Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

User authentication without LDAP or Kerberos

Solved Go to solution
Highlighted

User authentication without LDAP or Kerberos

Expert Contributor

Hello,

Is there a way to setup NiFi (HDF 0.x) to do user authentication through a local authentication? In the documentation the only examples that can be provided for the property:

nifi.security.user.login.identity.provider are ldap-provider and kerberos (both are not configured atm)

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: User authentication without LDAP or Kerberos

There is no local authentication. NiFi provides authentication with 2-way SSL (certificates), Kerberos, or LDAP.

You can also implement your own identity provider to authenticate users however you like:

https://github.com/apache/nifi/blob/d1129706e235548daaf4eecf7001b244300761e9/nifi-framework-api/src/...

You would create a NAR with your implementation and put it in NiFI lib.

View solution in original post

3 REPLIES 3
Highlighted

Re: User authentication without LDAP or Kerberos

There is no local authentication. NiFi provides authentication with 2-way SSL (certificates), Kerberos, or LDAP.

You can also implement your own identity provider to authenticate users however you like:

https://github.com/apache/nifi/blob/d1129706e235548daaf4eecf7001b244300761e9/nifi-framework-api/src/...

You would create a NAR with your implementation and put it in NiFI lib.

View solution in original post

Highlighted

Re: User authentication without LDAP or Kerberos

Expert Contributor

Great, thanks for the quick response

Re: User authentication without LDAP or Kerberos

Contributor

What do you mean by local authentication? Using Kerberos authentication, Apache NiFi supports using a local ticket via SPNEGO.

Apache NiFi 0.x (which maps to HDF 1.x) supports authentication using client certificates, LDAP, and Kerberos. This also applies to Apache NiFi 1.x.

Don't have an account?
Coming from Hortonworks? Activate your account here