on nifi.properties as the value for nifi.web.http.port= because you are passing in through your yaml file:

NIFI_WEB_HTTP_PORT=8080

I recommend that you change 

ports:
            - '8443:8080'

to

ports:
           - '8443:8443'


AND

environment:
            - NIFI_WEB_HTTP_PORT=8080

to

environment:
            - NIFI_WEB_HTTPS_PORT=8443

 

notice the "S" in HTTP<S>

 

Then NiFi should start up securely and you will get a login page where you can pass it the values you set for:

- SINGLE_USER_CREDENTIALS_USERNAME=
- SINGLE_USER_CREDENTIALS_PASSWORD=

View solution in original post

1,767 Views
4 REPLIES 4

avatar
author-rank DigitalPlumber author-rank
Expert Contributor

Created ‎07-07-2022 06:46 AM

Hello,

 

Is the NiFi secure? What do you see in app and user log?

1,793 Views
0 Kudos

avatar
author-rank linssab
Contributor

Created ‎07-07-2022 07:13 AM

Hey @DigitalPlumber

Yes, it is "secure". It's a very simple docker image with SINGLE_USER_AUTHENTICATION and a PROPS_KEY. 
The user log shows me anonymous user, which may be the cause of the problem. However, I fail to understand (and sorry the ignorance with NiFi auth methods) how to properly login as an user. NiFi does not prompt me an username or password when accessing the canvas.

 

2022-07-07 12:47:01,537 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<anonymous>) GET http://localhost:8443/nifi-api/flow/current-user (source ip: 172.21.0.1)                                       
2022-07-07 12:47:01,541 INFO [NiFi Web Server-20] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for anonymous

 
Just in case I'm adding the docker-compose yaml file link here

1,784 Views
0 Kudos

avatar
author-rank DigitalPlumber author-rank
Expert Contributor

Created ‎07-07-2022 09:17 AM

@linssab I am not well versed with the docker aspect of this however I see this:

GET http://localhost:8443/nifi-api/flow/current-user

That is going to http

 

I feel the reason this is happening is because you have this in your yaml file:

ports:
            - '8443:8080'
        cpus : 2
        mem_limit: 2G
        mem_reservation: 2G
        environment:
            - NIFI_WEB_HTTP_PORT=8080

That to me tells me that anything going in on 8443 route it to 8080 and 8080 is set on nifi.properties as the value for nifi.web.http.port= because you are passing in through your yaml file:

NIFI_WEB_HTTP_PORT=8080

I recommend that you change 

ports:
            - '8443:8080'

to

ports:
           - '8443:8443'


AND

environment:
            - NIFI_WEB_HTTP_PORT=8080

to

environment:
            - NIFI_WEB_HTTPS_PORT=8443

 

notice the "S" in HTTP<S>

 

Then NiFi should start up securely and you will get a login page where you can pass it the values you set for:

- SINGLE_USER_CREDENTIALS_USERNAME=
- SINGLE_USER_CREDENTIALS_PASSWORD=
1,768 Views

avatar
author-rank araujo author-rank
Super Guru

Created ‎07-07-2022 03:42 PM

@linssab ,

 

You are probably running into this issue described in NIFI-9241, which has been fixed on NiFi 1.15.

 

Cheers,

André

 

--
Was your question answered? Please take some time to click on "Accept as Solution" below this post.
If you find a reply useful, say thanks by clicking on the thumbs up button.
1,751 Views
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements